With our Transformational CISO Assembly approaching, Digital Diary sat down with one of our sponsors, Sertainty, to gain a first-hand insight into the depths of cyber attacks and the measures that enterprises can go to in order to incorporate cybersecurity into business plans.
Cyberspace has not been defensible, since its inception! The Internet has evolved into an innovative global network connecting computers, systems, and data to nearly every person on the planet.
This connectivity has led to disruptive cyber attacks on our critical infrastructure and Intellectual Property by state and non-state actors through malware and techniques designed to defeat our computer networks. These attacks have, largely, been left with impunity due to our reluctance to react for fear of escalation; even if an origin has been traced and harm assessed, this is an asymmetrical warfare that blurs our line of sight.
Cyber attacks are becoming more frequent. How can C-Level leaders not just be reactive but proactive when it comes to securing their businesses?
The cost of defending cyber attacks continues to escalate due to companies maintaining a Depth-in-Defense strategy – the Perimeter – which is a static and controlled corporate environment – whilst juggling a corporate transformation associated with mobility and cloud computing. Traditional controls such as firewalls, proxy servers, and anti-malware can identify and attempt to counter threats only after they hit the network or end-points. E-mails, IP addresses, and Hash Values, weak passwords, are all prone to attacks because they retain their meaning in the context of an intrusion delivered through data files – such as a PDF or DOCX.
Gartner has projected that over twenty-five percent of data traffic will bypass the Perimeter, this coming year, to enable roaming workers to access to their data on an anytime / anywhere, just-for-me, mode. The corollary of it is a very porous environment for hackers, cybercriminals, and state-actors, to harvest identities, financial information, as well as, engage in ransomware and sabotage.
The ratio of Offense-to-Defense, according to the NY Times, is at $1: 1,000, in favor of the Offense. The Days-to-Mitigate breaches keep on rising and have now surpassed the 200-day mark, according to the Verizon Data Breach Investigations Report (hereinafter, DBIR) and the Ponemon Institute. What exacerbates matters, further, is the increase in the Days-to-Dwell due to the activities of Nation-States and their proxies seeking to spy, mostly, in the Manufacturing and Public sectors, in-order-to exfiltrates economic and military secrets. (Days-to-Dwell constitute the resources and training that are the adversarial makeup of an Advanced Persistent Threat – which can go on for years and\or morph into a “Zero-Day Attack,” in an instant – a weekly affair according to the ‘2017 DBIR.)
Any board seeking to protect its reputation and brand(s) should revisit and assess its own makeup and its abilities to assess Techniques, Processes, and People (TTP), since checklist-based security programs, especially when tied to compliance requirements rather than actual risk, often fail to keep pace with innovative technologies. Defense reliant on checklist-driven protection, and auditing procedures cannot compete against adversaries utilizing Artificial Intelligence to harvest information that’s mobile or online (B:B or B:C). Hence, any top-down decision-making, that is locked to a checklist, has been inhibited from taking proper actions or applying sound judgment.
What advice do you have for C-Level executives looking to stay ahead of cyber attacks and new technology threats and vulnerabilities?
A functioning Board and its “C” Suite should migrate out of a “Check-List mindset, attributed to the NIST Common Cybersecurity Standards, such as the NIST 27001 or the top twenty controls mandated by the Council in Cybersecurity, and figure out ways to shift from identifying and prioritizing risk to re-architecting the Offense-to-Defense Balance (ODB) in favor of the Defense. Being proactive means assessing what constitutes the lowest attack surface on an enterprise, today, and factor making Data an end-point and a participant in its own protection and governance to negate vulnerabilities (leaks, loss, theft) along its consumption or storage. In a word, make Data the New Perimeter!
- Tactics: Make people the first line of defense. Assign Board Members with cybersecurity backgrounds…Create a Communications Plan and Train, through Corporate Universities, on how to overcome social engineering and Phishing attacks designed to harvest identities and financial information, at any level.
- Segregate backups\servers and only keep high valued data to avoid ransomware.
- Monitor log files, Patch, and Report.
- Encrypt and make data useless, if stolen.
- Ensure the best instrumentation to predict behaviors and counter fileless, malware-free attacks, that enable Advance Persistent Threats and Zero-Day attacks.
The key-takeaway, for those in charge of protecting a business, is to consider how to secure data and authorize its touch-points, during its life-span.
Thank you Sertainty for joining us on Digital Diary and for all of your insights! You can meet Sertainty at our upcoming Transformational CISO Assembly to gain first-hand insights into the world of cybersecurity.
The Millennium Alliance is thrilled to present our bi-annual Transformational CISO Assembly, taking place this year on May 9-10, 2018 at the Hutton Hotel in Nashville, TN.
This premier gathering will address the most important IT security priorities of 2018 and identify new opportunities to lead an IT Security Transformation. Through a cutting-edge program designed by the industry, for the industry, we will provide the freshest and up-to-date insight that will move your organization to the next level. A series of executive education roundtables, keynote presentations, collaborative think tanks, educational workshops, and networking sessions will offer industry-specific topics and trends to ensure your company sustains its competitive advantage.
This is not just another “IT Security” event. If you are the Chief Information Security Officer, Chief Information Officer, Chief Security Officer, Chief Risk Officer or the Chief Privacy Officer, then you should be attending this event.
Spaces are reserved for the best in the business. Reserve your seat here!