A National Cybersecurity Action Plan is a Serious Priority

We cannot allow this slow economic bleed of our economy to continue. It slows down and even reverses living standards. We simply cannot invest billions into research and development and have it siphoned from us with a few clicks. There is no justifiable reason to let this happen anymore. Smart and competent people have been sounding the alarm bells for some time, but they need more voices to back them.

Expectedly, our cybersecurity issues are growing.  We say expectedly for a variety of factors including, but not limited to: size and scope of breaches, increasing costs that cannot be accurately estimated or predicted, a proliferation of technologies and abilities, and geopolitical tensions. Given current conditions, we do not see a particularly bright future if our current cybersecurity strategy remains more or less constant.

What is our current strategy? In short, it is the accumulation of a lot of expensive toys to hold together decaying infrastructure, along with a healthy dose of the putting aside or worse, ignoring, the basics. In short, we look to more technological solutions, but we avoid the single greatest problem: our decisions. The growing track record of failures demonstrates that this “technology-heavy” approach is not working.

The underlying problem with this strategy is that it is simply untenable unless there is some revolutionary technology that completely changes the landscape. And while we do think artificial intelligence and quantum computing will be game-changing, we do not necessarily believe they will solve all our problems. Poor handling and implementation of these two technologies may, in fact, accelerate our demise. Therefore, we cannot continue to throw what limited resources we have at supposed technological wizardry, fixes, and repairs when the root of our deepest problems are inherently insecure systems, poor maintenance, and social engineering. Continue reading “A National Cybersecurity Action Plan is a Serious Priority”

Cybersecurity: A fiduciary duty

This plague has only increased and has prompted much research and writing on cybersecurity best practices (including by us) settling on, at the very least, one or more best practices designed to lessen (if not entirely mitigate) the effects of ransomware.

The recent WannaCry ransomware exploit brought into full view several factors that terrify many companies and their boards of directors. Why? Because these directors are charged with the fiduciary duty of overseeing the cyber risk preparations and defences of their companies for their shareholders.

In today’s environment, this presents quite a challenge for companies and boards alike. Security has always been a challenge because the defender must be right 100 per cent of the time and an attacker needs only one lucky shot. Effective cyberattacks can involve factors, such as:

1. A ‘zero-day’ or previously unknown software exploit (or vulnerability) that even advanced IT departments could not have reasonably planned for

2. An exploit that encrypts files when enabled or executed, and will not give the files back unless a ransom is paid

3. A public relations nightmare trying to explain to third parties, regulators (and in the case of WannaCry, hospital patients) why service levels dropped (i.e. evaporated) due to lack of properly segmented back-up recovery media and/or less than rigorous implementation of standard patches for older operating systems. Continue reading “Cybersecurity: A fiduciary duty”

The #CyberAvengers Playbook

The Non-Technical, No Nonsense Guide For Directors, Officers, and General Counsels

Cybersecurity, as many organizations practice it today, is broken. Everybody is feeling the pressure as competitors and partners alike dread a breach. Leadership can’t be left in the dark due to technobabble, a lack of resources, or excuses as to why cyber risk cannot be measured.

FireEye is proud to support the new eBook, The #CyberAvengers Playbook: Doing the Little Things (and Some of the Big Things) Well (2017 Edition). This short guide is designed to give you actionable items that could help any organization improve its cybersecurity posture.

Download the eBook and pick up the following tips from the #CyberAvengers:

  • Oversight duties: Learn to view risk from an enterprise perspective in an era where accountability and fallout costs are surely going to grow.
  • Cyber risk: Why it matters and how to wisely spend your limited resources.
  • Communication gaps: Cybersecurity is not an IT-only issue, so do not be afraid to speak your mind. We show you which questions to ask.
  • Response and continuity: Even the best-tested plans can go out the window during a time of crisis. Learn to minimize the fallout.
  • What’s happening in 2017 and what to expect in 2018: From the ransomware scare to the General Data Protection Regulation (GDPR) coming into effect, business is becoming more expensive. We try to help you save wherever you can.

The Gamification Trend in Cybersecurity

Of course there is a real science to gamification and the many algorithms that create a scenario for the players. The values of lessons learned for the cybersecurity community in conducting such exercises can create working models that will pay dividends for everyone connected, improving competiveness for industry and better security overall.

For many years the defense and intelligence communities have relied upon a concept called gamification to test concepts, strategies, and potential outcomes in various scenarios via computer simulation. They have found that gamification heightens interest of the players involved and serves as a stimulus for creativity and interchange of ideas which is vital for keeping an edge. As computers have become faster and more capable and data gathering abilities have has exponentially grown, gamification has become a “go to” process for many involved in the security community. Continue reading “The Gamification Trend in Cybersecurity”

Bringing Clarity to Really Really Big Data: A Case for AI and Machine Learning to Help Crunch and Protect Our Data

Let’s start with this basic concept: today, “data” is everything. Both personally and professionally, much of our lives have been converted into a bunch of zeroes and ones. Our reliance on data has never been greater and is only certain to grow, especially with the explosion of the Internet of Things (IoT).

It’s funny how kids have an affinity for toys we enjoyed as kids – like Legos. They will spend hours creating the biggest “thing,” often leading to a parent’s near universal response, “Johnny! That is the biggest tower I have ever seen! Great job!” Children (and we) love Legos because they foster imagination, offering a limitless way to create something “gigantic!” And in a more practical sense, Legos sometimes give us a great perspective on the important concept of “scale.”

As counsellors and consultants, replicating the “scale” issue as it relates to the respective data, information and network security problems is a challenge. Unfortunately, “layperson” directors and officers of public companies, along with executives in government, tend to view “scale” (as it pertains to data protection) as a bad thing (and even a scary thing). Part of the challenge here is that there are few practical ways to explain to those holding these positions that an organization’s security operations center may receive upwards of one million “incidents “every day and, at the same time, adequately deal with, and investigate, the potential peril inherent in such incidents, and reasonably assure that not even one of these small incidents slips between the cracks. Continue reading “Bringing Clarity to Really Really Big Data: A Case for AI and Machine Learning to Help Crunch and Protect Our Data”

Using Cognitive Security to Fight the Cybersecurity Borg

We are the Borg. You will be assimilated. Resistance is futile.

Organizations today find themselves in a situation not unlike that of the Enterprise crew in “Star Trek.” They are facing a formidable, technologically advanced enemy capable of taking over key components of the organization. In one episode of “Star Trek,” in fact, the Borg collective takes control of Captain Jean-Luc Picard himself, to the horror of his crew. Continue reading at SecurityIntelligence.com

A Human’s Role in an AI-Dominated Cybersecurity World

To think that “more technology” will make us “more secure” – especially if we start to sacrifice basic Internet survival skills…like being able to identify a spearphishing attack…because that had no influence on aaanything in 2016, did it? – we run the risk on having a long-term problem that we may not be able to untangle ourselves from so easily…or ever.

Hello again! It’s been a while, but with the flurry of stories surrounding the Presidential election, I made a conscious decision to stay away from writing.  As of this past weekend, many of you have heard of further claims of foreign interference in the election.  And, as the title of this post suggests, I will not be talking about that!

Fake news, foreign interference, protection of information, conflicting reports, ascertaining intent, spearphishing attacks, typos, and so on will be talked about in one of my later posts, probably early 2017. Despite the hype, I’m actually trying to let the dust settle a bit, in order to present a clearer picture (I hope). Continue reading “A Human’s Role in an AI-Dominated Cybersecurity World”

Pivoting Toward Cognitive Security: Benefits and Challenges

Are you ready for cognitive security?

The world we live in today presents enormous challenges and opportunities. Even though organizations have improved their security posture, attackers are still making quick work of getting in and stealing stuff.

Security leaders point to the incremental improvements they have made to increase their incident response capabilities and response times. But while defenders are making progress, albeit slow progress, attackers are keeping ahead, both in terms of attack frequency and their ability to evolve their approaches to thwart defenses and responders. Continue reading at SecurityIntelligence.com

Cognitive Security Key to Addressing Intelligence and Accuracy Gaps

“Security analysts are expensive resources. In many organizations, they are overwhelmed with work. Alerts are triaged so that only the most serious get worked. Many alerts don’t get worked at all. That means that some security incidents are never investigated, leaving gaps in threat detection.” — Joseph Blankenship, Senior Analyst at Forrester Research

According to a recent report by IBM’s Institute for Business Value (IBV) titled “Cybersecurity in the Cognitive Era: Priming Your Digital Immune System,” security leaders hope to employ cognitive solutions to address a speed gap, an intelligence gap and an accuracy gap when it comes to their ability to detect, analyze, respond to and recover from security incidents. Continue reading at SecurityIntelligence.com

The Role of Cognitive Security in Addressing the Incident Response Speed Gap

“The number one challenge for security leaders today is reducing average incident response and resolution times.” — IBM IBV Cognitive Security Report

In November, IBM’s Institute for Business Value (IBV) released a report titled “Cybersecurity in the Cognitive Era: Priming Your Digital Immune System.” The report provides insights gleaned from a study of over 700 security leaders from across the globe and seeks to uncover the security challenges organizations face, all while shedding light on how to address them. The study also evaluated the impact of cognitive security solutions and gauged the industry’s current level of readiness for the oncoming cognitive era. Continue reading at SecurityIntelligence.com