[BreachExchange] What is the Future of Cybersecurity?
Destry Winant
destry at riskbasedsecurity.com
Wed Oct 16 10:02:50 EDT 2019
https://hackercombat.com/what-is-the-future-of-cybersecurity/
We all know of the exponential growth of cybercrimes. The question now
is, how do we stay ahead of a possible data breach? Some experts in
the commercial real estate have their say on what’s in store for
cybersecurity.
We’ve heard of the recent Capital One hacking. A person was able to
access its 100 million credit card applications and customer accounts
single handedly. Various real estate executives started scrutinizing
their systems and data to determine how safe they are against cyber
intrusions. By 2021, cybercrime damages can reach trillions around the
world, so businesses need to be on top of the situation.
The acceleration of building processes and functions automation also
increased the need for cybersecurity. The continuous takeover of the
Internet of Things also pushed more information to the cloud. However,
machine learning and artificial intelligence have become more
efficient, thus decreasing the potential of human error. Consequently,
they also increased the possibility of cyber threats. Since building
technology changes each day, what then happens to cybersecurity?
Cybersecurity isn’t only a concern for computers and smartphones; but,
of the entire infrastructure. The commercial real estate industry
often overlooks the security of their physical assets and focuses on
the interconnected devices of their employees only. Building cyber
invasions have been occurring rampantly, and many operators and owners
only decide to spend money on cybersecurity when hackers wreak havoc
on their business.
A hacker can change the security systems, open or lock some doors, or
shut down the electricity. Building owners prioritize cybersecurity
when it’s too late. In the 2019 Cost of a Data Breach Report by IBM,
it reported that it takes about 279 days to determine and control a
breach. On the other hand, the lifecycle of a cyber-attack takes
around 314 days.
Today, hackers perform sophisticated attacks and not only infiltrate
technology and machines. Phishing schemes are after high-level deal
makers and executives. A cybercriminal may write to a manager to
inform him that they haven’t received the payment for a transaction he
closed recently. Organizations may not be liable in this example, but
the scenario is a poor reflection on them. They may have future
problems handling transactions.
In the recent Commercial Real Estate Outlook released by Deloitte, it
found out that the top three effects of cybersecurity breaches are:
damage to reputation
financial fraud and theft
identity theft.
What’s missing?
According to experts, the only way to reduce the cyber-attack risks on
businesses and assets is to invest in an appropriate cybersecurity
program. IBM estimated the total cost of a data breach to about $3.9
million. Forming an incident response team and using encryption can
lessen the impact of a massive hack by about $360,000.
The success of a cybersecurity program relies on having a sustainable
plan to address specific risks to the organization. Although real
estate companies aren’t in the business of cybersecurity, they still
must determine the risks, limitations, and budgets in countering any
cyber-attacks.
In a Deloitte survey, respondents reported the top three challenges of
cybersecurity management:
rising complexities and accelerated IT changes
lack of administration detailed response
ineffective security fixes due to interoperability and functionality issues
Extensive prevention programs don’t need to be complicated. Executives
must see cybersecurity as a timeline and not as a simple one-time
incident.
Conventional IT organizations always assess different industries, but
no one talks about the operational technology of buildings and their
risks. Moreover, operators and owners must be proactive instead of
reactive in their efforts to prepare against cyber-attacks, so
cybersecurity standards must conform to the continually evolving
building technology. Therefore, board members and leaders must be in
the loop to create a close alignment with the business strategy. Also,
they need to conduct cyber risk assessments and scenario planning and
ensure employee awareness of their responsibilities. Everyone must
practice vigilance.
The significance of cybersecurity will continue to evolve as a threat,
and business scenarios continue to become more complex. Moreover,
regulatory oversight and functions can take a more active role and
must cut across geographies.
The Cybersecurity Outlook
The compelling question is, “who should be the most responsible for
the cybersecurity of a real estate company?” Other people articulate
that the data property owners collect from their tenants is an
enormous issue because the protection of sensitive information and
system data must be paramount. The staff of building management must
be accountable for any specific events that can occur. On the other
hand, some experts point to the IT department as the primary group
that must put in place a robust cybersecurity program together with
its IT infrastructure.
Building owners and operators must be aware of the risks and
understand that the involvement of all functions and departments must
be present in preventing or mitigating these risks of cyber-attacks.
The aptest answer lies in the middle. Many experts believe that
building operators and owners must discuss with outside vendors and
their internal IT providers for every property they have. They must
draft a plan to protect the physical assets and the network. The
solution lies when the puzzle pieces fit together. It may be the
integration of a technology system into real estate or vice versa.
Excellent cyber hygiene begins with data governance. In a building
organization, cybersecurity isn’t an IT issue, but a risk mitigation
issue. Each individual and department has a significant role to play
in thwarting any cybersecurity attacks.
Final Remarks
Cybersecurity is an issue that concerns everyone in the commercial
real estate industry. Hackers and cybercriminals perform coordinated
and sophisticated attacks to ruin the most secured IT infrastructure.
Therefore, organizations must take brave steps to counter them. They
lose more money if they aren’t earnest in protecting their
infrastructure and physical assets. This predicament isn’t the only
issue that they must overcome. They also lose credibility, and their
reputation suffers when they become victims of malicious and
fraudulent attacks. Therefore, the significance of instituting a
robust cybersecurity program is now a requirement and not just a whim.
More information about the BreachExchange
mailing list