[BreachExchange] Using New Techniques To Combat Cyber Threats

Fri Mar 23 22:23:31 EDT 2018

http://www.cxotoday.com/story/using-new-techniques-to-combat-cyber-threats/

There was a time when cyber attacks were limited to the financial and
technology firms alone. With the expansion of technologies like artificial
intelligence (AI), advanced analytics, and the Internet of Things (IoT) in
almost every business, cyber attacks have also spread their wings. So, if
2017, WannaCry and Petya ransomware were talk of the town, in 2018,
Meltdown and Spectre were exposed as perhaps the biggest cyberthreats of
all. As the dangers mount, current approaches aren’t working.

In a recent McKinssey article, experts believe that with the changing
pattern and accelerating cyber-attacks, the businesses need to devise new
strategies to combat the challenge. Hence, the firms are required to have
smarter, comprehensive, strategic and persistent.

The McKinsey report quoted a global insurance company’s experience which
budgeted $70 million for a comprehensive cybersecurity program. However,
one year later, only a fraction of the planned measures had been
implemented. Business units had put pressure on the IT department to
prioritize changes they favored, such as a sales campaign and some new
reports, at the expense of security measures, such as email encryption and
multifactor authentication. The business units also took issue with the
restrictions that came with cybersecurity measures, such as the extra
efforts that went into data-loss prevention, and limitations on the use of
third-party vendors in critical areas. The experience showed that most
companies don’t fully understand the threat, are under-prepared to fight
back and hence, face troubles.

Undoubtedly, the cyber security threats are swelling at a much rapid pace.
As shared by McKinsey based on its survey, consider these statistics to
understand the intensity and velocity of these threats: some companies are
investing up to $500 million on cybersecurity; worldwide, more than 100
billion lines of code are created annually. Many companies report thousands
of attacks every month, ranging from the trivial to the extremely serious.
Several billion data sets are breached annually. Every year, hackers
produce some 120 million new variants of malware. At some companies, 2,000
people now report to the chief information security officer (CISO)—and he
or she in turn reports to the chief security officer (CSO), who has an even
larger team.

Most companies which were affected by the massive cyber threats of NotPetya
and WannaCry believed themselves to be prepared against such threats. But
the big question is- were they? Even when a company is not a primary
target, it is always at the risk of collateral damage from untargeted
malware and attacks on widely used software and critical infrastructure.

Now the challenge is how to tackle this problem. Here’re some steps which
are being followed by the world’s best cyber security teams serving the
top-most global firms:

1. Cyberrisk should be considered a risk-management issue instead of an IT
problem: Treating cyber risk as an IT problem would not help. It is high
time that the companies should start treating cyber threats as a risk
management issue. The companies should put in place an organizational
structure and a governance approach that bring transparency and enable
real-time risk management.

2. Cyberrisk ought to be treated in a business context: Companies often
tend to overinvest in technical gadgets and underinvest in complexity
reduction which culminates into an inefficient system. It is, therefore,
important for the companies to understand and address the cyber risks while
calculating their commercial and organizational requirements.

3. Evaluate the cyber-risk levels better: There are multiple layers of
cyber threats, ranging from data to people. Evaluating all the levels is a
cumbersome task. Hence, companies should take advantage of automated tools
to catalog their assets in order to focus on those at the maximum risk.

4. Have a comprehensive and collaborative governance: In the digital age,
the distinctions between physical and information security, between IT and
OT, between business-continuity management and data protection, and between
in-house and external security have become archaic. This change indicates
the need of a collaborative and comprehensive approach to deal with cyber
security threats as the divided responsibilities would not help. The
companies need to confront all the parts of the business affected by cyber
threats, including suppliers and customers.

No one is fully protective against cyber threats. However, it could be
concluded those following the mentioned approaches are in a better position
to protect them against cyber threats and have a more efficacious working
mechanism, the authors said.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180323/894b326c/attachment.html>