How can integrators help their customers turn cybersecurity efforts into cyber resilience? It’s an issue that’s becoming more critical for companies of all sizes as every day we hear about hacksthat compromise sensitive and confidential information.
A panel of experts addressed this issue in a lively discussion during the 2017 Carousel IndustriesAlwaysOn Symposium that focused on taking cybersecurity to extreme levels to a point they call “cyber resilience.”
“We look at how high and how thick we can build walls to try to help our customers address those issues,” says Rick Basile, senior director of systems engineering at Fortinet. “We need to be able to respond and share information in real time.”
Martin Roesch, chief architect of Cisco’s security business group, says one critical aspect of being resilient with cybersecurity is the ability to respond quickly. Cisco focuses on threat-centric security, he says.
“We’re working to take what we know and turn that into what our customers know as quickly as possible,” says Roesch.
Although it’s probably impossible to completely eliminate cyberattacks, “the goal is to protect every user and everything,” says Jeff Music, southeast sales engineering manager at Cylance.
In an age when small companies are just as vulnerable to cyberattacks as global corporation, David Gibson, chief marketing officer at Varonis, is surprised at how little some companies consider it.
“A lot of organizations still have some big gaps around protecting the data,” he says.
Congressman James Langevin, D-RI, co-founded the Cybersecurity Caucus and emphasizes quick recovery is another critical aspect of foiling cybercrimes.
“We have to recognize that the most effective hackers get in and pivot sideways,” he says.
Detecting Cybersecurity Breaches
Roesch says the next step for IT companies in helping their customers deal with cybersecurity is decreasing the time between the detection of a hack to when it’s fixed.
“We’re very aware of that,” he says.
In some ways, IT security companies need to read the minds of people they don’t know and never see, says Music.
“We have to be able to take what we know now and predict the future,” he says.
Monitoring your information is another critical piece of the puzzle, says Gibson, who asks, “How can you protect something if you’re not watching what’s happening with it?” That issue comes about when companies save all sorts of information, even documents they haven’t opened for a year or more.
Building Cybersecurity and Cyber Resilience Experts
Langevin highlighted the federal scholarship program supported by the U.S. Department of Homeland Security and National Security Federation as one way to fill the talent gap that exists between the number of hackers and the number of those who are trained to stop them. He says there are about 250,000 unfilled cybersecurity jobs across the U.S. today.
“The technology is important, but we also need to have the right people with the right skills,” says Langevin. “We need to push these programs all the way down to K-12. They’re growing up with this technology.”
Roesch disagrees with Langevin, saying he’s “skeptical we’re going to build a million people with this esoteric knowledge,” adding he’s more partial to driving the process toward automation so more information can be monitored more quickly.
Gordon leaned toward Langevin’s approach, saying knowledge is always a good thing.
“The more people who have the vocabulary and understand the problems we solve, the better off we all are,” he says.
For Basile, a mix of educating young people and more automation represents the ideal solution for cyber resilience.
“We can’t get humans out of it entirely, but automation is a big piece of this too,” he says. “That frees up people to work on other things. It shouldn’t take a month to make a change in the network.”
Reducing Cybersecurity Risks
Until the mentality of some company leaders changes, cyber resilience and hacks will continue to be an issue for businesses of all sizes, says Gibson.
“The controls have to change, but so does the way we think about cybersecurity,” he says. “It’s about taking ownership of the data.” In most cases, between 60 to 70 percent of the data in any company’s network hasn’t been used for a year, he says, and 20 percent of the data is open to everyone in the company, no matter their roles.
“A lot of organizations have trouble classifying their data. We’re sharing so much information. We have to do a better job protecting it,” he says.
“The goal is to limit the amount of damage,” says Langevin. “You need to have a timely response. Right now, we have a patchwork approach to how we’re notifying our customers when their data is breached. There are 48 different policies from state to state on how to handle it right now.”
Music points to IT security staffers as culpable in the proliferation of cybersecurity issues, too.
“We need to take full ownership of all this data,” he says. “We created it. You have to understand what you’re responsible for, how to protect it and what you can’t see. We need better accountability and we also have to get past the idea of giving competitors an edge by talking about this with them.
“Everyone hung a flag when we saw what terror threats can do on Sept. 11, but it’s not the same when it comes to digital threats because those aren’t something you can necessarily see,” says Music.
Basile referred to “blast radius” and “collateral damage” as terms that used to be reserved for the military but have spread to the fight against hacking.
“The earlier in that threat you can stop it, the less collateral damage you’re going to have,” he says. “Our data is worth money. Everyone’s a stakeholder in the digital trust.”
Roesch is optimistic that “there’s been more of a realization that you can’t always prevent a breach” in the last five years, adding “we have to figure out what to do when they happen.”