KNOWLEDGESTREAM AT-A-GLANCE

The Future of Cyber Security in Transforming Business

ABSTRACT

The pace of cyber security threats is accelerating faster than most people realize. With the emergence of new technologies and the explosion of endpoints via mobility and IoT, it is almost impossible to stay current. We're assembling an ongoing Discovery Board of industry leaders, including CISOs, compliance officers, consulting practice leaders, and CTOs/CIOs to explore best practices. A few themes that may be explored, but not limited to, include: Architecting for IoT security Malware prevention Authentication best practices Disaster recovery IT security roadmapping Compliance and risk Scenario vetting and planning Data governance Blockchain

PARTICIPANTS

Paolo Beffagnotti
Brand Protection Digital Manager
Patrick Henz
Head of GRC US, Regional Compliance Officer Americas, Futurist, Storyteller, AI.
Marsha Williams
Technology Executive and Board Member
Ross A. Leo
CISO
Mayank Lau
Principal Consultant at DSCI & EY Top20 Thought-Leadership Panel on the Future of Cyber Security
Scott Andersen
Distinguished Solution Architect Verizon
Dr. Qazi Mamoon
Digital Services and Innovation
Christopher Gebhardt
Director, Global SOC Operations
Ricardo Santos
CEO at Heptasense | Investor | Europe's 100 Hottest Startups by Wired
Amandeep Midha
VP Engineering at Ernit
Jon Cook
Chief Information Officer at Brandt Group of Companies
James Mccartney
CEO
Anton Chuvakin
Research Vice President & Distinguished Analyst at Gartner
Andri Apriyana
Professional in Artificial Intelligence, Big Data Analytics, Automations, Actuaries, Governance, Risk Management and Cybersecurity
Ron da Silva
Executive Management | Operations & Engineering | Corporate Governance | Technology Strategy
View More >

OBJECTIVES

1. :

2. :

3. :

4. :

100% Complete
Start Date: Oct 11, 2017
End Date: Dec 14, 2018
2638

CONTRIBUTIONS

ACTIVITY

429 Days

24 Themes

59 Contributors

1300 Posts

1338 Comments

580 Followers

OUTPUTS

11 Slide Deck

3 Video

THEME #1

People vs. Technology in transforming businesses

THEME #2

Today's Cybersecurity Breaches

SURVEYS

people | 13
Which is getting more discussion within the C-Suite, Ransomware or Breaches
Breaches
92.31% 12 votes
Ransomware
15.38% 2 votes
 

THEME #3

Cybersecurity game changers

SURVEYS

people | 13
Where should companies look for Cybersecurity talent?
External - Short term (12 months or less) contractors
15.38% 2 votes
External - Managed Services
38.46% 5 votes
Hire externally
0.00% 0 votes
Train existing IT/Security resources
46.15% 6 votes
Flex staffing
0.00% 0 votes
 

Without this type of forward-looking perspective the challenges will always be dealt with in 'catch-up mode'.

Marsha Williams Technology Executive and Board Member

The thing is, most of your problems aren't solved by new technologies.

Jay Brodsky CIO | CTO | Operating Executive | Board Member | Digital Transformer | Cybersecurity Strategist

THEME #4

Should companies invest in blockchain now or wait a few more years? If yes, how? If wait, why?

SURVEYS

people | 16
The time for companies to invest in blockchain is:
6 months ago
6.25% 1 vote
Now
62.50% 10 votes
6 months from now
6.25% 1 vote
12-24 months
12.50% 2 votes
Stay aware, but no investment in the next 2+ years
12.50% 2 votes
 

Investment should be in research and not in 100% adoption.

Dr. Qazi Mamoon Digital Services and Innovation

...efforts to develop and expand BC's application breadth and depth should be going on very actively, minus the hyperbole and sales-speak.

Ross A. Leo CISO

...blockchain is not only a currency, but may become more, as for example bring more transparency to the supply-chain.

Patrick Henz Head of GRC US, Regional Compliance Officer Americas, Futurist, Storyteller, AI.

THEME #5

Are companies adequately addressing IoT risks?

SURVEYS

people | 16
Are companies spending enough time and resources on managing 3rd party/supply chain for Cybersecurity risks?
Yes
6.25% 1 vote
No
87.50% 14 votes
Not sure
6.25% 1 vote
 

IoT will continue to expand, rapidly There are problems today, that are going to get worse.

Scott Andersen Distinguished Solution Architect Verizon

Every company wants to utilise latest technologies like IOT but gives Security less priority and because of this they get compromised

Himanshu Mehta Team Lead@Symantec|Mentor@NITI Aayog|Board Member@EC-Council, Convetit|Speaker@Hakon, InfoSecurity Europe, NCSC, HIP

IoT will bring forth millions of connected devices that are typically less rigorously security hardened and optimised by the vendor - and thus the threat vector increasing.

Tommy Kolega Delivering business value through technology, globally

While IoT has led us into a lot of convenience, we haven't embraced the reality of the security flaws.

Merritt B

THEME #6

Security consulting -- Teaching to fish or just driving the boat?

Security is everybody's responsibility - Global truth. Now there are two parts for security 1. Business Security - Form CxO to employees disclosing IPs or secrets unintentionally, NDA, Human errors etc. 2. Tech Security – breaches due to technologies, cyber attacks, ransomware etc.

THEME #7

Meltdown and Spectre -- The biggest impact is to security or to IT?

Drawing so much attention to this draws our attention away for the more immediate operational risks right in front of us, and quite possibly places us at greater risk from things much more readily exploited.

THEME #8

What is the biggest challenge facing CISO's today?

SURVEYS

people | 19
Who should CISO's report to?
CIO
26.32% 5 votes
CRO
0.00% 0 votes
CFO
0.00% 0 votes
CEO
26.32% 5 votes
COO
21.05% 4 votes
Board of Directors
26.32% 5 votes
Other
0.00% 0 votes
 

THEME #9

Security Orchestration and AI to address talent shortfalls?

THEME SUMMARY

We're not there yet as a full replacement. AI/ML today is most powerful when it augments and empowers analysts. Risks include talent development and hijacking of automated processes.

  • Not all organizations are ready for AI/ML - this is an evolutionary, not revolutionary, technology
  • The first AI/ML use cases in security will be to augment and expand the performance of human analysts
  • Before pursuing AI/ML organizations need to determine their talent development strategies
  • Organizations need to evaluate the risks of automation or hijacking automated processes

THEME #10

How have ransomware attacks changed the risk equation for organizations?

THEME SUMMARY

Organizations, regardless of size and capabilities, must plan to deal with ransomware attacks. Three out of four respondents to our survey think that the risk has increased or is now the highest risk

  • Ransomware forces organizations to deviate from their standard asset-based risk logic
  • Ransomware is now blurring the lines between nation-state and criminal motivations
  • While the risk appears manageable on paper (patching), the reality for many organizations is that the risk must be balanced with other organizational realities

SURVEYS

people | 14
Where does ransomware fall in a risk priority stack?
Now the highest cyber risk
7.14% 1 vote
A higher risk than a year ago
71.43% 10 votes
Same risk as a year ago
14.29% 2 votes
A lower risk than a year ago
7.14% 1 vote
Now the lowest cyber risk
0.00% 0 votes
 

THEME #11

Cyber incidents in the news - help or hindrance?

THEME SUMMARY

The problem of communicating incidents to leadership is that it must be communicated positively and recommendations need to be actionable and realistic.

  • Regulations present a new component of consideration
  • Balance executive fear, uncertainty, and doubt (FUD) with the need to communicate action positively
  • One effective communication strategy: what we can learn from what happened at X company

Stories are good, but regulations are action

These last news have been great to wake up companies, specially in data protection

Ricardo Santos CEO at Heptasense | Investor | Europe's 100 Hottest Startups by Wired

awareness should turn in a call to action.

Paolo Beffagnotti Brand Protection Digital Manager

Learn from other's mistakes

When I make use of these events, I approach such efforts cautiously.

Ross A. Leo CISO

The security organizations can leverage from the cyber incident in the medias by : - the anticipation of the cyber incidents - the verification the efficacity of the enterprise practices. - the concentration of the needs on the worste incidents

Martial R Digital Transformation and IT Operations - CIO / CTO - GFI Informatique

THEME #12

Mergers, acquisitions, and divestitures - oh my!

THEME SUMMARY

IT Security is becoming a more prevalent risk factor considered in a merger, acquisition, or divestiture. Organizations are using third parties and third parties to effectively manage their risk.

  • Both organizations need a REALISTIC assessment of their capabilities - sometimes a third party can help
  • There will be a surge in activities - regardless of whether the activity is a merger, acquisition, or divestiture (MAD) - in which a third party could provide short-term staffing
  • Once organizations know their capabilities, nailing the transition plan is CRITICAL to success

Get your plan right

most important activity was securing a transition agreement that allows/requires both entities to work closely together for a 3-6 month period post-close.

Marsha Williams Technology Executive and Board Member

A good analysis of the apps, infrastructure, and the network is a must before you close the deal. Sometimes you pay more for band-aids than the real remedy.

Hitesh Mathpal Technical Director

Third parties can help

I have seen a few uses of a team of digital experts who act as a third party under strict confidentiality requirements. The concept is commonly used in evaluating customer contracts between competing entities without divulging critical information.

Marsha Williams Technology Executive and Board Member

The company's IT pros must therefore be brought in to bring their expertise to bear in contribution to the discussions of these elements, complemented by a third-party to objectively assess the validity and potential impact of the identified and derived risks the IT will also contribute.

Ross A. Leo CISO

THEME #13

Hit the bench(mark)

THEME SUMMARY

Benchmarking, like many security activities, is a necessary evil for organizations. Benchmarking, if done properly, explains risk to leadership, identifies best practices, and ensures compliance.

  • Compliance to standards (ISO, NIST, GDPR) should be baseline benchmarks
  • Corporate Boards in particular have an interest in benchmarking to communicate and understand risk
  • Instead of benchmarking technologies and documentation - organizatons should benchmark their practices
  • Benchmarking without acting on the findings, good or bad, is wasteful exercise

Compliance and Standards - the baseline

Thus my experience with benchmarking is rather mixed:  the first did not work due to the rigidity of the artificially established parameters of the OB, and the second one did not work well enough due to the individualized nature of the applied solution

Ross A. Leo CISO

Standards and compliance, because they cover a broad array of scenarios relative to cybersecurity provide only directional guidelines are may indeed not appear to be prescriptive enough.

James Francis Trocmé Principal Executive Consultant at EDIC Consulting and CEO at Swishh ⚡

Benchmarking with out action is a paperwork exercise

Standards and compliance, because they cover a broad array of scenarios relative to cybersecurity provide only directional guidelines are may indeed not appear to be prescriptive enough.

James Francis Trocmé Principal Executive Consultant at EDIC Consulting and CEO at Swishh ⚡

As I keep reading through all of the posts here, one thing that keeps coming back to my mind is that benchmarking among all other criteria (security / compliance audits, etc...) is only useful if one actually makes use of the intelligence that is derived from said benchmarking.

James Francis Trocmé Principal Executive Consultant at EDIC Consulting and CEO at Swishh ⚡

Good benchmarking communicated properly communicates organizational risk

What is "becoming" is the wider acknowledgement of this crucial factor by those in governance positions who finally grasp its true importance (rather than the "techno-druidic" status it once had).

Ross A. Leo CISO

It's not uncommon to hear people talk about culture metrics or benchmarks without first defining what culture even is. The result is imprecision and confusion, and perpetuates the idea that culture is subjective and fuzzy, an unreliable target of analysis

Himanshu Mehta Team Lead@Symantec|Mentor@NITI Aayog|Board Member@EC-Council, Convetit|Speaker@Hakon, InfoSecurity Europe, NCSC, HIP

Static to Dynamic - Away from benchmarks to best practices

Benchmarking is (as others have noted) a tool that certainly has a place in the toolbox - but I would much rather see efforts put into the concept of 'Best Practices' for these reasons:

Marsha Williams Technology Executive and Board Member

A good benchmark is - 100% employees know standard security practices. 

Hitesh Mathpal Technical Director

THEME #14

Communicating the value of Security

THEME SUMMARY

Security organizations are moving away from low-value compliance-focused and break/fix operations to helping the business manage cyber threats as part of a broader risk portfolio.

  • There is a continuous race between organizations and hackers. The one side wants to build up a (fire-)wall and the other one identify the week brick
  • Security as a bottom line business value proposition is the key to allowing the business decisionmakers and IT department to work toward a common goal.

cyber security helping business to grow.

89 percent of businesses said that improving cyber security would enhance customer loyalty and trust;

Paolo Beffagnotti Brand Protection Digital Manager

90 percent said it would enhance their reputation in the market, potentially attracting new customers;

Paolo Beffagnotti Brand Protection Digital Manager

One of the most successful ways to get employees engaged in the learning process is to let them know what you are sharing is relevant at work and in their personal lives.

It gives you an opportunity to get more folks engaged (sad but true) and they truly seem to dig in to the information you are sharing.

Marsha Williams Technology Executive and Board Member

Once you have that engagement it's key to keep the messages flowing from a 'we are here to help you' perspective - rather than a punitive approach. At the end it's all about engagement -- and increased engagement is a key message for the business.

Marsha Williams Technology Executive and Board Member

THEME #15

There is a move among many firms away from AntiVirus to End Point Protection.

THEME SUMMARY

Disparate, unconnected point solutions may be effective individually, but leave much to be desired in terms of cohesiveness of operation and clarity of findings/feedback.

  • A "dashboard" through which to display conditions and alerts in a synoptic manner is often desired by those managing this function in order to simplify monitoring and response initiation.
  • I think the biggest winners will those companies with a full line of such products that get integrated into such a platform, whether on prem or cloud based. Those that do not will likely be the loser

Sadly, there is no clear definition of what constitutes EP. Is it AV, Anti-Malware, Anti-Ransomware, Firewall, Phishing Protection, Browser Protection, etc... It would be helpful for a standards based organization to cleanly define EP.

Vendors are not willing to reveal how their platform works except to say it is based on Machine Learning or Artificial Intelligence.

Christopher Gebhardt Director, Global SOC Operations

NG vendors are famous for making outrageous claims about their product but will not allow independent testing. I personally know researchers who have received legal action from NG vendors because they were exposing flaws. Again, flaws are what we, as security professionals, need to know.

Christopher Gebhardt Director, Global SOC Operations

Despite of all the statements of the death of AVs, their makers keep selling huge amounts and updates of these.

As mentioned on the article it is difficult to have a 100% solution for everything and indeed AV firms are changing to adapt to the new scenario.

Paolo Beffagnotti Brand Protection Digital Manager

They are trying to add a new layer of security. The idea is to have a kind of internal machine learning studying users' behaviours detecting anomalies. Someone stated that blockchain could be the future of AV.

Paolo Beffagnotti Brand Protection Digital Manager

THEME #16

As our next theme I would like to speak of a new bread of cybersecurity products that have new innovative capabilities

THEME SUMMARY

Even if there are vendors on the market doing a great job of advancing their products at warp-speed evolution - your business may be locked in thus facing vulnerabilities current products don't addres

  • I’ve seen this play out before when, in emerging markets, many players come to bear followed by mergers, acquisitions, and disruption. Who do you commit to during times like this?
  • AI is key for Cyber Security and Hackers. One side implements a smarter and faster AI, then the other side gears up with something better. One to bypass the virtual wall, the other to make it stronger

Are they really "next generation"? These platforms take days if not weeks or months of tuning. It can be a full-time position for someone just to tune the platform. For me, that is not "next generation" it is job creation at a time when the products shoul

As was mentioned in my previous post, until these vendors open their boxes, how can we trust them to protect our sensitive networks?

Christopher Gebhardt Director, Global SOC Operations

challenge every product/company to allow independent third party testing (like virustotal but non-industry based.)

Christopher Gebhardt Director, Global SOC Operations

The terms are being used interchangeably by marketers. They are not the same function. Cybersecurity vendors are pitching their solutions as "next generation" because they use machine learning. Which, I guess you can argue that is true. But how many are a

Machine Learning cannot determine new threats that it has not seen in its data set. It only knows and understands what is in that data set.

Christopher Gebhardt Director, Global SOC Operations

Artificial Intelligence is similar to Machine Learning in that it learns via a data set. The biggest difference is that it can make an assessment of the new malware.

Christopher Gebhardt Director, Global SOC Operations

THEME #17

Many firms are turning to Unified Compliance as an approach to optimize their efforts and investment

THEME SUMMARY

Unified Compliance approach to cybersecurity can bring many efficiencies to cybersecurity by at what costs?

  • A unified approach can bring efficiencies by eliminating redundancies and providing an organized approach to ensuring complete coverage of all required scope.
  • However, it often leads to adopting to a single vendor rather than a best of breed set of solutions that many times leads to an inferior selection of products in one or more areas.

Unifying these functions into a single platform for the sake of efficiency and economy is fine, so long as each function is not compromised by the presence of the others

Correctly performed systems integration and dashboard construction could provide the same service visibility and operations efficiency, though with greater initial effort, across existing platforms. 

Ross A. Leo CISO

Such things seem to reflect an attitude on the part of "business" that is an annoyance that we can sublimate through enough tools and layers, and the more automation the better (IOW - cheaper).

Ross A. Leo CISO

The reality of organizational maturity is that the overall mix of capabilities (infrastructure and development) blended with improved operational capacity allows us to begin considering utilizing unification. But there are more pieces to this than simply

Correctly performed systems integration and dashboard construction could provide the same service visibility and operations efficiency, though with greater initial effort, across existing platforms. 

Ross A. Leo CISO

Such things seem to reflect an attitude on the part of "business" that is an annoyance that we can sublimate through enough tools and layers, and the more automation the better (IOW - cheaper).

Ross A. Leo CISO

THEME #18

Crowdsourced Approaches to Cybersecurity

THEME SUMMARY

Many firms are using a form of crowdsourcing referred to as bug bounty programs as a means of attracting outside talent to help debug their programs before it is released to the market

  • with the proper best practices and controls in place a bug bounty program can produce the desired results
  • it takes alot of preplanning and oversite and must be run be experienced staff to be successful and the individuals you engage must have proper background checks

Clear well thought through Rules of Engagement and a controlled environment are key to having a Successful Bug Bounty Program

Good to keep it with a team you can vet since you can involve the internal technology team in the process. This helps eliminate some of the defensiveness that can occur when the outside group starts reporting issues.

Marsha Williams Technology Executive and Board Member

t's helpful to provide the external folks visibility to releases and change mgmt so they have a feel for what might have changed since the exercise last occurred.

Marsha Williams Technology Executive and Board Member

The independent and unbiased outside views usually lead to identification of design and implementation flaws in the solution that usually get missed internally by resources

Good point on the signal-to-noise ratio of feedback.. was concerned about that too.. quality of feedback from crowdsourcing or bug bounty might not be as good as internally vetted efforts but also might find things that otherwise you won't internally.. so need to strike a balance somehow..

Ron da Silva Executive Management | Operations & Engineering | Corporate Governance | Technology Strategy

Christopher Gebhardt we funneled all the bug reports through the internal QA resources and they were then folded into the existing process once validated.

Marsha Williams Technology Executive and Board Member

THEME #19

How has the Impact of your adoption and use of Digital technologies impacted your Cybersecurity program?

THEME SUMMARY

The move to digital has made cybersecurity more complex, digital, and costly for all firms, however, it’s hit the SMB market extremely hard.

  • Firms in many cases are leveraging the some of the same digital technologies like AI in their cybersecurity solutions to increase their capabilities and effectiveness to meet these new challenges
  • Firms must be creative in evaluating the various options available to them from on premises to CSP's to hybrid to determine what would be the best way to meet their firms technological needs

For many of the smaller firms adopting and migrating to cloud is a necessary step to be able to compete and safeguard their operations

Complexities of new digital approaches have prompted many of my SMB clients to adopt cloud based environments. Toolsets available for managing these technologies (Microsoft Azure Suite, AWS, etc) make adopting cloud based technologies the only realistic option unless the SMB is resource rich.

Marsha Williams Technology Executive and Board Member

This type of attack win in most of the time against human based cybersecurity defense, since AI have the ability to learn and re-perform attack automatically non stop 24/7. No other choices to defense the perimeter using also 24/7 tools with the ability to learn.

Andri Apriyana Professional in Artificial Intelligence, Big Data Analytics, Automations, Actuaries, Governance, Risk Management and Cybersecurity

One possible source of relief for firms is to pursue security standardization

What must occur is for companies to adopt a uniform standard for the assessments like the Cloud Security Alliance's CAIQ document.

Christopher Gebhardt Director, Global SOC Operations

The CAIQ is 250 questions of cybersecurity. If you were to go through it, it would answer all your questions so why send out a unique document that just asks the same questions (more often than not, poorly!)

Christopher Gebhardt Director, Global SOC Operations

THEME #20

Let's keep our great discussion on Digital & Cybersecurity going and change the focus towards skills & competencies

THEME SUMMARY

Cybersecurity demands are changing and growing and a large driver is new digital technologies

  • Some cybersecurity products are actually leveraging new digital technologies like Artificial Intelligence in order to make the products more effective and adapt more quickly then humans can
  • Its imperative from new recruits through career security professionals that all be given constant training to keep their skills and knowledge current and so that they are effective to meet new demands

Cybersecurity professionals new to mature resources need a blend of basic to advanced certifications/training to keep current in their field

IEEE Computer Society put online several training at https://www.computer.org/web/education/cybersecurity-elearning-courses

Paolo Beffagnotti Brand Protection Digital Manager

Certified Ethical Hacker Certification I got this certification, I have to say that it was an interesting journey with several valuable takeaways.

Paolo Beffagnotti Brand Protection Digital Manager

A blend of technical and soft skills are required for cyber security professionals to be effective

Technical skills understanding of IoT and cloud security AI and machine learning malware protection open source application penetration and intrusion detection DevSecOps Indident response

Paolo Beffagnotti Brand Protection Digital Manager

Personal (soft) skills attention to details excellent communication skills customers service collaboration curiosity and learning passion

Paolo Beffagnotti Brand Protection Digital Manager

THEME #21

Lets continue on the theme of digital & cybersecurity and do a deep dive on IoT

THEME SUMMARY

IoT brings with it many great advancements but at the same time it comes with many new cybersecurity threats & vulnerabilities

  • One of the big reasons for these threats is a lack of a well thought through Architecture and best practices of how to use and deploy IoT securely
  • Additionally as applications of this technology are still being identified we have not thoroughly identified the vulnerabilities that exist with the new uses of IoT

The threat landscape of IoT is growing quickly as we continue to evolve and deploy IoT unless we make security a top concern these vulnerabilities will rise exponentially.

I will suggest that the threat landscape has the potential to mushroom exponentially as the IoT adds an unimaginable amount of computing power to the mix, most of which won't be watched regularly by the owners.

James Mccartney CEO

And to Marsha Williams' point in her post, the lack of forethought by most of the people adding to this realm is only going to make it more challenging.

James Mccartney CEO

What improvements and best practices could we put in place to stem the tide of IoT threat & vulnerability proliferation?

California is leading the US and perhaps the world in IoT security with the passage of SB327. The law calls for any IoT smart device to ""protect the device and any information contained therein from unauthorized access, destruction, use, modification, or disclosure."

Christopher Gebhardt Director, Global SOC Operations

The main reason is because there is no scalable business model for IoT, specially when applied to huge areas such as smart cities.

Ricardo Santos CEO at Heptasense | Investor | Europe's 100 Hottest Startups by Wired

If there is no perfect business case in which all companies can work together, it is difficult to establish how different "things" will communicate with each other and what type of information they will exchange, so companies could spend more resources on improving the security aspects.

Ricardo Santos CEO at Heptasense | Investor | Europe's 100 Hottest Startups by Wired

THEME #22

Let's continue our discussion on Cybersecurity and IoT by focusing on Distributed Denial of Service (DDoS) attacks

THEME SUMMARY

DDOS attacks although rising in prevalence impact businesses much differently based on a number of factors

  • The importance of the internet and connectivity/availability to one's customers raises the concern of DDOS attacks
  • DDOS attacks can also lead to penetration of a firms security and lead to access of secure data

DDOS attacks impact different firms at different levels depending on the importance of internet access to the business and revenue of a firm

f you ask some people about the level of concern for DDoS you hear a VERY wide range of responses from "existential" to "just a nuisance."

Anton Chuvakin Research Vice President & Distinguished Analyst at Gartner

I suspect it is about how reliant they are on their online resources for making money.

Anton Chuvakin Research Vice President & Distinguished Analyst at Gartner

One of the reason for DDOS attacks is to disrupt services. E.g. if the website of your competitor is down highly likely the traffic will be redirected to yours.

Paolo Beffagnotti Brand Protection Digital Manager

DDOS attacks can have beyond the interruption of connectivity to the internet and to a firms clients.

For someone like eBay, it is an major threat resulting in crisis handling. Same for Walmart, Amazon, etc. For a car dealership?

Christopher Gebhardt Director, Global SOC Operations

A person hacked into a temperature sensor in the fish tank of a casino and laid a trap. When the sensor did a periodic upgrade of its software, he got access into the database of all high net worth customers of the casino

Santhosh Nair Management Consultant for early-stage companies. 20+ years as Director, Senior Quality Manager, Principal Software Engineer and Program Manager.

Politics and hactivism are taking the advantage of these as the web is the new field of battle

Paolo Beffagnotti Brand Protection Digital Manager

THEME #23

Ransomware attacks have been declining in number but increasing in sophistication. Let's look at how they are changing

THEME SUMMARY

Ransomeware has been changing in numbers of occurrence and level of sophistication

  • While we are seeing fewer instances of ransomware we have seen a morphing of the target being much larger breaches where the impact is orders of magnitude larger financially.
  • Cybercurrency is one of the areas where we have seen large uptick in occurrence and sophistication of attack
  • We have also observed that the ransomware attacks on individuals have reduced and user have become more proactive in regularly backing up their files which has reduced exposure

What changes are we seeing hackers using in approaching Ransomware?

The attacks get more sophisticated, as phishing emails not only get more personalized, but also the attackers use more time to work on the details.

Patrick Henz Head of GRC US, Regional Compliance Officer Americas, Futurist, Storyteller, AI.

hackers are using intelligent algorithms. Using Big Data (for example from Crawlers systematically analyzing user profiles and creating potential org charts), such apps provide precious information (Smart Data) for attackers

Patrick Henz Head of GRC US, Regional Compliance Officer Americas, Futurist, Storyteller, AI.

A successful attack requires preparation, preparation, preparation. Furthermore an efficient hacker-organisation, incuding IT-experts, psychologist, linguistic experts, etc.

Patrick Henz Head of GRC US, Regional Compliance Officer Americas, Futurist, Storyteller, AI.

As Ransomware becomes more sophisticated what new tools, technologies and approaches can we use

Say if blockchain implemented on hospitals patient data, since it's has decentralized characteristics, with multiple encrypted data stored in different locations, it would be hard for ransomware to attack the vectors.

Andri Apriyana Professional in Artificial Intelligence, Big Data Analytics, Automations, Actuaries, Governance, Risk Management and Cybersecurity

blockchain information is encrypted on the various servers. So far the technology is not that widespread enough so that hackers started seriously started to think how to attack this.

Patrick Henz Head of GRC US, Regional Compliance Officer Americas, Futurist, Storyteller, AI.

AI can tackle vulnerabilities, e.g. it could stop hackers where firewalls and anti-virus are not successful. Maybe it can't stop every malware, however, after building models of positive and negative behaviors, it helps the security team to detect the bad ones.

Paolo Beffagnotti Brand Protection Digital Manager

THEME #24

We are all facing a huge rise in use of Mobile Devices let's discuss what security measures are being taken for Mobile

drafts Contact Us
close

Total Points: