Enough is Enough.
I woke up this morning to news that ‘WannaCry’ — the ransomware attack that rocked the world Friday — now has the ominous distinction of being the largest cyberattack of all time. Worse yet, this attack stemmed from documents leaked from the NSA, an organization chartered to protect us from the very people attacking us. The irony of that connection is clear for all to see, and if the consequences weren’t so incredibly dire, it might even be humorous. Projections are that things will still get worse (as of this morning, they already have). And what’s next to top this? I shudder to think…
It’s both sad and infuriating that this happened. The NSA document leak was discovered months ago, and the entire world knew that hackers had a blueprint of how to execute a massive, global attack and yet so many organizations worldwide responsible for life-critical systems and data chose to do nothing. This is akin to the world finding out that designs for a WMD had been stolen by terrorist groups and governments sat on their hands doing nothing until it was too late. There’s simply no excuse.
But instead of throwing up my hands in anger in frustration, I’m only strengthening my resolve — indeed sharpening my spear — because I believe we can solve this problem. It’s a simple truth that what we are all collectively working to achieve in the cybersecurity community is critically important and can have positive, meaningful global impact.
We are giving the world an opportunity to say enough is enough with hackers, enterprises and governments playing with people’s highly personal and sensitive data like it’s some kind of meaningless and faceless commodity to be bought and sold. We have it in our grasp to show the world there’s a way out of this disastrous mess. It’s not an opportunity. It’s our responsibility.
It’s entirely up to us how quickly and effectively we execute our plans to end this vicious and never-ending cycle of breach after breach (as I’m writing this, all my devices are lighting-up with notifications of yet another breach, this time of a Disney movie — is nothing sacred??). It’s time for the security community to rally around these challenges and fundamentally change the way we build, talk about, and help our customers tackle these tough problems. Claims of 100% defensible platforms and “unhackable” solutions only do damage to our collective mission and to the people who’ve chosen to trust us.
I for one have never been as motivated to achieve anything in life personally or professionally. I’m beyond fired-up and commit to you all I won’t let anything stand in our way. I hope you will join me in this mission — our mission — to affect real and meaningful change. This is truly our moonshot.