Cybersecurity in an Insecure World: Business Leaders Predict the Future
By 2020, there will be 200 billion smart objects in the world, connecting everything from cars, planes and homes to medication, fitness devices and animals. Dependence on technology enriches our daily lives in countless ways, but what happens when technology fails? What happens when hackers and cybercriminals exploit vulnerabilities?
The Economist Intelligence Unit recently published a report on Internet of Things (IoT) cybersecurity that found 70% of devices did not encrypt communications. Another report from PWC found that cyberattacks have been growing quickly over the last couple of years, and there’s no sign of a slowdown.
Technology leaders are taking notice of these trends and are pivoting toward prioritizing security. Fortium’s own Technology Pulse Survey established that a whopping 65 percent of technology executives are making cybersecurity and risk management an integral part of their business culture. Only 10 percent of tech execs aren’t focused on cybersecurity at all.
‘Take no prisoners’ workforce runs the show
The modern workforce is increasingly mobile and always connected. Employees are logging in to company networks with their own devices, using multiple connections, private and public, with little to no security. And employees don’t want to take on the burden of accessibility and security. They want invisible, always-on, rich experiences, without the hassle of security procedures. Companies that make it too hard to access its network or limits capabilities can harm productivity and encourage rogue employee behavior.
How can business leaders lead the charge in protecting their businesses in a world with billions of devices, on-the-go workforces and cyber threats at every turn?
We sat down with Kirsten Bay, president and CEO of Cyber adAPT, a cybersecurity firm with a patented detection platform, Skwiid, that monitors network traffic in real-time, detecting threats between mobile devices, IoT connections, cloud services and the core network.
“People are more outside the business than inside these days. Every visit to a coffee shop, or connection to a Wi-Fi hotspot or even a social media check-in could lead to a security compromise,” said Bay. “Just a few years ago when we were in the office, we were continuously connected to secured business systems. Right now we’re in a disruption phase, but we’re starting to come full circle. Soon we’ll be connected securely no matter where we are, who we’re with or what we’re doing.”
Neutralizing threat actors
Cyber adAPT’s mission is to keep businesses ahead of attackers, turning real world threat intelligence into actionable detection skills and finding more attacks faster than ever.
That’s easier said than done.
Bay emphasizes the proliferation of ransomware — and the $1 billion in losses last year — is a failure of the cybersecurity industry to connect the importance of cybersecurity to the success of the business.
“Businesses still don’t see it, but the internet is the back bone of your business. No matter what products or services you sell, you cannot be successful unless you are securely connected,” said Bay. “The NotPetya attack a few weeks ago has caused some companies to revert to paper and pencil to move product — losing millions per day while in the clutches of the ransomware. This is not just a minor annoyance.”
Bay wants business leaders to understand that incident response programs are not effective unless there is context around security attacks.
“Knowing a criminal is in your home isn’t enough. You need more data to understand the significance of the problem. Is he in your home at 2 p.m. or 2 a.m.? Is your teenager home alone with him? Your husband committed a crime 20 years ago — is it him? You have to place the same level of context around your devices,” said Bay. “Is your laptop compromised? Inside or outside the firewall? Does accounting have issues with keystroke loggers more than sales? Knowing what the data means makes all the difference.”
Giving the power back to the business
Cyber adAPT is collaborating with Fortium Partners to boost customer connections and help other businesses understand their vulnerabilities despite the technical nature of the solution. Business leaders are still in the early stages of learning the true dangers of cyber threats, and Cyber adAPT helps them understand what they should care about in their unique business environment.
“We’ve found ransomware command and controls in client networks in as little as one hour. It doesn’t take us long to find the ugly stuff,” said Bay.
Fortium Partner Tony Parrillo, a member of the firm’s Cybersecurity Practice, says Cyber adAPT has the right idea for how cybersecurity will be handled in coming years.
“Right now the world still views cybersecurity as a digital health crisis, using different patches and processes to manage virus outbreaks, malware and infections,” said Parrillo. “That’s misleading. Cybersecurity is really about preventing access to the bad guys — hackers, cybercriminals, cyber terrorists and nation states launching attacks against other countries.”
“Fortium has helped us refine our message, get our arms around a technology sale to CIOs and CISOs and challenge new customers to try us out. The whole company is focused on pivoting our business toward service delivery, and the team at Fortium is helping us get there,” said Bay.