Eastwick Security Salon: Transparency, Fear, Trust
Eastwick recently hosted its third annual cybersecurity salon dinner, drawing in top executives from Agari, SAP, Neustar, TruSTAR, and 51maps, and reporters from CNBC, The Wall Street Journal, Yahoo! Tech, and San Francisco Chronicle. Moderating our discussion around the theme of Cybersecurity: A Global Battlefield, was Anton Chuvakin, research VP at Gartner’s GTP Security and Risk Management group.
As attendees debated the topic of the night: Cybersecurity: A Global Battlefield, three key insights emerged among the security executives and the media who cover the space: transparency, fear, and trust.
Transparency:
Changing legislation around the world is affecting the way tech companies gather, use, and share data with each other and with government bodies. In particular, the Cybersecurity Information Sharing Act (CISA) and Privacy Shield (formerly Safe Harbour) are two pieces of legislation that are currently sparking controversy around how to best band together in an effort to protect people and data from cyberattacks. The consensus among attendees was that transparency between tech companies around the threat landscape and new attack methods is critical for protecting their customers. In theory, sharing information that could prevent cyberterrorism with the government is a good idea, but in reality, it’s infinitely more complex to successfully implement while addressing the concerns of all parties involved. These pieces of legislation are only the beginning steps in creating an environment that is more conducive for sharing information to protect from global cyberattacks.
Fear:
As the conversation developed, the topic of fear surfaced. When discussing best practices for responding to vulnerabilities, it became clear that there’s a fear of finding data breaches, but also a fear of not finding data breaches. False positives were brought up as something to fear — with technology that detects and flags vulnerabilities 24/7, how do you find the balance between taking all necessary precautions to protect your business and customers, while not depleting your resources?
For many security companies and their customers, working with the media is challenging. There’s a fear that talking about the technology behind their products and who their customers are will make them and their customers targets for hackers. On the flip side, not speaking directly to customers creates a fear among the media that they won’t get enough information to tell the stories that need to be told. One reporter asked the executives in the room where the win stories are — the headlines are spattered with the companies who failed to stay secure, but why don’t we see more headlines with companies who succeeded in staying secure? When these conversations don’t take place between executives and the media, a lack of trust emerges and everything begins to look and sound the same.
Trust:
Executives and reporters alike want to have open conversations about trends in the cybersecurity industry, as well as talk about real life scenarios with customers. The hesitation to have these conversations however, stems from a lack of trust. From the media perspective telling a story with a distinct conflict and resolution is key. In order to do this, they need transparent information from their sources to build relationships and trust. When a trusted relationship exists, better and more accurate stories are told. For security companies, better stories mean embracing deeper conversations amongst peers, as well as within the security ecosystem — to tell the untold stories that will not only drive change, but also inspire it.
What’s your take on transparency, fear, and trust in the cybersecurity industry? Drop us a line at security@eastwick.com.
