ViewPoint: The latest cybersecurity threat

December 19, 2014

For those of us who live and breathe IT security, we spend the better part of our days fortifying the multiple layers of protection we need to keep our enterprises secure. We plug security holes. We patch vulnerabilities. We employ signature-based products to identify malware. And that's all just before lunch.

But for typical enterprise employees, it's about booting up their system and tackling their to-do lists while feeling comfortably protected. Unfortunately, they may not realize they're at risk of exposing vulnerabilities — access points for hackers. Even more unfortunate, the attackers are already in the network, navigating inside the system waiting for the perfect moment to make themselves known. They often rely on "social engineering" — the breakdown in human behavior — which leads to disaster. Consider duplicitous fishing expeditions, password lists conspicuously stored on desktops, or laptops accidentally left unattended.

This notion, that "threat actors' are already in, is a paradigm shift in the way sophisticated enterprises approach cybersecurity. To echo this point, this month, the Advanced Cyber Security Center (ACSC) welcomed Michael Chertoff, former secretary of The U.S. Department of Homeland Security and the Executive Chairman of The Chertoff Group to keynote our annual meeting. According to Chertoff, there are two types of enterprises, those who know they have been hacked, and those that do not know they have been hacked.

It's no longer a matter of keeping the "bad guys" out. Cybersecurity is now focused on a model of resiliency — meaning what are we doing to minimize risks; protect valuable assets and data including customer privacy data; and maintain business operations through attacks?

Are we continually evaluating our vulnerabilities? Are we sharing threat information with peers? Are we monitoring our networks to detect anomalies? The menu of options can be daunting, and expensive. But the fallout of an attack can be even more costly.

To better understand the new resiliency model, Chertoff shared the analogy of the human body. As a machine, the human body is not immune to every type of bacteria or antibody. Some are already in our systems and others are attempting to enter – and often with success. It's our body's job to identify them, evaluate them, and prioritize the manner in which it deals with them. Maybe white blood cells are deployed to eradicate them. Or perhaps a body function reacts to remove them. And it doesn't stop there. The body is continually at work to maintain continuity and keep us running smoothly, a shared goal with most enterprises.

More organizations are realizing that defending the perimeter is insufficient, especially when new technologies like the cloud and mobile devices are expanding network boundaries. As a result, more cybersecurity resources will be invested on improving resiliency, but we can work together as a business community. Building trusted collaborations, like that of the ACSC, encourages a "neighborhood watch" model where businesses work together to strengthen overall security. Sharing threat data, recommending best practices, and exploring new technologies to deal with the threat factors might not keep them out, but will make sure we keep up.

Charlie Benway is the executive director of the Advanced Cyber Security Center.