Cyber incidents dominated headlines last year, from the 2016 elections to the Yahoo! data breach, leaving the impression among many that nothing should be entrusted to the internet. On February 9, the MIT Enterprise Forum Atlanta organized a panel discussion at TechSquare Labs on trends in cyber security and formulated best strategies for tackling current and future threats.
The panel included Jeff Spence (CEO, NexDefense), Mike Cote (President and CEO, SecureWorks), David Thomas (CEO, Evident ID), Sanket Patel (CEO of Securolytics) and Glenn McGonnigle (general partner at TechOperators), who served as the panel’s moderator.
According to McGonnigle, around 4.2 billion records were breached last year as compared to 1.1 billion in 2013. “As businesses, governments, and consumers have become increasingly reliant on the internet; we are more vulnerable to crime and business disruption perpetrated in the cyber domain. Ongoing waves of aggressive, sophisticated attacks have raised cyber security from an IT-only issue to a challenge everyone must meet head-on,” he added.
1. Cyber talent shortage
According to Mike Cote, it’s not a technology problem; it’s a people problem. There are just ‘more bad guys than good guys’.
2. Evolution of Cyber Threats
“As long as people are coding there is going to be a vulnerability. The enemy is becoming more sophisticated,” Mike Cote emphasizes. These problems will not be solved by public policy and are better addressed by government agencies with the resources to identify and mitigate cyber threats.
3. Internet of Things
Cyber security threats are now a household worry. Sanket Patel, CEO of Securolytics cited an example of Alexa, on how endpoint devices are notoriously insecure and with a lot of data sitting on vulnerable endpoints that can be hacked, copied, and aggregated.
4. Evolution of the Chief Information Security Officer Role (CISO)
It is a Board of Director’s fiduciary duty to mandate security responsibility throughout their organization. The CTO role used to include CISO function; now the CISO role has been (largely) spun off into an independent position. CISO owns both physical and cyber security and the standards for CISOs are rising rapidly.button