Last week, I was invited to speak at the 16th annual AT&T Cyber Security Conference in NYC where over the span of two days, speakers kept the audience immersed with engaging topics. Surrounded by security executives, I learned that we all share similar concerns. There were resounding messages that resonated with me that I’d like to share as my key takeaways from the event.
#1: There is no singular problem when it comes to bolstering security
The problems that plague information security are clearly distributed throughout the organization. Depending on where you sit and what your day job is, the task may seem dramatically different but it truly affects the entire organization. Stronger security is everyone’s issue and responsibility.
#2: Detecting and mitigating threats cannot be addressed by a “one-size-fits-all” solution
It was clear that whether we were discussing data leakage, social engineering, cyber-attacks, malware, intrusions, DDoS, fraud, etc., not only was the problem distributed, but so was the answer/solution.
#3: Today’s solutions are momentary and fleeting in face of the macro-level trends
As disheartening as this sounds, the things we need to accomplish today are similar to temporary scaffolding on a building at a construction site – it is important, but not permanent. This was very hard for many to hear, however, there were three macro-level trends which pervaded the conference which will be incredibly disruptive to most current security solutions and will make them less effective:
The Internet of Things (IoT) - easily surpassing BYOD as the major concern
Movement to Cloud Delivery Models – making permanent the porous perimeter
Virtualization of Network Functions – SDN & NFV no longer make routing predictable
In the midst of these conversations I was invited to provide a presentation on the topic of Cyber Warfare. I discussed how today's cyber-attacks are not just a nuisance or isolated simple events. All too many subscribe to the notion that a cyber-attack is just about volumetric attacks and all you need to do is buckle down to weather a storm that will eventually pass. I also tried to drive some salient points on how not planning and studying this threat has proven to be foolish.
For the conclusion of my discussion, I summarize the points that cyber-attack storms shouldn’t be weathered alone. The following criteria should be considered when conducting an assessment on the capabilities of one’s organization:
Quality of Attack Detection: Do you have accurate and effective protection against all vectors of attacks?
Time-to-Detect: Speedy attack mitigation. Many vendors actually take a lot of time.
Time-to-Mitigate: This includes the time to detect and to react effectively; a very important parameter. Only the best service providers achieve client satisfaction in this area.
Quality of Mitigation: Make certain that legitimate traffic is not suffering while mitigation is occurring and vice-versa.
Detailed Reporting & Response: Today, even large enterprises don’t have the expertise and resources to handle large scale and prolonged attack campaigns. Small to large online businesses require an ‘easy button’ too – that is a system that provides total end-to-end service for the entire threat spectrum.
At this year’s AT&T Cyber Security Conference we learned that attacks are becoming more business relevant. In the past three years the frequency and complexity of attacks have grown and now it is easier than ever to tell who has gone down, who has stayed up, and who has helped them along the way. For me, the event poignantly highlighted powerful trends and proved to punctuate the omnipresent threat that grips businesses today. It was definitely a conference that was well worth attending.
You can click here to view a version of my presentation.