Wednesday, November 27, 2024

Trending Topics

HomeInnovationWhy Ingenuity Will Set The Board In The Next Wave Of Cyber Innovation

Why Ingenuity Will Set The Board In The Next Wave Of Cyber Innovation

spot_img

Innovation Why Ingenuity Will Set The Board In The Next Wave Of Cyber Innovation Kevin Lynch Forbes Councils Member Forbes Technology Council COUNCIL POST Expertise from Forbes Councils members, operated under license. Opinions expressed are those of the author. | Membership (fee-based) Jul 14, 2022, 09:15am EDT | Share to Facebook Share to Twitter Share to Linkedin CEO and board member at Optiv , a cyber advisory and solutions leader.

Getty Most of the time, ingenuity is a good thing. Think of the phrase “Yankee ingenuity”—it connotes everything from technical know-how to genius-level inspiration. In the cybersecurity world, we’re in kind of an “ingenuity faceoff” with threat actors—and the race couldn’t be closer.

With the attack surface growing at an astounding rate, hackers are innovating at a pace to match. In response, we see a rise in companies taking on cyber insurance to insulate themselves from the burden of a potential ransomware attack. Unfortunately, this can sometimes have the opposite effect.

As my colleague, James Turgal, noted in a piece in the Washington Post , “Hackers themselves are sometimes targeting companies specifically because they have insurance. ” Additionally, survey results show that “83% of successful ransomware attacks now include alternative extortion methods, such as using the stolen data to extort customers (38%), exposing data on the dark web (35%) and informing customers that their data has been stolen (32%). ” So, what’s next? The good news is that hackers will eventually face any number of challenges.

The FBI and other agencies are going to get better at repatriating payouts, and insurance companies are going to start constraining those payouts. In fact, we’re already seeing just that in France, where the insurance company AXA announced its plans to stop ransomware crime reimbursement . MORE FROM FORBES VETTED Hop On These Back-To-School Prime Day Deals Before They Expire By Jason R.

Rich Forbes Staff The Bestselling Nanit Pro Smart Baby Monitor Is $90 Off For Prime Day By Lex Goodman Contributor To help us theorize beyond that, indulge me in a brief thought experiment. Imagine you’re a hacker—be it organized crime, nation-state based or even just a misguided individual—in a point-to-point negotiation with a corporation. Although you have leverage against the company in your threat to shut them down, they’ll eventually raise their resilience and spend more on backups and air gapping.

This buys the organization time, thereby weakening your leverage, challenging your one-to-one negotiating relationship and keeping you more exposed to regulators. As a hypothetical hacker, what’s your next move? Instead of a one-to-one negotiating relationship, what would happen if you took all the company’s data in containers? Instead of extracting it and holding it ransom, you extracted it and sold it to the highest bidder, using a blockchain and untraceable ledger, with cryptocurrency running across that ledger. This essentially expands your negotiating leverage and moves it from one-to-one to one-to-many transactions, creating far more price inclination on the value of the data given the auction-type approach.

This “malicious auctionware” would make it harder for companies to restore and the authorities to track. Now, my intent here is not to give the bad threat actors ideas. Rather, it’s to help organizations anticipate what might be next, so they can manage cyber risk and build resilience now, come what may.

The reality is that cybercriminals can penetrate 93% of company networks . With that fact in mind, organizations must assume their operations will be interrupted at some point. The first step in building cybersecurity resilience is to determine how much disruption a company can handle before the impacts become intolerable, then develop a plan to mitigate them.

This strategy should identify the most critical products and services, then make them—as well as the business processes, systems, people, assets, data and locations that support them—more resilient. Once established, resilient models help vanquish the tired ones that have security teams reacting to yesterday’s news. They instead shift an enterprise to a proactive posture that’s poised to bounce back from adversity and overcome threats in their myriad forms.

Implementing a solid cyber resilience framework can also enhance existing recovery capabilities by determining: • Where existing recovery solutions are adequate. • Where integrating enhanced security controls (i. e.

, data-isolated, air-gapped and vaulted solutions) are required. • Visibility to business-critical data for adequate and efficient backup workflows. To take the lead in the ingenuity race, we need to keep an eye on the horizon and be resilient.

Building organizational resilience will holistically and programmatically support an organization’s capability to identify, protect, detect, respond and recover in a radically changing threatscape. As Winston Churchill once said, “This is no time for ease and comfort. It is time to dare and endure.

” Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify? Follow me on LinkedIn . Check out my website .

Kevin Lynch Editorial Standards Print Reprints & Permissions.


From: forbes
URL: https://www.forbes.com/sites/forbestechcouncil/2022/07/14/why-ingenuity-will-set-the-board-in-the-next-wave-of-cyber-innovation/

DTN
DTN
Dubai Tech News is the leading source of information for people working in the technology industry. We provide daily news coverage, keeping you abreast of the latest trends and developments in this exciting and rapidly growing sector.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

spot_img

Must Read

Related News