Undefined Terror…

…consumes any cybersecurity professional, circumstantial response personnel or senior executive when hearing the dreaded word “hacked”. A minimum of this was the case some years ago. In today’s world, not such a lot. The implications of being “hacked” mean various things to different people and vary counting on perspective. they're drastically different counting on if you're a company executive tasked with IP and system security, a health care company trying to manage HIPPA requirements and your medical record, your local national hardware chain struggling to secure PCI related transactions and your customer information, or mom trying to shop for that new book online. (I won’t even mention junior snap chatting or posting pics on his Facebook page with geotagging metadata or other personally identifiable information). This is often not unique to the private sector. Even our most trusted, and supposedly most secure, systems and infrastructures managed by a broad range of Federal agencies are rife with major security breaches and mass exfiltration of knowledge. We hear these on the news on an almost weekly basis. It’s become the new normal. People are numb. We’re now seeing active penetrations targeting geopolitical outcomes with the recent revelation by Crowdstrike security in identifying two Russian intelligence-affiliated adversaries through their malware “fingerprints” and C&C (Command & Control) IP addresses embedded within the payload because of the source of the compromise. This represents a serious shift within the overall complexion of cybersecurity by leveraging information to influence election outcomes of another country. Cyber-attacks are typically perpetrated by individuals, gangland or nation-states motivated by obtaining classified data, money, property or specific information to further their respective goals. Now we have got a game-changer. These events aren't lost on industry professionals and agency security agencies, except for the overall public, it barely transcended two news cycles and only came up another time when the Republican presidential nominee made the off-handed remark about missing emails. But this is often not about politics. It’s about the state of things today and what if anything is feasible or practical for the longer term.

 My concern is restricted to Industrial Control Systems (ICS) and important infrastructure where we’ve already seen catastrophic events thanks to security breaches 

No Lack of Technology…

...exists within the Cyber Security landscape of intrusion detection and prevention and it's continuously improving. Intrusion prevention and detection systems, advanced stateful firewalls, centralized SIEM logging aggregators, encoding, endpoint protection, net flow monitors, and packet capture systems are commonplace within the “best practices” security architectures today. It’s all about defense-in-depth and layered security right? This is often the Tao. What appears to be the foremost common issue is that the ability to effectively manage and monitor these systems?

Take a number of the newer large scale breaches within the news. In 2014, a well known Big Box national hardware chain initially reported a breach lasting 3 weeks leading to the exfiltration of 56 Million customer’s data and credit open-end credit info and 53 million email addresses. the particular duration of the presence in their network exceeded 400 days. Leading to potential losses thanks to the fraud of up to $3 billion dollars consistent with CBS news. Actual losses are still undecided but initial conclusions were around $63 million. To their credit, the breach was indirect but hit one among their self-checkout POS terminals employing a 3rd part vendor logon. the particular impact on customers is yet to be seen but all those affected received free credit monitoring and identity protection for a year as a conciliation prize. In 2015, the typical time to detect a breach was 98 days for financial institutions and 197 days for retailers. Can we really think as a modern-day society more and more hooked into technology that this is often sufficient?

Home Depot, Target, Wendy’s, Department of Energy, Office of Personnel Management, the IRS! The list goes on and on.

I still can’t believe that only one week ago I received my third letter from an agency, this point from OPM (Office of Personnel Management), informing me that thanks to a huge cyber-security breach; my sensitive and detail personal background data had been stolen alongside some 20 Million (That’s MILLION with a capital M) people including contractors, relations et al. who had undergone background checks for federal employment. Everything from Social Security numbers to birth dates, even fingerprint records; was disengaged from Office of Personnel Management systems. Before that, it had been the Department of Energy sending me greetings. And before that, Target and residential depot. All expressing regret and concern, and offering that very same credit fraud and identity monitoring service to place me comfortable and forget the matter.

Twenty-six odd years into the digital age and therefore the internet, we as a society have yet to return to terms with what has become a drag of epic proportions. And if we don’t affect it intrinsically, it'll eventually make e-commerce and therefore the internet itself unsustainable. My area of concern is restricted to Industrial Control Systems (ICS) and important infrastructure where we’ve already seen catastrophic events thanks to security breaches. Both the Iranian nuclear programs and therefore the Ukrainian power system are the foremost recent well-known examples. Any system is often breached. It’s just a matter of time. Advanced Persistent Threats and hacking tools and techniques are only becoming more prevalent and pervasive and don't require an excellent deal of experience on the part of the hacker since most are often acquired instead of created. Phishing techniques make it even easier. Securing human and employee behaviors are a completely separate challenge. Remember that you simply and your team must be right one hundred pc of the time to be effective. Hackers only got to be right once.

Check out: Top Cyber Security Companies