FREMONT, CA: Cyberattacks are perceived as the global risk of highest concern to business leaders in advanced economics. Addressing the concerns, experts at WEF spent a year compiling a playbook for cyber resilience that identifies 14 policy areas where there needs to be public-private cooperation. Davos will also see the launching of a Global Centre for cybersecurity to facilitate that cooperation.
There is a need for a new model for a global security platform that combines governmental and private entity resources to counter the challenges on the emerging threat horizon. Davos, where the world’s biggest stakeholders come together is the best place to start the discussion.
It is necessary to have governmental groups like the European Commission or representatives from governments or civil services of various nations to come together to engage more with the private sector.
Pinpointing blame for a cyberattack takes a blend of cutting-edge digital forensics, traditional intelligence, ever-better defensive technologies, and more robust public-private corporations including threat intelligence sharing. Conflict managers in the public sector will be wise to have all available resources collaborate on attribution and response design – while deflecting public clamor for quick revenge.
Traditional defence is simply not enough. Companies should do more than monitor and access threats. They need to be proactive about collecting intelligence and context about attackers of they truly want to defend their networks, organizations must complement commercial threat intelligence sources with analysis about all potential vulnerabilities within their network.
Focus on making companies more secure through automated and integrated solutions. It is not possible to solve the security problems of speed and scale without adopting the solutions of integration and automation. When breaches happen, mitigating the impact of the breach before data is stolen is a win. In 2016, a dwell time globally of 99 days before a breach is detected. This is the time between a hacker compromises a system and the organization either detects the breach or is notified by an external party of the breach. That dwell time needs to shrink to 10 minutes to become successful in mitigating the impact of the breach.
One of the most pressing areas is how to best secure IOT devices. Malicious botnets incorporating IOT devices are extremely representative of today’s evolving threat landscape and recent IOT threats have challenged collective defences.