CYBERSECURITY: FIVE KEY QUESTIONS THE CEO MUST ASK


Posted February 22, 2021 by aliceworly12

Every company is a target because they have data and there are too many doors, windows and entryways for cyber attackers to get in, whether on-premise or in the cloud. It is not a question of if, but when, the attackers will get in.
 
Every day, somewhere in the world, a company falls victim to cyber attackers, even if millions have been spent on cybersecurity.

Every company is a target because they have data and there are too many doors, windows and entrances for cyber attackers to enter, both on premise and in the cloud. The question is not if, but when, the attackers will enter.

Prevention efforts are important, of course, but since attackers will invade, equal attention must be paid to detection in the future. And the focus must be on early detection or it will be too late.

My book, Next Level Cybersecurity, draws on intensive reviews of the world's biggest hacks and reveals the attackers' signs that companies are either missing or not knowing how to detect early, apart from all the noise. Thus, the attackers slip through cybersecurity, go unnoticed and steal data or do other damage.

In the book I explain the Cyber ​​Attack Chain. It is a simplified model that shows the steps cyber attackers follow in just about every hack. There are five steps:
external exploration;
intrusion;
lateral movement;
command and control; and
performance.
At every step, there will be signs of the attacker's behavior and activity. But the signals in the break-in, sideways movement, and command and control steps provide the greatest value because they are on time.

The remote reconnaissance step is very early and the signals may not turn into an attack, while detecting signals in the execution step is too late because by then the data theft or damage has already occurred.

My research uncovered 15 important signs in the intrusion, lateral movement, and command and control steps that should be the focus of detection.
My research into the world's biggest hacks shows that if the company had detected signals from the attackers early, during the break-in, sideways movement, or command and control steps, they could have stopped the hack and prevented the loss or damage.

My book shows how to detect the signals over time, using a seven-step early detection method. One of the most important steps in this method is mapping relevant signals to the crown jewels (critical data, IP or other assets). It's a great use case for machine learning and AI. There is a lot of noise, so machine learning and AI can help eliminate false positives and expose the attackers' signals early on to stop the hack.

There are two blind spots affecting just about every business worldwide that will be exploiting cyber attackers from 2019 onwards, which companies need to recover.

A blind spot is the cloud. There is a false sense of comfort and lack of attention to detection, because the cloud is thought to be more secure because of the cloud provider's cybersecurity or because the cloud provider has a turnkey surveillance system. However, if the company fails to identify all of the crown jewels and map all relevant cyber attacker signals for monitoring, the attackers will enter, go undetected and steal data or do other damage in the cloud.

The other blind spot is the Internet of Things (IoT). IoT devices (eg, Smart TVs, webcams, routers, sensors, etc.), with 5G on the move, will be ubiquitous in companies around the world. While IoT devices offer many benefits, they are a weak link in the chain due to poor built-in security and lack of monitoring. Cyber ​​attackers will focus on IoT devices to make the break-in, then turn to get to the crown jewels. Detecting early signs of cyber attackers attempting to exploit IoT devices is critical.

Companies around the world need to make cybersecurity a priority, starting in the boardroom and with the CEO. It all starts at the top. In any case, my intensive discussions of the world's greatest hacks reveal a common theme: insufficient or lack of oversight of the cybersecurity of the CEO and the board.

Here are five key questions from my book that the CEO should take charge and along with the board of directors ask the management team to ensure that the company doesn't become the next victim of cyber-attackers and sustain significant financial and reputational damage:
Have we identified all of our crown jewels and are we not missing any?
Do we know where all the crown jewels are?
Have we identified all the ways cyber attackers can get to the crown jewels?
Have we identified highly likely signs of cyber attackers trying to reach the Crown Jewels with each Crown Jewel?
Do we sift through all the noise to detect signals early and report to the CEO and board in a dashboard report for a timely overview?
If your answer is No to any of the questions or if you are not sure, you have a hole or blind spot and are at risk, and you need to follow up to get a strong confident Yes answer.

In my book, Next Level Cybersecurity, I provide other important questions to ask and a practical seven-step method to take cybersecurity to the next level to stay one step ahead of the attackers. It is written in plain language for boards, executives and management, so that everyone can align and work together to reduce one of the most important and disruptive risks we face today, cyber security.
-- END ---
Share Facebook Twitter
Print Friendly and PDF DisclaimerReport Abuse
Contact Email [email protected]
Issued By Alice Worly
Country United States
Categories Internet
Tags cyber attackers , cyber crime , cyber security , cyber threats
Last Updated February 22, 2021