Global Security Leaders: Cybersecurity Has Become a National Priority

Businesses are hunting for threats, using automation to keep pace with the growing danger.

In decades past, chief executives in many organizations considered cybersecurity a secondary issue. As billions in costs piled up in recent years, along with blaring news headlines of massive data breaches and the ouster of top executives from global brands, security took on a new level of importance, becoming a top priority for many organizations.

But even that may not be enough. The threat from cybercrime may be so great now that it is no longer merely a business issue. "This has now become about national security," said Rick McElroy, security strategist for Carbon Black, in a recent presentation at the CDW Managing Risk Summit in Las Vegas.

The summit collected top cybersecurity experts, along with IT and security leaders from businesses across the U.S. In addition to identifying the growing threat that security presents, they also highlighted policies, strategies and technologies that can help businesses address the threat.

Author and security expert Brian Krebs, in a keynote at the summit, echoed McElroy's statement, saying that "security needs to be a national priority." Krebs added that the U.S. should adopt a national strategy to identify talented individuals and train them to develop the expertise needed to fight against cyberthreats.

SIGN UP: Get more news from the BizTech newsletter in your inbox every two weeks!

Enlisting Help in the Cybersecurity Fight

While the need for cybersecurity professionals is clear, several experts at the summit recognized that humans cannot win the fight alone.

"You can't hire enough humans," said Paul Drapeau, a principal threat researcher at Carbon Black.

Artificial intelligence can automate monitoring and analysis functions that are too onerous for IT professionals. Tools that monitor network traffic and security threats compile massive amounts of data. Machine learning algorithms can spot anomalies in this data and help cybersecurity professionals uncover threats and breaches. Several vendors have developed products that automate security tasks. These tools will become more powerful and effective in the future.

"Over the next couple of years, we are going to have to get comfortable with automation," said Raja Patel, vice president and general manager of corporate products for McAfee. "There aren't enough people to keep up with the pace of change."

Go on the Hunt for Cyberthreats

It's no longer enough for cybersecurity professionals to sit back and wait for signs of an attack, several experts at the summit said. Instead, organizations are becoming more aggressive in threat hunting, a tactic in which they proactively search through their networks in a comprehensive fashion to uncover threats that have evaded discovery by other solutions in use.

McElroy encouraged businesses to become more proactive in their cybersecurity efforts, saying that the earlier an organization can stop a cyberthreat in the kill chain, the harder it is for cyberattackers to retool and renew the attack.

To uncover hidden threats, businesses must establish a standard baseline for traffic and then look for anomalous deviations. "Sets of unusual activity can suggest malware, an insider threat or an AUP [acceptable use policy] violation." Drapeau said.

Practice Makes Perfect in Cybersecurity

Several experts at the summit stressed that preparation is essential in dealing with cyberthreats. It's inevitable that attackers will eventually be successful in breaching the systems they're targeting, so businesses need an effective incident response plan. Next, they must test the plan to see how it holds up under real-life conditions and to identify weaknesses, said Sadik Al-Abdulla, director of security solutions with CDW.

Becky Palmer, director of information security with CDW, identified another benefit of testing: experience. "You don't get good at incident response without practicing at a number of levels," she said.

Krebs advised incident response planners to include key details in their efforts. The response must identify who needs to be involved and when their involvement is required. It's also important, he said, to know who does not need to be involved.

Facing a threat that has grown into a national priority, businesses will need all the practice and help they can get.

For our full array of articles and videos from the conference, check out BizTech’s coverage of the CDW Managing Risk Summit here.

juststock/iStock/Getty Images Plus
Feb 26 2018