Cybersecurity

What Would Bobby Fischer Do? Taking a Cybersecurity Lesson from a Chess Master

By |May 7th, 2015|Categories: Technology|Tags: , , |Comments Off on What Would Bobby Fischer Do? Taking a Cybersecurity Lesson from a Chess Master

There’s a great expression that those of you who study chess will be familiar with. A Master will often tell a student to “look at the whole board,” but this instruction is not to be taken literally. It means that the student needs to consider several things: One, the potential impact of all the moves that have been played; two, all the potential moves they can anticipate making through the end of the game, and three, all the moves they can anticipate their opponent making. A small expression to describe a herculean task! Now, although this saying could be applied to many situations, a chess game is far easier to conquer than, say, cybersecurity because you have one opponent and can study his strategy. In the realm of cybersecurity, however, your opponents are legion and their weapons are many.

Protecting your digital assets is very much like looking at the whole board. A proper defense is not just one thing, but comprises a systematic construct of what you know (past events, known best practices, proven strategies), what measures you plan on putting in place, and the anticipation of what your adversaries might try to do.  This would be augmented by an endless cascade of if/then planning and dry runs to prepare for an attack.

A security program should not be static but a living, breathing thing that is ever-changing based upon the observations you make and information you gather. It is a series of defenses and actions premised on what your opponent is doing to others, and perhaps will do to you. For this reason, technology alone won’t guarantee success. While best practices around firewalls, protection systems, network configurations, passwords and processes is essential, people—as in
[ Read More ]

Hackers Aren’t Waiting. Why Are You?

By |February 11th, 2015|Categories: security|Tags: , , , |Comments Off on Hackers Aren’t Waiting. Why Are You?

Hackers Aren’t Waiting. Why Are You?

Why is Cyber/Computer Security so far down on your to-do list? If your reasons are any of the following, you might want to reconsider your priorities.

Let’s address each of these points in turn.

They can’t find you.  On a recent episode of 60 Minutes, Dave DeWalt, CEO of cyber security company FireEye, asserted that 97% of all companies are being breached. Ninety-Seven percent. So, unless you truly live off the grid, you have likely had a breach already. The real question is how bad is the damage?

They can’t find your valuables.  These criminals are very sophisticated and have the knowledge, tools and patience to find your sensitive data and exploit it.  Hacking has evolved from the lone geek making mischief to an actual profession and, as Lance Cottrell, Chief Scientist at Ntrepid and expert on security and privacy writes, “In most breaches, it turns out the hacker has been inside the network for months.”

Your valuables aren’t worth it.  Wrong again. They aren’t always interested in your data; often they are interested in your financial partner, investor, supplier and customer. Anything sensitive they can sell or make profit from.

You have other priorities.  You will always have other priorities. But believe me, if the hackers come—and they will—you will have to deal with the fallout and that will become your new priority.  With several methodologies at hackers’ disposal such as viruses, malware, botnets and ransomware, cleaning up the damage will be more involved than you think.

You don’t know where to start. Improving your security begins with having a prioritized list of actions based on risks to your company.  A risk assessment will accomplish that and, at the same time, help you raise
[ Read More ]