Richard Rushing, Chief Information Security Officer, Motorola Mobility, discussed the cybersecurity landscape and how organizations can take the right steps to mitigate the effects of cyberattacks in his keynote presentation to Argyle’s CISO membership at the 2017 Chief Information Security Officer Leadership Forum in Chicago on May 4. In his presentation, “Fast Crime, Friendenemies and the Borg the State of Cybersecurity,” Rushing explained how organizations can strengthen and simplify their cybersecurity plans.
According to Rushing, cybercrime is a major problem, one that affects organizations of all sizes and across all industries. As such, organizations must learn about cyber threats, or risk suffering time- and cost-intensive cyberattacks.
“Cybercrime exists, and it’s getting faster and faster,” Rushing stated. “The bad guys know how organizations work … and if [big] organizations cannot protect themselves, how are we going to do it?”
Ultimately, organizations must accept the fact that cyberattacks will occur, regardless of the time and resources that they dedicate to cybersecurity measures, Rushing said.
“Cyberattacks are going to get worse. They are moving targets, which means that metrics that we are trying to use … are skewed to one side.”
If an organization understands cyber threats, Rushing noted, it may be better equipped than others to minimize the effects of cyberattacks. Also, this organization may be able to keep pace with rapidly evolving cyber threats and reduce its cyber risk over an extended period of time.
“Bad things are going to happen. We can try all we want to, but [cybercrime] is still going to occur,” Rushing noted. “And it’s getting easier for [cybercriminals] … because cybercrime is done at the speed of electronics.”
Today’s cybercriminals can be tough to identify, according to Rushing. This trend likely will continue over the next few years, and organizations must have tools and processes in place to help identify cybercriminals quickly.
“You really can’t see cybercriminals coming in and out unless you’re looking for them on a regular basis,” Rushing pointed out.
On the other hand, organizations frequently face both internal and external cyber threats, Rushing stated. Internal and external cyber threats endanger organizations around the world, and organizations must be able to understand why these problems are happening.
“We have less oversight than we used to,” Rushing stated. “We have bad behavior … and people are doing expense fraud, and that’s always going to be there. But you have to look at other things.”
With the right approach to data management, organizations can better understand the root causes of cyberattacks, Rushing said. These organizations can identify weak points in their cybersecurity strategies and transform these weaknesses into strengths. By doing so, organizations can understand the differences between internal and external cyber threats and pinpoint the cause of a data breach faster than ever before.
“You have to know the difference between accidents and the intent where employees are purposefully trying to steal information from an organization,” Rushing noted.
Organizations also must understand that cyberattacks often involve more than just money. In fact, cyberattacks often are used to steal an organization’s sensitive information – something that can put an organization, its employees and its customers in danger, Rushing said.
“You have to know the difference between accidents and the intent where employees are purposefully trying to steal information from an organization.”
“It’s not just cash that’s stolen. It could be just information itself that is taken … because that has value,” he pointed out.
The size and severity of cyberattacks will increase over time, Rushing indicated. Organizations that prioritize cybersecurity metrics – and understand the true value of these metrics – may be able to find innovative ways to bolster their cybersecurity strategies.
“Cyberattacks are going to get worse. They are moving targets, which means that metrics that we are trying to use … are skewed to one side,” Rushing stated. “If I look harder at things or look at new avenues … my metrics are going to go up.”
Cybersecurity professionals should be unafraid to voice their concerns within an organization, Rushing said. If these professionals share their expertise, they can start a conversation around cyber threats that may lead to myriad cybersecurity strategy improvements.
“Understand what you’re trying to do so you can work with the metrics accordingly,” Rushing said. “Your job is to voice your concerns about making a cybersecurity decision … but always understand that when you do, the genie is out of the bottle.”
In addition, cybersecurity professionals should be prepared to deal with C-suite executives, employees and others who may disagree with their ideas. If cybersecurity professionals understand why certain individuals oppose various cybersecurity strategy improvements, these professionals may be able to brainstorm unique solutions to a variety of cybersecurity problems.
“Be reasonable and convince … and look for the people that you’re going against,” Rushing stated. “Go talk with these people and find out why they think a certain way … [because] maybe they have some other ideas.”
Visit Argyle Executive Forum's 2019 CISO Leadership Forum: Security 3.0 – Shifting to Automation in New York, NY on Nov 13, 2019