by T.J. Minichillo
[This is the third of a 4-part series about what it means to be truly resilient in the cyber security industry]
In my previous post, I explained why enabling business growth is the essence of resilience and why secure, uninterrupted data flows are the heart and soul of every resilient company.
Data is the one constant in today’s complex, continually evolving IT ecosystem. It’s the currency of IT. And protecting this one asset should be every cybersecurity leader’s top priority.
COVID-19 exposed not just the technological vulnerabilities of businesses everywhere, but the incredible dependencies we place on free-flowing data to do our jobs and run our companies efficiently. In today’s highly connected world, it’s no longer a question of whether you or your company will be attacked by cyber criminals. It’s a matter of when and how long it will take to detect, negate and recover from the intrusion.
Those attacks are occurring on multiple fronts with greater impunity and bigger payouts amid a relatively low risk of being caught. The bad actors behind these attacks are highly organized and well funded, leveraging sophisticated methods and technical weaponry on a growing number of people and digital targets to hijack confidential information on a massive scale. According to Cybersecurity Ventures, global damage from cyber crime is projected to cost $6 trillion this year, up from $3 trillion in 2015.
Yet many have missed this wake-up call. News about the latest hack attacks shows how quickly trust has eroded in a majority of network monitoring and security technologies on the market today, simply because those obsolete tools failed to secure data. Yet, the knee-jerk reaction of many companies is to pay off the bad actors and keep piling on even more obsolete tools out of fear that criminals will continue penetrating their system. The one assumed premise – that data can’t protect itself – never enters into the equation. But it should.
A truly cyber resilient business prepares for the inevitable using a combination of data-centric security tools, policies and people that quickly detect and mitigate cyber attacks without interrupting the ebb and flow of its operations. Resiliency also requires a deep understanding of the risks a business faces if critical data is breached or lost.
Imagine if, in a truly cyber resilient world, today’s highly porous IT network could morph into one secure object – data itself. Every piece of data would become so intelligent that it would automatically protect itself from hackers, regardless of where the data was stored or for how long.
Imagine if every CEO knew precisely where, when, how and who accessed their business data — no matter where it went in the world or how long it was “in the wild.”
Imagine if every piece of data you ever sent would let you restrict or revoke access to that data anytime, no matter who had it or where it was kept, at the mere push of a button.
No need to imagine. That future is already here.
Every CEO and board member has a critical choice to make. Either keep plugging holes in your security dike with already obsolete tools and risk your crown jewels to an eventual cyber attack. Or streamline your entire IT stack with elegant, self-protecting data technology that’s not only simple to use but saves time, money and everyone’s sanity. When data becomes your business ally instead of a major security risk vulnerable to cyber attack, THAT’s resilience!
Let’s start a one-on-one conversation about the data security problems that you need to solve for your organization.
Up next in this four-part series, why your digital transformation journey should harness the power of self-protecting, intelligent, self-aware data technology.
T.J. Minichillo is Keyavi’s chief information security officer (CISO) and VP of cyber threat & intelligence. He is a nationally renowned cybersecurity and intelligence expert, helping to detect and thwart many of the world’s significant cyber threats. He has held strategic intelligence roles in financial services, the military and energy, including global head of threat intelligence at both National Grid and Morgan Stanley, deputy director at Citigroup’s Cyber Intelligence Center, chief cyber intelligence officer at Merrill Lynch, and senior intelligence special agent at the Department of Defense. Follow him on Twitter and LinkedIn.