A range of pressing cybersecurity issues was discussed by members of the RSA Conference advisory board during a virtual session this week.
The panelists began by highlighting the elevated profile of cybersecurity during the COVID-19 pandemic, which is increasingly coming to the attention of business leaders. Caroline Wong, chief strategy officer at Cobalt, noted that “when I began my career, I really had trouble explaining to folks what it was that I did.” Now though, “everyone understands data breaches and that they happen.”
Despite the industry’s enhanced status, Wong believes there has been very little change in the main security risks facing organizations. For example, she pointed out that the OWASP Top Ten Web Application Security Risks listed in 2003 and 2021 “are frighteningly similar,” despite an enhanced understanding of how to find and fix vulnerabilities. As a result, she said the cybersecurity industry needs to focus on getting back to basics and getting the fundamentals right.
Dmitri Alperovitch, executive chairmanof Silverado Policy Accelerator, has observed security teams and CISOs gaining more exposure to boards and c-suites during COVID-19. Organizations that enable CISOs to have such exposure have the best security because it “sometimes involves saying no to the business” when boardroom ideas are too risky. “They need to be there when critical decisions are made about product strategy, business strategy and market strategy,” he commented.
Dawn Cappelli, vice president, global security, and CISO at Rockwell Automation, said that increased executive involvement in cybersecurity has led to the development of cloud environments with built-in security, which is very positive. However, organizations mustn’t lose sight of the fact that there are still many on-premise legacy applications that are business-critical. “I find that the asset management and vulnerability management can slip because you’re so enamored with the new stuff,” she said.
Ransomware
Attention then turned to trends in ransomware attacks, with Alperovitch observing an interesting change in approach by cyber-criminals. “We’ve not seen any attacks like Colonial Pipeline, Kaseya or JBS in recent months,” he noted. “But we’ve seen numerous attacks on smaller organizations, hospitals, school districts and many companies in critical infrastructure.”
He highlighted the recent arrest of members of the notorious REvil ransomware group by Russian authorities as a positive development. If Russia does continue to crack down on these groups operating in their country, there will be significantly fewer attacks.
Nevertheless, Cappelli said it is important to recognize that ransomware attacks are still “happening all the time,” with many not reaching public knowledge. “It’s just too easy; why would ransomware attacks stop when it’s easy and low risk?” she asked.
No tags.
