What's Luck Got To Do With Cybersecurity

What's Luck Got To Do With Cybersecurity

Kunal Sehgal, Executive Director, FS-ISAC Asia Pacific discusses how IT teams across APAC can create their own luck

The Roman philosopher Seneca once said, “luck is what happens when preparation meets opportunity.”

From a cybersecurity perspective, the objective is not to get lucky once or twice, but to stay lucky. You hear it time and again, “you just need one hacker to get lucky and you could be compromised.”

Seems like cyber teams across the Asia Pacific sure could use some luck. According to Frost & Sullivan, economic losses from cyberattacks in Asia Pacific are costing the region US$1.745 trillion or 7 percent of the blocs total GDP.

Luck is not completely beyond one’s control, cyber teams can create their own good fortune. And as cybersecurity becomes a top concern for organizations across all sectors, chief information security officers (CISOs) and information technology leads in any organization sure could stand to gain from making their own “cybersecurity luck.”

Always Vigilant Never Complacent

Organizations agonize over their cybersecurity posture and larger firms can be relatively confident of their safety. But one must always stay vigilant and ever watchful. No one wants to be the organization that got hit by a cyberattack which could have been prevented with basic security measures.

The cybersecurity landscape is no doubt one of the fastest evolving fields today. The threats of tomorrow are bound to be different from the threats of today. Unfortunately it is a tall order for any organization to fight the plethora of threats on their own. Becoming a part of an information sharing network to stay ahead of cybercrime is an easy way to double or triple your cyberarmy.  

Feel the Pulse

Staying up-to-date on the latest developments is key and requires active involvement from your entire organization. All employees need to be trained on the latest security best practices and know how to spot suspicious activity in their day-to-day jobs, serving as the first line of defense.

Besides being a part of an information sharing network, attending industry conferences to learn, network and partner with other industry leaders is another great way to stay ahead of cyberthreats.

Network to Build Circles of Trust

When a cyberattack springs out of nowhere, or a new technical challenge presents itself, you never know who may be able to help. Get out there and network regularly.

The stereotype of technology professionals being hermits is far from truth. To be effective, we must work together, know each other and build trust. Connect with peers, attend networking events and leverage social networks like LinkedIn to amplify connections. With cybercriminals networking 24/7, it is important for the industry to leverage the strength of our network well. 

Share and Collaborate Effectively

For those that haven’t been doing it all along, there is sometimes hesitation when cybersecurity teams within an organization are looking to share threats with the industry. Thankfully, this is changing. 

We are inherently comfortable sharing information with people we know and trust. But what happens when your circle expands to several thousand people around the world? As communities get larger and as personal connections are harder to establish, third-party facilitators become important for fostering circles of trust.

Organizations like ISACs allow communities, industries and sectors to get around various challenges for intel sharing. They also enable problem solving within a given sector and often across multiple sectors, borders and continents to connect different entities which may be trying to solve for the same challenges. This is done through the Traffic Light Protocol (TLP) -- a set of guidelines which dictate how and with whom information may be shared -- a set of operating rules, a secure member portal and smaller trust circles created for specific communities of interest within a given sector and even face-to-face conferences, smaller country-level member meetings and exercises.

Additionally, there is a general hesitation among corporations to declare cyberincidents. Often lawyers and policy setters in organisations tend to dissuade firms from announcing breaches for fear of losing trust among their customers. There is an overall need to improve willingness to share information and share it quickly. The quicker a threat is shared the more chances other companies have to put defenses up in place to avoid the same fate.  

When it comes to cyberintelligence, the more reliable data you have, the better your decisions can be. Access to data enables security teams to identify threats as they are emerging and respond quickly when they do. The stronger our connections to one another become, the more our communities will be.

Companies that do share don’t just benefit themselves but the entire sector as well – now that is powerful. And we are lucky for it.

News from Asia Pacific

To encourage this collaboration and sharing, FS-ISAC hosts regular meetings and events across the region and  monthly threat calls. We have meetings coming up in Jakarta, Indonesia and in Bangkok, Thailand. We invite the financial sector to join us and learn more about the latest cyberthreats, and how to make better use of cyberintelligence.

 

Bangkok Member Meeting

26-Sep-2018, at 08:45 – 14:00

Venue: Bangkok Bank Head Office,  Level 2 InnoHub Space, 333 SiLom, Khwaeng Silom, Khet Bang Rak, Krung Thep Maha Nakhon 10500, Thailand

Click here to register

 

For more on these and future member meetings,  follow us on Twitter @FSISAC and join the discussion on LinkedIn or visit www.fsisac.com.

Copyright 1999 - 2018 FS-ISAC, Inc.  |  All Rights Reserved. Privacy Policy