Tech & Innovation

GUEST BLOG: Cyber attack – the third certainty in life

By Business & Finance
02 March 2016

We are taught that, in life, there are only two things of which we can be certain: death and taxes. Now, there’s a third: being hacked, according to cyber security expert Paul C Dwyer.

As CEO of Dublin-based Cyber Risk International, I work with clients hit by a cyber attack and those who fear they will become a target at some future time.

Our clients include large private and publicly quoted companies, multi-national industries, banks, financial institutions and State organisations working in the field of health, law enforcement, amongst others.

Knowing that hackers – whether of the mischievous or malicious kind – work in ‘collectives’ through which they invade systems, plant malware, disable networks, mine information and, at the criminal extreme, blackmail those affected and extort ransoms before releasing their grip, I am wedded to the view that it takes a network to defeat a network, and that only by coming together can organisations draw benefit from the experiences of others.

Hacking is a modern-day fact of life. Because crime knows no boundaries, and the online world is borderless. Those who engage in cyber crime can be of any age and live anywhere across the globe, beyond the reach of national law enforcement agencies.

Be they driven by the prospect of reward or the excitement that comes from hacking into some supposedly secure system, the havoc that hackers cause can be devastating. For that reason, it is the wise business leader who recognises the risk involved and takes urgent steps to guard against it.

INTERNATIONAL TASK FORCE

CEOs and IT managers will be made stronger in facing the threat of cyber attack by having immediate and uninhibited access to those who can share their knowledge and experience.

I am focused on building such a network through the Cyber Threat Task Force, a sister body of the International Cyber Threat Task Force (ICTTF) which I am also president.

On Friday, April 1st next, a sell-out attendance of some 300 delegates will attend a lunchtime meeting organised by ICTTF in the Shelbourne Hotel, Dublin at which cyber security and the principles and steps that all corporate boards should consider when seeking to enhance their oversight of cyber risks will be the focus of discussion.

The challenge facing those charged with combating cyber risk is one that is a journey and not a destination. It is an ever dynamic evolving task for which has to be an evolving dynamic response.

Only by keeping oneself ahead of changes in technology, by having confidential access to international developments in the field, by binding together in exchanging views and sharing experiences and by having direct, private-line access to a peer group with whom we can talk in a trusting and confidential way, can we, the good-guys, ever hope to fend-off the fiendish minds of those bad-guys who plot to disrupt our systems, steal our vital data and expose us to heavy losses and costs, actual and consequential.

DEFEATING CYBER ATTACK

When commissioned, Dwyer and his team work with clients across a number of headings:

  • to identify and advise clients on the range of cyber risks to which they may be vulnerable
  • to advise them on the steps that they should take to limit their exposure and reduce their level of risk
  • to set out best practice ground rules as to the steps that should be taken if a cyber attack occurs
  • to work closely with clients in repelling the attack and in repairing damage that it has caused
  • to engage with clients in learning lessons from the experience and in designing the specific counter measures to protect against any reoccurrence.
Photo (above): elhombredenegro

About the blogger

Paul DwyerA Dubliner, Paul C Dwyer grew up in north Dublin, where he attended the St Paul’s College in Raheny.

Married and resident in Malahide, he reflects on a career that began as IT manager with a large legal firm after which he had roles with Luxembourg-based Euro Control air traffic control and Chevron Oil communications hubs in Kazakhstan and what was the former USSR.

Approved by the National Crime Faculty and a member of the High Tech Crime Network, Dwyer honed his interest in cyber security during periods working with security services in the UK and USA.

He is co-chairman of the UK’s National Crime Agency Industry Group, a certified industry professional by the International Information Systems Security Certification Consortium and a member of the Information System Audit & Control Association.

Active on many fronts, Dwyer provides advisory services to a number of global bodies, including Fortune 500 companies, law enforcement and military (NATO).