Cyber self defence: how to protect your company from attacks

Business, Technology | Tue 2 May | Author – Business & Finance Tom Kellerman
Tom Kellermann, CEO, Strategic Cyber Ventures

Cyber security and cyber risk should be on every business’s radar. Deanna O’Connor spoke to international expert Tom Kellermann in advance of his visit to Dublin for the Zero Day Conference.

If you’ve been attempting to cruise through life with blinkers against threats to data security online, a conversation with Tom Kellermann, CEO of Strategic Cyber Ventures, is illuminating.

When it comes to cyber security he has worked on protecting some of the world’s most sensitive information, in a previous incarnation as deputy chief information and security officer for the World Bank and IMF Treasury Security Team in Washington DC.

He has advised central banks around the world on technology risk management and stood on Obama’s Commission on cyber security, as chair of the Threat Working Group and of the International Working Group.

The increase of destructive malware and attacks against corporate supply chains coupled with mobile malware is troubling

Kellermann estimates that only 5% of companies are truly on top of their cyber security, adding, “Most of these are in the financial sector and the defence industry.” At the other end of the scale he warns that “manufacturers and healthcare are the most exposed.”

While the thoughts of, for instance, a healthcare provider being hacked are ominous, every business needs to be aware of the everyday risks they are exposed to, even down to something so small as employees using their mobile phones for work. He warns: “Mobile phones do pose a significant risk as they provide a gateway in which cybercriminals can leapfrog into secure corporate networks.

“In addition we have seen an explosion of malware for mobile devices this year. Hauntingly, the malware allows for the microphone and camera to be secretly activated when triggered by a calendar alert or specific location.”

Kellermann mentions some very real fears and predictions for the future of cyber risk over the coming year, listing: “President Trump’s rhetoric per China will serve to usher in a new era of Chinese hacking; Russia’s cyber attack campaign will increase due to tensions with NATO over the security of the Baltics; AQAP will demonstrate an advancement in their cyber campaigns; destructive attacks will become the new normal.”

Destructive attacks will become the new normal

When asked what’s keeping him awake at night at the moment, and what should be on corporations’ radars, he says: “The increase of destructive malware and attacks against corporate supply chains coupled with mobile malware is troubling.”

However, advances in cybersecurity are being made all the time and he cites: “Deception technology; user entity behaviour analytics and adaptive authentication represent true advances in defence in depth” as the best things happening at the moment.

The internet is unavoidable to anyone going about their own personal business, not to mention engaged in business. It isn’t properly policed or regulated, yet we all live in the lawless cyber world. Kellermann concludes: “The internet is a hostile and lawless environment. People do not respect the dangers because it is invisible. Individuals must defend themselves and choose the corporations they do business with wisely. Security should not be seen as an expense but rather a functionality of conducting business in 2017.”

CYBER SELF DEFENCE TIPS

 Use multiple passphrases for your accounts; change these every three months and use sentences instead of passwords

 Update your OS, apps and Adobe every Tuesday evening

 Use security software for all devices

 Never use public wi-fi

 Change the password on your home wi-fi router

 Use Firefox as your browser and cut and paste links in emails into it

 Turn Bluetooth off

 Never use your debit card for online purchases; rather use one credit card just for online purchases