Cyber Security Issues Reshaping Our World

World leaders and business luminaries are gathering for the World Economic Forum (WEF) Annual Meeting this week to discuss “the Reshaping of the World.” Given the high-profile data and security breaches in the past year, I am keeping a close eye on the conversation coming out of Davos.

Whereas hacking used to be a “black art” form, it has now shifted to a calculated science intended to gain access to intellectual property for economic gain. The 2013 Cost of Cybercrime Study revealed that the time it takes to resolve a cyber attack has increased by nearly 130 percent over the past four years, with the average cost to resolve a single attack now totaling more than $1 million.

As I’ve written before, hackers are now working together in an online adversary marketplace. The actors organize and specialize in one aspect of the cyber attack process, and sell the information or access they gain to others who specialize in the next step of the cyber attack process, and so on. At HP, we define the cyber attack process as:

  1. Research – Adversaries try to build profiles about our people and the environment
  2. Infiltration – They use these profiles to target us through several methods, including social engineering
  3. Discovery – Adversaries use access points to create internal map or sensitive assets
  4. Capture – They capture the information they care about
  5. Exfiltration – They take out the information and sell or use it for other purposes

To better defend their enterprises, executives must understand the different stages of a breach. Building defenses at each stage of the cyber attack process will help organizations to stop attackers from successfully completing each step in the process and therefore more effectively  protect the company’s assets and reduce potential damage. 

While we have seen growing awareness at large companies about cyber threats, smaller business and private companies still need more education. Many companies continue to linger behind the eight ball, reacting only after a breach has been identified instead of proactively building a response to disrupt the adversary at each step of the cyber attack process.

One way we can improve the cyber security landscape is through increased cooperation and information sharing between the public and private sector.  Unfortunately the data shared in these exchanges is often too dated or redacted to be of any value to security professionals.  The   global law enforcement community also needs to build better and more consistent policies so that known criminals cannot hide easily in the open.  We also need to address the cyber security skills gap, as demand for security expertise outpaces the pool of talent.

My colleague Jacob West and I discussed these and other security issues in a recent interview for the World Economic Forum newsletter. We’re seeing industry collaboration come through groups like WEF and FS-ISAC, but additional collaboration is critical. We need to take a page from our adversaries’ playbook and work together in the face of emerging cyber threats.