More than 15,000 cybersecurity and IT leaders from 80 different countries flocked to Tel Aviv for Cybertech 2019, one of the largest cybersecurity events of the year. Most memorable about this event is it “cut right to the chase,” focusing less on the latest, flashy technology offerings and going straight to the roots of the serious cybersecurity challenges we all face.
Everywhere you went, thought-provoking conversations on the industry’s biggest pain points were taking place; even Israeli Prime Minister Benjamin Netanyahu gave a key note. Although there was great concern about the current proliferation of cyberattacks, there were thousands of positive conversations on what we – as an industry – need to do to keep our companies, governments and employees safe from malicious attacks.
Happened to miss this year’s conference? Here are the top takeaways that resonated with me and the CloudShare team.
If you’re a CISO or security leader, now’s the time to align your company
I’ve met hundreds of security professionals over the last 25 years and they’ve all been motivated by staying ahead of hackers, but it’s never been an easy process to get the entire leadership team to participate in initiatives. This has changed and this Cybertech conference was a great reflection and validation of the trends that started 10 years ago.
Company leaders finally accept that cybersecurity should be a priority because attacks are inevitable – it will happen to them. They also understand the remarkable costs and reputational damages of a data breach can be mitigated with proper security hygiene and cyber training.
According to Ponemon’s 2018 “Cost of a Data Breach” study, the third best way to decrease the toll of a data breach is training. Only an organization’s incident response team and use of encryption has a greater direct impact. Security is about solving a problem, which prompted such large companies as Palo Alto Networks to enlist technologies like virtual IT training as a solution. And remember, the hands-on experience – learning by doing – is one of the most effective ways to teach and keep ahead of potential threats.
CISOs and security leaders need to act now and take advantage of such training tools before it’s too late.
Collaborate with your competitors, academia and government
There used to be eye-rolls about collaborating with competitors. Hear me out: cybersecurity is a team sport and feedback at the event reinforced this. No one is immune to attacks and that makes everyone a stakeholder in this field. Collaboration is a direction we all need to pursue and contribute to.
In the free world of the internet and connectivity, it’s relatively easy for an attacker to find security holes in an organization. Once successful, they can then implement these same attacks to organizations in other geographies that do not cooperate and share information. As an industry, we need to find anomalies as soon as possible, and help each other.
At Cybertech, we saw the Cloud Security Alliance, an organization dedicated to defining and raising awareness of best practices to help ensure a secure a cloud computing environment. These types of organizations that bring like-minded people together and educate them to keep our industry moving forward is a great initiative. In the future, we’re likely to see similar associations, not necessarily directly involved, but contributing to collective efforts that can keep everyone ahead of rapidly emerging attack methods.
At Cybertech, the former chief of the IDF Intelligence Corps made headlines when he said artificial intelligence (AI) techniques could be used to train robots to sufficiently understand a wider range of cyberattacks and help put bad actors out of business.
While there’s excitement around the idea, our team also brought up a bigger debate – whether or not AI will be used for destructive purposes. Here’s our take: We believe there is the potential for AI to be used by attackers maliciously, though not necessarily by robots.
In the cyber warzone, we’re unfortunately going to see more automated, computerized war. While there are solutions for this, the increasing amount of data and reports generated by security software have made it difficult for analysts to spend time assessing genuine threats. This pain point was a theme echoed throughout Cybertech.
The Good News
The good news is the industry is taking steps to address this knowledge gap by introducing hands-on training, AI and machine learning threat intelligence solutions. It’s up to company leaders to keep this momentum moving by bringing these solutions into their organizations.
Interested in learning how you can train your employees for better cybersecurity outcomes? Download our e-book, “Under Attack! How CISOs Should Respond to the Cybersecurity Crisis.” It’s full of the data, ideas and resources CISOs need to educate teams and increase enterprise resilience.