Are attackers doing things at a technology level beyond what most organizations can achieve at a protection level? Another Gartner play-by-play.
Bright and early on the third day of the Gartner conference for the keynote, it was a packed house for Israel’s Karen Elazari’s: ‘Lessons we can learn from Hackers.’ After so many presentations stressing how difficult securing your organization has become, Karen’s message was like a refreshing spring shower.
Hackers are innovators. They are challengers to the status quo and in a digital age, have great potential to be a force for good. A threat needs to be demonstrated in order to initiate a solution, right? Friendly hackers, Karen claims, can be the ones who provide us with no less than a digital immune system. And we need it! Devices already outnumber people on this planet by far. Everything has value for a criminal, a spy or an adversary. Our trust can be eroded in an instant and then chaos ensues. Also, things are connected in ways you would never expect them to be. One such story involved a mountain cable car somewhere near Innsbruck in Austria, and insecure coding which found on GitHub that was able to alter the speed and direction of that same cable car type. A coincidence?
Yes, Karen agrees that 80 percent of security is science, but 20 percent – the art of security – still requires human intelligence. The adversaries are human and it’s a continual struggle of who outwits whom. Karen advocates far more widespread red team testing.
So good to have this message clear and loud with ESET multi-layered approachand our R&D teams around the globe to confirm this this trend. She’s enthusiastic about bug bounty programs like hack the Pentagon. Most important of all she stresses accessing hacker talent, getting it on your side, and making it a legitimate career path (and not just male-dominated). As a US general announced at the recent DEFCON hacker’s convention in Las Vegas. ‘In this room… here is the talent our nation needs.’
From hacking I moved on to a presentation by Gartner analyst Jonathan Case about Phishing, and the depressing fact that in 20 years we haven’t fixed it. On the contrary, it’s a bigger problem with each passing year. (500 million USD lost in 2017, a huge increase on 2016.). The number one lure interestingly is still the fake invoice. We’re conditioned by cognitive bias to satisfy our curiosity, especially if combined with a sense of urgency.
So, what can an enterprise do? In a nutshell set the framework to limit uncertainty. Establish and maintain official enterprise email and social identities. Define and communicate widely what will and will never be communicated. Offer multiple ways to report suspicions about messages. Respond to Phishing attacks swiftly and comprehensively. Simply put, create effective response mechanisms to minimize attack threat surface.
And of course I didn’t want to miss this one as I was sure it would offer a nice line spiced with British humor and elegance as delivered by Gartner analyst Ian McShane. He sketched out a vision of the Endpoint protection platforms market and what key challenges the market needs to overcome to effectively address security needs of different enterprise level organizations. It might come as no surprise that malware/ransomware protection, detection of suspicious endpoint behavior, agent impact on endpoints and vendor support are top of mind for these enterprises. So good to hear we got this covered for them at ESET.