— Iceberg Networks (@icebergnetworks) May 18, 2017
We’re back at Iceberg headquarters today after a one-day trip to Detroit, Michigan for the #SecureCISO CISOcamp 2017, a networking and learning event for senior security leaders. It’s been quite a week for security teams in the aftermath of the weekend’s ransomware attacks, but this event was more about looking forward as opposed to looking at what’s behind us.
We had the chance to talk to a number of CISOs, mostly in the financial, health and automotive manufacturing sectors. Some takeaways:
- The CIA (Confidentiality, Integrity, Availability) triad came up a couple times in the context of future trends. One CISO said that the “A” is going to become increasingly important, as executives want to clearly understand how security breaches and other IT issues will affect an organization’s availability – in other words, the ability to stay up and running. In addition to having solid incident response, business continuity and disaster recovery plans, organizations need to understand how IT assets are linked to the processes that support the delivery of products and services.
- A CTO from a health care organization suggested that the “I” is going to be a crucial focus. His guess is the next round of ransomware (or similar scheme) is going to target data integrity. What if the attackers don’t encrypt the data, but make a small change, for example, changing a patient’s electronic health record to alter the dosage. They won’t tell you what they’ve changed until you pay up. That kind of attack becomes literally a life-or-death situation, and would quickly erode trust between patients and caregivers. I’m sure you can easily imagine the liability, trust and reputational issues this could cause in any industry. Organizations are going to have to get a better handle on cradle-to-grave management of data.
- We also heard several times that “just being compliant isn’t enough anymore” and it sounds like that message is beginning to resonate at the executive table and in the board room. One of the attendees summed it up this way: “You have to stop making your spending decisions on ‘are we compliant’. Now it has to be: ‘If something happens, what’s the impact on our company’s reputation?'”.
- Finally, we heard about the challenge of silos within organizations, and different approaches to building more collaboration between security and other areas of the organization. It’s clear that cyber security and cyber risk is starting to become an enterprise-wide concern and responsibility, but that there’s a lot of work still to come. One guest had a very practical suggestion: Start by putting your security, compliance and privacy teams physically on the same floor in the same building, and watch how collaboration just starts to happen organically.
We always enjoy sponsoring and attending these events for the opportunity to hear directly from customers and to share some of the success stories Iceberg is having in these areas. See you next time Detroit!