From hacking cars to stealing state secrets and instances of retaliation, there is a real-world awakening to just how expensive and dangerous it is to recover from a cyberattack.
TODAY'S CYBERSECURITY BUSINESS: BAD START AND NEEDED CHANGE
There is so much vulnerability in networks and application software that even good cybersecurity developers are working with one hand tied behind their back. This has led to a hack-and-patch cybersecurity business that is a reactionary temporary repair — not an upfront cyberdefense. It takes months to even detect a breach and many more months to temporarily fix it. Companies are making billions in historically patching cyberattacks when customers want to spend their money to stop them from happening in the first place.
THE OPM BREACH AND LESSONS LEARNED
- Protecting Data: Better protect data at rest and in transit
- Improving Situational Awareness: Improve indication and warning
- Increasing Cybersecurity Proficiency: Ensure a robust capacity to recruit and retain cybersecurity personnel
- Increase Awareness: Improve overall risk awareness by all users
- Standardizing and Automating Processes: Decrease time needed to manage configurations and patch vulnerabilities
- Controlling, Containing and Recovering from Incidents: Contain malware proliferation, privilege escalation and lateral movement; quickly identify and resolve events and incidents
- Strengthening Systems Lifecycle Security: Increase inherent security of platforms by buying more secure systems and retiring legacy systems in a timely manner
- Reducing Attack Surfaces: Decrease complexity and number of things defenders need to protect