Business leaders face what could arguably be the greatest threat in the history of modern commerce: catastrophic cybersecurity breaches that cost $600 billion a year globally. As “digital” becomes synonymous with business and our personal lives, the attacks show little sign of stopping. In fact, attackers are only getting smarter, faster and more aggressive.
In 2015, IBM chairman, president and CEO Ginny Rometty made a chillingly accurate prediction:…Cybercrime … is the greatest threat to every company in the world.
From malware to ransomware, cyberattacks become more complex and devastating with every new breach. But external forces, such as hackers, aren’t the only problem. According to a 2018 Kapersky Lab study, insiders contributed to 46% of cybersecurity incidents in 2017. One notorious example is the Equifax breach. One employee’s error allegedly impacted over 146 million Americans and cost the company over $4 billion and rising. Even worse, financial losses aren’t the only costs.
Beneath the surface of the initial financial hit is a long-term negative impact to customers, employees and a brand’s reputation. Deloitte calls this the hidden business impact of cyberattacks. And as the cost of cybersecurity breaches rise, business leaders at every level of an organization are held accountable and even lose their jobs.
Tom Corn, VMware senior vice president and general manager of security products, believes this astronomical cost will only continue to rise unless businesses “change the battlefield.”
Not in My House: A New Approach to Cybersecurity
Corn argues that today’s approach to enterprise security is set up to be a losing game for defenders. “You have to stop all the arrows, but they only need to land one,” Corn says.
Corn believes the only way companies will win the fight against cyberattacks is to gain what he calls a homecourt advantage. This new strategy turns the current model on its head. Instead of trying to mitigate threats, many of which are false alarms, the homecourt advantage model relies on identifying good behavior.
“If someone were to sneak into my house, I’m going to know,” Corn says. “If there’s a noise in the playroom, study or living room, that means something isn’t right. I know my house, and they don’t. Why don’t we take advantage of this in business? We know our digital ecosystem and how it’s used. That might be the single advantage defenders have against attackers.”
Corn proposes a new security model that focuses on defining what “normal” looks like within your digital ecosystem:
- How your apps should behave.
- How users should act.
- How the network should perform
- What virtual machines should do.
- Where your data should go.
Much like noticing something odd in your home, IT teams can identify abnormal, unauthorized or errant activity, whether it’s someone trying to break in or someone trying to sneak out. To achieve this homecourt advantage requires two strategic shifts in the way companies secure their businesses:
- Limiting the attack surface instead of securing a perimeter.
- Shifting focus from the data center to securing apps and data.
To get there, Corn says companies must gain “clarity and understanding” to the way apps and data are used. With modern enterprise technology capabilities, IT leaders can then:
- Build intelligent policies (locks)
- Create least-privilege access (keys)
- Compartmentalize (rooms) your tech ecosystem (home).
Corn believes understanding how apps and data act in the following technology segments are key to giving defenders an edge over would-be attackers:
- Compute: Machine learning functionality helps IT understand what good behavior looks like for virtual machines in compute environments. Virtualization teams can then set policies that restrict functionality to only those good behaviors, adapting intelligently to new apps and updates as they occur.
- Network: Corn calls the next step in network security adaptive micro-segmentation. This networking model helps stop both lateral app and network attacks by locking down shared services and setting good behavior policies.
- Endpoints: With intelligent and adaptive capabilities within modern digital workspace technology, IT can set policies for end-user and device behavior that enable the good and lock out the bad.
The Organizational Shift from React to Defend
Over 30% of security professionals expect a major and successful attack on the firm within 90 days, whereas only 12% of C-suite executives share that sense of urgency.
The Economist Intelligence Unit study revealed that the top c-suite priority is customer reputation. Ironically, Deloitte lists lost value of customer relationships as one of the biggest hidden costs of cybersecurity breaches. This is especially true in financial and healthcare segments when a breach or cyberattack occurs. So, where’s the disconnect?
Marc Goodman, founder of the Future Crimes Institute, says: “Any good CEO focuses on making more money while preventing losses is still seen as a necessary evil. Corporate risk management is something that needs to be managed, but it’s not something that CEOs get up in the morning and feel excited about.”
As more and more CEOs lose their jobs because of cybersecurity breaches, it’s time for leaders to start actively defending their businesses. Waking up and knowing you have the homecourt advantage? Now, that’s something to get excited about.