expert opinion on managing data breaches
TRANSCRIPT
Expert opinion on managing data breaches
What is government's role in fighting cyber crime?
What's the role of the private sector in fighting cyber crime?
Scott N. Schober
Intelligent information leads to actionable items for law enforcement, and both public and private sectors play a key role in sharing that information. I often liken cyber crime data clues to a large jigsaw puzzle. Every time a small piece is added, the larger picture becomes a little clearer. Government needs to fill in the missing pieces by sharing cyber-crime information with twith the public sector when relevant, or they cannot expect the public to reciprocate and share information back to them. Sharing entails investigation information, technical prevention, protective measures and best practices for all individuals at risk.
Cybersecurity expert and president and CEO, Berkeley Varitronics Systems, Inc.
Shahid ShahCEO, Netspective Communications, and cybersecurity and risk management consultant
The government’s role is to help in educating, galvanizing the best and brightest and establishing the ecosystem to help deploy cyber-crime fighters. The government cannot and should not be seen as having the resources, but it must lead in creating, managing and helping deploy the body of knowledge necessary tto fight cyber crime. The private sector needs to build the ecosystems of implementers and crime fighters that follow the knowledge built by the community and galvanized by the government.
Morgan WrightPrincipal and owner, Morgan Wright LLC, and cyber-terrorism and cyber-crime analyst
The government has the ability to set policy: policies on...intelligence and protection of private sector companies in sharing similar information, standards, collaboration, acquisition and similar activities. It’s not just about building higher walls and better defenses. Ultimately, the private sector will serve their interests, which is as it should be. The private sector should never be required to seserve the absolute interests of government, but should collaborate to see where mutual interests are and focus there.
Eric VanderburgSecurity and technology leader
The government’s role is in bringing cyber criminals to justice and to provide a legal framework in which those who have been damaged because of a lack of security controls can recover losses. The private sector’s role is to implement reasonable security controls and responsible security practices to safeguard organizational and customer data.
Should the private sector be mandated to share information on breaches immediately?
Why or why not?
Scott N. SchoberCybersecurity expert and president and CEO, Berkeley Varitronics Systems, Inc.
The private sector should voluntarily share information specifically related to vulnerabilities and cyber threats. When it comes to breaches, time is of the essence, so they should also be mandated by law to share informa-tion immediately where necessary. This mandate includes the targets of the attack, the nature of the data breached and steps to shore up security. Companies are reluctant to share their breaches and security shortcomings for fear their customers might leave or file lawsuits against them. They also fear the market reaction from shshareholders. Regardless, these painful but necessary post-breach steps build resilience to future attacks. My company faced targeted attacks and hacks that I initially was reluctant to share. I was under no pressure to reveal embarrassing details, but I realized my misfortunes could educate and prevent others from going through the same plight so I wrote a book about it.
Shahid ShahCEO, Netspective Communications, and cybersecurity and risk management consultant
Yes, there is a good case to be made that information sharing on breaches should be shared – and even made mandatory – because breaches are often “contagious.” Just like human and animal viruses, contagion cannot be hidden legally and must be shared through the Centers for Disease Control (CDC). I think thI think that the private sector should be required, for certain kinds of breaches but not necessarily all, to share information through a cyber CDC.
Morgan WrightPrincipal and owner, Morgan Wright LLC, and cyber-terrorism and cyber-crime analyst
Eric VanderburgSecurity and technology leader
Notifications alone do little more than hurt shareholder value. Cybersecurity problems can’t be regulated in the same way as carbon emissions. Information should be shared on an ongoing basis, not only when there is a breach. In this way, anomalies can be ddetected while attacks are still being implemented instead of after they have been successfully deployed. Already, many companies are utilizing cloud-based solutions that aggregate the data from many customers to improve security for all. These are the types of solutions we need more of, for they identify enemies rather than casualties.
Want tohear more?Visitibm.co/cyberthreatanalysis
© Copyright IBM Corporation 2016. IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be
trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at “Copyright and trademark information” at www.ibm.com/legal/copytrade.shtml.