If the relentless stream of headlines trumpeting cybercrime’s latest hits reveals anything, it’s that cyber-actors are escalating their efforts. It’s not just smarter people developing better weapons — they’re also increasingly organized. Say bye to the bunker: Well-funded and highly connected, they’re working together to share intel, expertise, and tools, collectively raising their game.
It’s time for the response to match the threat. Private and public sector entities that join forces to collaborate and share cybersecurity information stand a far better chance of beating back the bad guys. That was the rallying cry of Sage Data Security’s 2015 CyberCrime Symposium, “Collaboration & Information Sharing.”
The sold-out event’s featured speakers ranged from high-profile journalists to security specialists, tech sector executives, and public policy advisors. In their presentations, they raised attendee awareness by:
- Detailing public and private sector cyber-sharing efforts.
- Mapping out the mechanics of infamous attacks.
- Illustrating the importance of collaboration-chain participation.
- Providing roadmaps and tools for mobilizing.
Stayed tuned for upcoming installments that explore speaker presentations in-depth. Meanwhile, check out these select conference takeaways.
A Silver Bullet in the Stockpile
In her opening remarks, symposium chair Sari Greene cited three factors that led Sage to give “collaboration and information sharing” the 2015 spotlight. First, it reflects the current legislative agenda — most recently marked by the Senate’s passage of CISA, fast on the heels of two House-passed cyber-security bills. Second, there’s mounting regulatory expectation that organizations will work together to combat cyber-threats. And finally, said Greene, the most important reason: A collective commitment to collaborative info-sharing “could be our silver bullet for fighting the bad guys.”
“Cybercriminals, cyber-terrorists, and hacktivists aren’t going away,” she said. “But the more we work together to share information, the better our chances of diminishing the criminal opportunity, increasing their work factor, and responding successfully to incursions.”
It’s Beyond Ridiculous
To drive home the info-sharing imperative, the FS-ISAC’s Rick Lacafta summarized cybercrime’s financial toll on the global economy. Worldwide, cybercrime costs exceed $445 billion annually. In the US alone, the price tag tops $100 billion.
“It’s getting beyond ridiculous,” said Lacafta, director, insurance services at FS-ISAC, a threat intelligence-driven community that enables financial institutions, organizations in other industry sectors, and government entities to share and review threat indicators.
If the growing ranks and variety of victims, coupled with regulatory pressure, haven’t convinced organizations to coalesce and mobilize, the new trend toward shifting blame to the top of the org chart should provide incentive.
In the past, “the CSO was always the first to go as the result of a breach,” said Lacafta. “Now, more CEOs are getting fired by their board, so they’re more inclined to invest in cybersecurity.” That includes getting invested in collaboration, if FS-IASC’s skyrocketing numbers are any indication.
Hey, Good Guys: Make Bad Guys Cry
Jayson Street’s job is to make his clients look clueless, though some may expect better outcomes when they hire him to test the strength of their security posture. Often, Street is asked to attempt a network breach by exploiting a physical compromise — and recording his on-premise activity. The images he captures — some of which he features in his “Breaking in BAD” presentation — tell a terrifying tale about the state of cybersecurity education.
He uses the blockbuster hit “Breaking Bad” to illustrate his view of the players on each side of the cyber-war. “Why are we so happy when the bad guys succeed?” Street asked attendees. “We’re the good guys — we need to do a better job of ensuring the bad guys fail. We want them to be the ones who have the bad day, by preventing them from profiting from their efforts.”
CSOs can accomplish a lot by simply educating and empowering employees. “How many of your employees have the extension number or email address they should use if they see something suspicious?” Street asked his audience. Even this basic info-sharing practice can be a powerful cybersecurity tool.
Can I Call You Sometime?
If it’s Secret Service Special Agent Matthew O’Neill — and you’re trying to report possible cyber-threat activity — then yes, you can. During his talk, O’Neill gave attendees his mobile number and told them to call if they see anything suspicious. The information they share could save a cyber-target millions of dollars. (You can find your local field office contact information here: www.secretservice.gov/contact/).
“I usually get calls when something’s already happened, and if it happened two weeks prior, that money’s gone,” O’Neill told the audience. A witness who calls immediately, however, may facilitate a far more satisfying outcome.
Because he works in a small agency that fosters close working relationships, O’Neill can field a call from a proactive source, and immediately place a call to a contact in the right part of the world, setting recovery measures in motion.
“I work with my contact to freeze the account with the stolen money,” he said. “I’ve helped people get millions of dollars back because they acted quickly.”
This kicks off our series presenting key takeaways from Sage Data Security’s 2015 CyberCrime Symposium, held November 5-6, 2015. In case you missed the filled-to-capacity event, “Collaboration & Information-Sharing,” make sure to check-in weekly for the latest installment featuring actionable insight from select presentations.