Promotional feature
C2 Montréal

Surviving the cyber attack of tomorrow

Robert Masse talks to workshop participants at the C2 conference
Robert Masse talks to workshop participants at the C2 conference

We have to change the way we think about cyber security - it's getting a lot worse ...

Over the past year we’ve seen more businesses fall victim to security breaches. TalkTalk hit the headlines in late 2015 after an attack on its customer records saw thousands of files with personal information leaked. JP Morgan Chase, Target, TK Maxx, Home Depot, eBay — have all fallen victim to cyber attacks over the last two years.

Robert Masse, a partner at Deloitte, said you don’t put measures in place because you might get hacked, you prepare for the fact that you will. "Everyone gets hacked," he said. "We have to change our way of thinking to, ‘When will we get hacked? And how will we recover?’ "

Masse ran a workshop at the C2 conference in Montréal that took participants through the steps of a cyber attack. He also offered useful nuggets on how innovation and cyber security go hand-in-hand when it comes to protecting businesses.

Masse identified the root causes of infiltration as accidental, where things are published by mistake or by human error, hacking, or loss or theft of hardware; the "threat actors" are mainly hackivists; criminal rings; nation-states; insiders; or quite commonly, disgruntled employees.

Here are the top 10 cyber challenges for enterprises:

- Legacy systems that have not been patched or adequately secured

- Operating without central security policies and standards

- Lack of central management and monitoring of critical assets

- Focus has been primarily on looking down the perimeter

- Malware defenses are inadequate to address today’s threats

- Cyber incident response capabilities are basic or nonexistent

- Often ignoring or not considering insider threats

- Siloed operating model: lack of enterprise risk awareness

- Heavy reliance on technology without adequate operational processes and procedures

- Supply chain vulnerabilities are not measured or managed

The impact of cyber attacks is damaging. Consumers lose trust in the business; reputations are left in ruins; and in serious cases, financial fraud has a devastating outcome for consumers — and the business. But although things may be getting worse, businesses are beginning to take action and ensure they have proper response plans in place.

Apart from the obvious resolutions such as encrypting data, securing hardware and ensuring proper procedures are followed, cyber security will come with culture changes in our businesses.

Subscribe today for just $89 a year

Get the very latest news and insight from Campaign with unrestricted access to campaignlive.com , plus get exclusive discounts to Campaign events

Become a subscriber

GET YOUR CAMPAIGN DAILY FIX

The latest work, news, advice, comment and analysis, sent to you every day

register free