Hewlett Packard Enterprise security CTO on how preparing for a cyber attack is like preparing for a marathon
In this article...
- Andrzej Kawalec, CTO of Hewlett Packard Enterprise’s security business, discusses how to choose the right cybersecurity controls, policies and strategies
- Resilience comes from predicting the scenarios you are likely to face and preparing for a significant and disruptive cyber attack
“The most disruptive event that your organization will face in 2016 will be a cyber attack. It will distract your leadership, paralyze your IT, confuse your clients and damage your reputation.” This is the worrying prediction from Andrzej Kawalec, CTO of Hewlett Packard Enterprise’s security business.
When it comes to security breaches, no organization is immune. Companies as large as eBay, AOL, Anthem, Experian, T-Mobile, the IRS and the European Central Bank lost over 30,000 records to data breaches in 2015. And the consequences of these breaches are getting more expensive to manage. According to a recent Ponemon Institute and Hewlett Packard Enterprise study, the average cost of cyber crime grew to $7.7M per company in 2015. It's important to understand that every part of an organization—from sales and operations to HR and marketing—has data that is valuable and vulnerable. What steps should security leaders take to keep their systems in check?
We spoke with Kawalec, who offered the following suggestions.
1. Know the security landscape
At face value, security breaches seem like technical discussions. IT teams are often focused on vulnerabilities, patches and developing an effective response strategy. But the complete story goes beyond lines of code and response protocols that you're developing. In addition to monitoring the technology aspects of security, you'll want to focus on the human side too.
"It's a fascinating topic," says Kawalec. "It’s a society-based conversation. The privacy of individuals, the security of our children, the sovereignty of national secrets and the importance of IP assets in the new digital economy are all merging together into this sort of single topic we call cyber or information security."
A comprehensive breach prevention plan, according to Kawalec, involves multiple stakeholders from governments to industry regulation, chief executives, teachers in the classroom and parents at home. It's up to IT to bridge these connections and provide education to all of these groups.
"There's clearly a massive digital disruption that's been going on for a while now," says Kawalec. "It's placing a huge pressure on how you secure each and every digital interaction between a device, a piece of data, a user and the infrastructure it sits on."
A bird's eye view of the security landscape will help you identify potential gaps and devise solutions for multiple stakeholders that include governments, executives and, most importantly, consumers.
“The most effective way to prevent this challenge? Know what your attackers are trying to get.”
2. Study your attackers
Cyber crime is impossible to predict and many companies are caught off guard when a breach takes place. No matter how many patches you create or how closely you monitor your organization's network, cyber criminals are often multiple steps ahead. The most effective way to prevent this challenge? Know what your attackers are trying to get.
"The age of the average hacker is 24, and they are in perfect positions to exploit all of the fracture points in the evolving digital world, because they grew up within it,” says Kawalec.
And what are they after? “Assets we expect are worth more than $100 billion each year.”
But not all are motivated by money. Some, like the hacktivists, or the principled hacker, are not operating for financial gains as the cyber criminals do, but for fame or to make a point or political statement, and increasingly, we’ve seen that evolve into the use of cyber terrorism."
These groups operate outside the world of legislation so it's up to your security leadership to protect your company's assets. Put yourself in your hackers' shoes. Figure out what they want and stop them from getting it.
“Preparing for a breach is like preparing for a marathon.”
3. Get diverse, cross-functional perspectives
Leaders need thorough strategic cyber processes to understand the risk from multiple angles. In addition to understanding who's trying to harm your company (and why), you need to figure out how to become a stronger organization. Resilience comes from challenging your assumptions, identifying your blind spots and being the first to surface industry knowledge.
"I spend the majority of my time working with security industry and intelligence organizations, advising boards, CEOs, CIOs and governments on exactly what we’ve just been talking about—how to navigate major threats and trends and how to put the right controls, policies and strategies in place," says Kawalec.
Kawalec says it is important to predict the scenarios you are likely to face, prepare for a significant and disruptive cyber attack and respond in a controlled and effective manner.
"Preparing for a breach is like preparing for a marathon," says Kawalec. "It starts nine months before the starting gun goes off. You have to train the muscle memory of the organization to respond correctly over an intense and grueling period where your ability to function as a team is paramount."
Today, a global threat marketplace collaborates and innovates to attack organizations 24/7. It’s time to think like a bad guy. HPE draws on decades of enterprise security experience and industry-leading solutions to help businesses identify and neutralize threats while preparing for the next battle. Together, HPE and enterprises aren’t just reacting to the changing threat landscape, we’re proactively countering the adversary to win the war.