TCE Strategy’s Bryce Austin Weighs in on How Small, Medium and Large Businesses Can Address the New Threats Posed by Modern Cyberattacks
Yahoo, eBay, Equifax, Target and JP Morgan Chase are corporations numbered among the top 17 data breaches in the 21stcentury, according to CSO Magazine. In a podcast interview for journalists, Bryce Austin, CEO of TCE Strategy and the author of, “Secure Enough? 20 Questions on Cybersecurity for Business Owners and Executives,”points out that the rising adoption of cloud computing, artificial intelligence, and the Internet of Things (IoT) must be seen in the sharp context of the damage created by these recent cyberattacks.
“It demonstrates the need for businesses -- both big and small -- to understand a new mindset in terms of the cybersecurity strategies that are necessary today,” says Austin, a former CIO in the financial services, retail and healthcare industries who has battled cyberattacks for over 15 years.
Podcast Interview with Bryce Austin
“Ten years ago, we could make a reasonable assumption that all of the computer devices inside of our enterprise were devices that we understood and had some modicum of control over. We don’t have that anymore. The end point protection model is gone. IoT, and other innovations, are destroying this concept and we are not going to get it back. As a result, we need to think differently about how we are going to allocate our resources,” he says.
Going forward, it’s unlikely that organizations can future-proof their security; however, it is possible for businesses to harden their systems.
“A very determined cyber-criminal has very high odds of getting into your system,” Austin explains. “The new war is about planning for a cyber security breach and being able to detect, respond, isolate and eradicate that breach. Many companies are practicing good cyber hygiene. But for the very advanced hacks—you have to detect them.”
Today’s businesses are also utilizing cloud technology to maximize the effectiveness of their business operations and stay competitive, and yet these new cloud technologies are not without challenges as well.
“The big cloud providers tend to have very hardened systems. But misconfiguration – which is typically done by end companies’ technology staff – is where trouble can start,” says Austin. “People are trying hard to make these systems work. But once they do...they think they are done...and that is the wrong mindset,” he explains.
With these new challenges, businesses should revisit the kinds of tools and skills that are required for successful – and secure -- operations and growth.
“We have to think carefully about how to invest in people that know how to think about today’s threats. We cannot depend on technology to do the thinking for you. There are a number of new technologies that are available that engage with behavioral detection of a cyber event. Although these are useful, your people are front and center in this war.”
Since organizations have a limited portfolio of resources he recommends that business leaders invest in cyber awareness training for the entire organization, while ensuring that staffs adhere to the basics of good cyber hygiene like patching and anti-virus.
“Above all, we need to THINK our way out of these problems. We cannot BUY our way out of them,” says Austin.