UK enterprises are demonstrating a high degree of growth in their awareness of the need to secure data. Yet, the biggest misconception is the belief that as long as organisations have a strong security posture, they’re safe.
Charles Eagan, Chief Technology Officer at BlackBerry, discusses the challenges than remain.
What kind of changes have you seen in UK enterprise organisations and their outlook on data security?
UK enterprises are demonstrating a high degree of growth in their awareness of the need to secure data. They’re beginning to understand the complexity of security issues as well as their global and shareholder responsibility to protect data, and they’re reaching out to experts.
Recent events, where mass privacy breaches have occurred, have raised public awareness of the importance of transparency and responsible stewardship when it comes to how organisations manage their data.
Organisations are responding to consumer concerns over protection of their personal data.
GDPR has triggered a massive introspective focus within corporations, prompting reviews of privacy and data policies. Companies are now waking up to the need to secure data, and to the global governance elements of data collection.
What do you think is the biggest misconception preventing organisations from understanding the importance of developing a cyber resilience strategy in today’s digital economy?
It’s a complex topic that I think many decision makers aren’t sure how to approach. The biggest misconception is the belief that as long as organisations have a strong security posture, they’re safe. There’s a certain amount of complacency, likely grounded in the common bias of optimism; a fallacy of invincibility.
They don’t realise how exponential growth in connected products is making them more vulnerable to cyber intrusion by the day. A strong cyber resiliency strategy includes both recognising the inevitability of an attack as well as a plan to ensure their business can maintain critical functions and quickly return to normal in the face of intrusions.
According to Gartner, the number of connected devices is expected to rise to 26 Billion units by 2020. How will the increase affect enterprise security? Furthermore, as more organisations start to adopt smart technology into their enterprise operations, how do these connected devices/machines affect an organisation’s security strategy?
The rapid expansion of the vast global network of IoT connected devices makes cyber intrusion inevitable. Every connected smart device is a potential back end and therefore a target. Every connected node exponentially increases the security risk of a network. A network is only as secure as it's endpoints.
If a single endpoint in a smart system is unprotected, the entire system is at risk. Today’s smart ecosystems create a new level of exposure, this can be managed, but it requires that organisations secure each and every connected device in their network.
How can leveraging machine learning and artificial intelligence (AI) technology be used to optimise enterprise security? Can these technologies be used for mobile/IoT security?
Maturing AI and machine learning technologies are definitely giving rise to new possibilities for cybersecurity threat protection. AI and ML, for instance, allow us to automatically flag unusual patterns and enable detection of network problems and cyberattacks in real-time.
These technologies recognise patterns in our environment and apply complex analytics that supply deeper insights and therefore greater security.
While this technology is nothing new, recent advances in AI and ML mean we are moving further away from the flawed traditional password model towards a digital identity that is functionally impossible to clone.
Which industries can benefit from adoption advanced mobile security solutions (i.e. automotive, manufacturing, healthcare, etc.)? How so?
Every industry, can benefit from the adoption of advanced mobile security solutions. As the number of connected ‘things’ within an organisation increases, so, too, does the mobility of its data, and the risk of cyberattacks. This phenomenon is not limited to individual industries.
Take automotive as an example; the car has evolved into a complex computer network on wheels that now contains over 100 million lines of code – more software than in a Boeing 787. As the scale and complexity of software inside a vehicle grows, so too does the virtual attack surface, making the vehicle more vulnerable to cyberattacks. Mobility security solutions bring trust to this evolving transportation market.
Likewise, in healthcare the use of IoT and connected devices has a range of benefits for healthcare providers and patients. If these devices aren’t secured, a malicious attack could pose critical consequences the organisation and patient outcomes.
What do you see as some of the biggest pain points, relating to cyber resilience, that organisations should keep on their radar over the next couple years?
The biggest challenge of joining the connected world is staying ahead of the continually evolving threat environment. As threats develop, organisations must be resilient and continually assess situations and absorb new intelligence if they are to remain ahead of attackers. lessons learned and emerging practices must be incorporated into their plans.
Cybersecurity threats will only become more sophisticated, as enterprises have more connected devices than ever before, the pain point lies in ensuring every single connected device in the network is accounted for and continually secured. This may seem a scary task, however the consequences of not doing so are far more frightening.
Truly resilient organisations must continually assess situations and absorb new intelligence, lessons learned, and emerging practices that will be incorporated into their plans.
Charles Eagan is the Chief Technology Officer for BlackBerry.