This article is part of Panther’s new Future of Cyber Attacks Series which features interviews with cyber security experts, thought leaders, and practitioners with a goal of better understanding what organizations can do to prepare themselves for the future of cyber attacks.
The following is an interview we recently had with Ian L. Paterson, CEO of Plurilock.
How have cyber attacks evolved over the past 12 months?
There’s a lot of talk in business about flywheels, and Amazon is a great example of this. Amazon has created a flywheel effect to propel them to be one of the, if not the most valuable company in the world. That flywheel is an economic flywheel where the more that Amazon sells, the better they become, to the point that they become the dominant market force in e-commerce and now across multiple industries. The change we’ve seen in the last 12 months with cybersecurity is that there’s a similar flywheel taking place, when it comes to ransomware payments fueling the ransomware industry and the ecosystem. The more companies are paying these ransoms, the more we’re enabling the ecosystem to evolve. That is fundamentally why over these last several months we’ve seen an increase in the number of high-profile attacks taking place.
What lessons can be learned from the biggest cyber attacks in recent history?
Even the most well-defended companies are vulnerable. Companies are going to be breached. And it’s not about preventing the breach, but it’s about minimizing the amount of time the attackers have to do their nefarious deeds, and to minimize the blast radius. Success in cybersecurity is not about prevention per se – it’s about limiting what the attackers are able to do when a breach occurs. This is why continuous authentication solutions are so important. They assume the attackers are going to get in through the ‘front door’ and it’s all about recognizing that they’ve come in and kicking the attackers out as quickly as possible before they inflict damage.
What will cyber attacks look like in the future?
Cybersecurity is an arms race and the defenders have started to use AI to defend against the new wave of threats. We’ve seen companies, like Darktrace on the network and Cylance on the endpoint, be celebrated for leveraging this new technology in the defense of companies. What we expect to happen is that the attackers will begin using AI as well. The cybersecurity warfare of the future will not be a loner in their basement against a well-staffed security team. It will be AI against AI.
What are three pieces of advice for organizations looking to get ahead of the cyber attacks of the future?
The frequency and severity of attacks is increasing and combined with the lack of skilled workers – with 3.5 million cybersecurity jobs going unfilled this year alone – companies need to leverage AI in order to keep pace with the growing frequency and severity of attacks.
Rather than focusing your time and attention on the perimeter like firewalls and email spam filters, assume you’re already breached and think through what tools you have available to limit the damage an attacker could do if they gained access. Security is defined by the weakest link. Humans tend to be the weakest link. Assume a human will make a human mistake and think through what you would need to do about it.
Make sure you have diversity in thought when constructing your cyber defense. It does you no good to have 20 people who all think the same way and can’t emulate an attacker. You need multiple perspectives coming at it from multiple points of view, in order to see the defense of the company from multiple angles.