Security by design, effective prevention, and cyber intelligence are needed in a world where almost everything is hackable, says Menny Barzilay, Cyber Security Strategist and former CISO for the Israeli Defense Force.
by Markku Rimpiläinen
Barzilay has many arguments for his rather alarming insight. First of all, it’s much easier to hack than to maintain security, “When you’re a hacker you need to succeed only once, but when you’re a security guy, you have to succeed all the time. When you’re an attacker, you can attack at one point, but when you’re a security guy, you have to secure everything.”
Reason number two is the change in technologies, “Every new technology creates new problems. We are innovating amazing new technologies like smart cities, smart cars, smart houses, wearable technology, biotech, and robots. Every single technology creates new problems.”
Sometimes, it´s hard to convince decision makers of the clear and present danger, but Barzilay has his own method, “I show them how easy it is to hack a phone, and how easy it is to send a spoof e-mail. Only when people see how easy it is and that it only takes a short amount of time do they start to understand that the threat is real.”
What should companies do to prevent themselves from getting hacked? Step number one is security by design, “If you’re not thinking about security with every new project, you have to add security later. It costs more money, takes much more time, and it will be much less efficient.”
The second important self-defense method is a multi-dimensional cyber security strategy, “First, move from prevention to detection. But it’s not enough. We need to invest in cyber intelligence, as well. We need systems that identify information about people who are trying to harm us.”
The level of security rises if companies work together, “Hackers are excellent in working together. They collaborate, they have projects, and they have marketplaces where they sell information. If we want to be good in information security, we have to be at least as good as they are in working together. It makes no sense that every company implements the same solutions, and is hacked in the same way.”
What should every CISO do next?
“Go to work, put all of those things together, and create an effective cyber security strategy. And remember that you live in a world where almost everything is hackable.”
Menny Barzilay was a keynote speaker at the 600Minutes Information and Cyber Security event in Finland on the 19th of May, 2016. Check out where cyber security is heading next on our Event Calendar »
Get the Latest News
The most efficient working day. Insights and ideas from the stage and from a network of executives. The best solutions for your business challenges.
Meet executives with investment needs. Bring your solutions and insights to your most potential clients. 11 markets, 20 000 executives, guaranteed meetings.
Management Events brings together top-level executives and solution providers, providing high value to both parties. Our concept attracts 20 000 visionary leaders to our events in eleven countries, over 170 times a year. Management Events Surveys provides insights and trends for solution providers and executives, helping them gain deeper understanding of challenges and needs of the largest corporations.
Sorry but your browser screen is too small for this site.