Demystifying Cybersecurity for Business Executives

Flashback to 1995. Marc Andreessen, a recent University of Illinois Champaign-Urbana graduate and cofounder of the startup Netscape, was committed to providing access to the internet for the common person. Netscape launched the Mosaic web browser, which opened up internet access to people outside of the defense, scientific research and academic communities.

Early on, almost no one understood the risks of connecting corporate networks to the web.

During that era, very few people understood what havoc was about to be unleashed by connecting company networks to the internet. My startup, Raptor Systems, was one of the very first commercial cybersecurity vendors. As the company’s chief marketing officer, I was tasked with educating the market on inherent risks, while positioning Raptor as the vendor of choice for early adopters in this nascent market.  To introduce Raptor, I formally launched the company with an extended, highly successful media and analyst tour.

Despite the coverage that resulted, it was slow going at first. When Russian hackers breached Citigroup’s corporate network and stole $12M (lunch money by today’s standards,) the story appeared on the cover of the Wall Street Journal. Only then did businesses finally wake up. From that point forward, the market started to accelerate. Raptor quickly emerged as the fastest growing software company in America. We took the company public on the NASDAQ and eventually sold the business to Silicon Valley security giant Symantec. After the inflection point of the Citgroup hack, everything moved very quickly.

In some ways, everything has changed. Yet, in others, nothing has. So, what remains the same?

Despite the fact that the cyberattacks have been propagated on businesses for over 20 years, most companies are still woefully unprepared for an attack.

What’s lacking?

  • Thorough, clear security policies
  • Understanding of precisely where data resides
  • Prioritization of what data is most important and requires the most protection
  • Employee education on how to prevent inadvertent access through clicking on phishing scams
  • Ability to prevent malicious insiders from doing serious damage
  • Effective communication of the risks in language that can be understood by corporate boards and executives
  • Investments in technologies to quickly recover from an inevitably successful attack

Still, Much Has Changed

Today, cyberattacks and data breaches seem to be weekly occurrences, with new threats around every corner. The frequency, sophistication and severity of these attacks have increased exponentially, with seemingly no end in sight to the acceleration of this market. In fact, research firm Cyber Security Ventures predicts that there will be an attack every 14 seconds, with an aggregate of $6 trillion in damages in 2021, up 100% in just five years.

Many high profile attacks have created havoc, interfering with ongoing operations at organizations as varied as the City of Atlanta, FedEx, A.P. Moeller- Maersk, Reckit Bensicker, Target, Honda, Equifax, the Laboratory Corporation of America and Yahoo. Many billions of dollars in losses have been incurred from this handful of the most visible attacks. According to AT&T, 62% of companies have reported breeches, although it is believed the number is actually far higher as organizations hesitate to admit to this outcome for legal and financial liability reasons. Of course, it’s not only large organizations that are under siege.

So, what is new?

  • Virtually every company is doing business in the cloud, whether it be SaaS-based business applications from vendors like Salesforce, HubSpot, SAP, Workday or Zendesk, or hosting corporate databases and applications through Amazon Web Services, Microsoft Azure or Google Cloud
  • A new generation of hackers is now targeting cloud services providers (CSPs) rather than attacking companies individually. The goal is to use the CSP’s networks to spread malware and spying tools to their respective clients
  • Supply chain attacks have grown by orders of magnitude, up 200% in just one year, according to Symantec
  • With ecommerce sites for DIY hacking kits and tools and stolen credit card information, the technical skills required to break into networks have fallen dramatically. All of this can be paid for in cryptocurrency, allowing hackers to remain anonymous
  • The new, EU-led GDPR standard makes companies criminally liable and subject to large fines for data breaches
  • Slow but steady emergence of metrics for measuring the health of a company’s security defenses from the US National Institutes of Standards and Technology
  • Corporate boards have finally begun to hold CEOs and executives accountable

What’s to Be Done

In a recent cyberattack simulation held at Coventry University in the UK, mixed teams of business, IT and security professionals to fend off a simulated attack. The problem was that the business people were like deer in the headlights. They expected their IT brethren to do the heavy lifting – herein lies the problem.

Cyberattacks increasingly have financial, reputational and legal implications in addition to technical ones. Corporate boards and executives need to recognize that this just like any other business risk.

Executives across a wide range of departments and functions must understand the threats to their businesses and know how to proactively prevent and respond to them.

A few ways to increase your cybersecurity knowledge:

  • Take an introductory 2-hour free course with ESET:
    • Overview on threats, password policies, email protection, web protection, preventive measures, etc.
  • Attend a Cyber security conference with a managerial perspective including:
  • Take an online course on a MOOC:
  • Take an executive education course or certification at universities:
  • Study in one of the new cybersecurity-focused MBA programs
    • US
      • University of Albany, full-time MBA with cybersecurity specialization, which covers both managing risks and assessing security incidents
      • Florida Tech, online MBA in cyber security
    • Study in one of the new risk focused law programs, with cybersecurity courses
      • Texas A&M School of Law; Masters of Law Degree in Risk Management
    • If you’re an executive with an small/medium business, attend the WSJ’s Pro Cybersecurity Small Business Academy

We need business professionals to step up and take ownership of this increasingly mission critical business issue. That means peeling back the curtain, regardless of how terrifying it may appear, and learning as much as they can. Knowledge is power. It’s time to level the playing field.

Add Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Global Trade
How Global Trade Can Support Growth in Periods of Uncertainty
Selling Bon Jovi
Sell Me, Don’t Tell Me!
Digital Marketing
Choosing The Right Digital Marketing Agency for Cohesive Branding
5 Things To Consider When Choosing The Right Video Conferencing Solution
Cyber World
How to Keep Your Money Safe in the Cyber World
Credit cards in wallet in back pocket
7 Elements of a Good Credit Application
budgeting in the office
Three Ways Budgeting Our Money Actually Makes Us Richer
10 Pharmaceutical Stocks to Consider in 2019
Software Engineer
How to Become a Software Engineer and the Salary You Can Expect
Prioritizing Security to Future-Proof Enterprise Collaboration
Does Artificial Intelligence Have Ethics?
Cloud Attack
Top 8 Cyber Security Trends in 2019 You Should Look out For
Luxury Carbondale: Spend a Weekend at the Marble Distillery & The Distillery Inn
Lincoln Memorial
20 Awesome Free Things to do in Washington DC
Philly skyline
20 Awesome Free Things to Do in Philadelphia
20 Awesome Free Things to Do in Miami
2019 Acura MDX
The 10 Best Acura SUV Models Of all-Time
The 20 Best Mercedes SUV Models of All Time
2018 Volvo XC60
10 The Best Volvo SUVs of All-Time
The 20 Most Expensive Rolls Royce Models Ever Sold
The 20 Best Tudor Watches of All-Time
Timex MK1 Steel Watch With White Dial
The 10 Best Timex Watches of 2019
Fossil Sport
The 10 Best Fossil Watches of 2019
Hamilton Watches feature
The 10 Best Hamilton Watches of 2019