The potential for a cyberattack is top of mind for not just IT professionals and CIOs but also among the general population. Experts—from government agencies to technology experts—have been warning that this year will see the worst cyber breaches in history.
However, regardless of the public awareness, many companies and individuals are still ill-prepared. "Whatever level you're worried about cybersecurity, you should be more worried," said LinkedIn Co-founder Reid Hoffman during a Congressional Cyber Boot Camp held at Stanford University and attended by congressional staffers.
Solution providers understand the magnitude of the situation and are leveraging their expertise to protect their customers.
For one, Alvaka Networks, Irvine, California, frequently conducts “lunch and learns” with its customers and its most popular one is titled “Breach,” according to Oli Thordarson, company CEO.
“A lot of seminars talk about how to better secure your systems. This one speaks to the issue of what you need to do when you get breached," he said. "We talk about the compliance and regulatory obligations to protect data in addition to the privacy interests of the company. We then advise that the time to figure out what to do when breached is not during the breach, but beforehand.”
What’s always amazing to Thordarson is despite all the awareness, people are still surprised when they see the damage an IT attack can do. “People are shocked and scared after we do the lunch and learn. Rightfully so. Most people don't stop to think about the ramifications of a breach, plus we share all the common and successful ways systems are breached,” he said.
During these sessions Alvaka sometimes will show an example of how a system gets hacked live in front of the guests. “When they see how easily it can be done in 10 minutes in front of their eyes they are suddenly communicated to in a way that is tangible,” Thordarson said.
“Most people, including IT professionals, have no ability to fathom how bad the situation actually is,” added Bobby Kuzma, CISSP, Systems Engineer, Core Security. “We have a huge skills gap that is going to take a decade or more to even begin to resolve, and we have to do our jobs perfectly to have a chance at successful defense—every, single, time.”
Kuzma warns that malicious hackers or cybercriminals just have to find one “tiny” flaw in a system to exploit—and that flaw is not always a technical flaw, it could be human.
“It's incredibly difficult to convey the sheer magnitude of this problem without sounding like Chicken Little, with the sky falling day in and day out,” he said.