Former Head of Shin Bet on Current State of Cybersecurity

This article explores what the former head of Shin-Bet, Israel's internal security service (equivalent to Britain’s MI5 or the FBI in the US), thinks of the current state of cybersecurity in the world today, and what can we learn from his warnings?

In June 2017, I was invited by the Israeli Ministry of Foreign Affairs to attend the CyberWeek conference in Tel Aviv, as part of a delegation of journalists from around the globe. Among the key people we met and interviewed was Yuval Diskin, who headed Shin Bet (aka Shabak) from 2005 to 2011. Yuval is currently the Chairman of CyMotive, a company focusing on cybersecurity in the automotive industry. CyMotive was born out of a partnership with Volkswagen, which issued a press release in September 2016, touting the important role this new company would play for Volkswagen and the automotive industry:
The age of the connected car enables customers to use a variety of features inside modern vehicles. However, with increasing connectivity comes an increasing risk. Aspects such as intelligent and autonomous driving increase the number of interfaces in the vehicle and thus the risk of malicious attack.

Mr. Diskin quickly set the tone when it comes to the state of cybersecurity today, stating “attackers are very dynamic; defenders are very static, passive.” He went on to say that “interconnectivity is one of the biggest challenges” and that to prevent or detect attacks, you must extend your scope beyond the perimeter. The current approach deals with layers of defenses and incident response preparations, but both of those approaches require the organization to wait until an attacker has successfully compromised systems in order to react.

His approach? Leverage behavioral science to identify attackers, even before they’ve found you and successfully penetrated your defenses. “Behind every cyber attack, there is a human being…” he said, then explaining that the goal is to connect the dots to identify the humans behind the attacks. He coins his approach as “intelligence driven offensive defense” and warns that many organizations and leaders prefer “naive” solutions to their cybersecurity problems, alluding to the patchwork of controls that many organizations have deployed today, with 36% of banks reportedly using between 51 and 100 security tools.

“There is a real reason to be frightened by the potential of a cyber attack” he said, alluding that current activity is equivalent to child’s play (i.e. how a child explores his ability to impact the world around him, and test boundaries). So what are organizations to do? Instead of looking for new (cybersecurity) solutions he said, organizations should ensure that their cyber processes are consistent and maturing, and that the controls are effective.

So what are you waiting for? Go test your controls, before someone else does.

No comments: