<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1175921925807459&amp;ev=PageView&amp;noscript=1">
Cyber Risks

BitSight EXCHANGE Sound Bites: Closing the Cyber Risk Gap

BitSight | December 26, 2018

In the months since BitSight’s inaugural EXCHANGE forum inaugural EXCHANGE forum, we have been digesting and processing the incredible sessions and discussions that came about from this forum. It was a great event that brought together security executives from all over to discuss the challenges they face in their roles every day.

One discussion that stood out was the conversation between Niloofar Razi Howe (Former CSO of RSA) and Venky Ganesan (Managing Director of Menlo Ventures) about today’s threat landscape and closing the cyber risk gap.

 

“In our industry, in cybersecurity, we're plagued by the exact same issue, which is too many organizations find themselves unable to understand the business implications, the risk implications, from the technical details of the issues that they face. Now, 10, 15 years ago, cybersecurity was on... Actually, at this point, I've been in this industry for a long time too. I should say 15, 20 years ago. Our industry was a dark art. There is no question about it. The security officers were in, you know, the bowels of IT departments solving very, very technical problems. But today, it's not a dark art anymore. It's a business problem. It's about managing risk.” 

 

“So many aspects of our lives are instruments. They're monitored, they're analyzed, all to help us make better decisions, right, about our health, about how we get to places, our living conditions, how we manage and how we use our time. As business leaders, we drive productivity. We drive profitability. We drive growth. We drive innovation by embracing technology. As you look forward, our personal and our professional lives are gonna only become more dependent on cyberspace as we embrace these new waves of technology. And the network effects are going to be absolutely pronounced.”

 

“So, what has all this investment done for us? Well, the problem is if you look at the threat landscape, it doesn't feel like it's done a whole lot for us, right? In 2017, there were over 53,000 security incidents. There were over 2,000 data breaches in over 65 countries, all of it with unprecedented implications. We saw with Mirai Botnet that your toaster could be turned into an attack vector to take down Twitter. And yet, we still are connecting devices to the internet at an unprecedented rate. J.P. Morgan, Yahoo, Equifax, basically the entire Western world, has been breached. Phishing is fascinating too. And I think someone touched on this earlier.”

 

“And, of course, enterprises have to think about this as risk management to protect the things that matter most. And once we start connecting the dots, right, as government and industry start coming together, we all have information. Sharing that information becomes more valuable. That's when we really close the gap.”

Thanks to Niloofar and Venky for an insightful discussion. 

Read the recap of the inaugural BitSight EXCHANGE forum. 

Suggested Posts

How Objectivity, Standardization & Context Reduce Cyber Risk

There are numerous areas of business and enterprise risk that have been measured for years in a standardized fashion — these include financial risk, market risk, operational risk, legal risk, and even IT risk.

READ MORE »

Docker Hub: Exposing the Hidden Cost of Data Breaches

Big risks can come from small, sometimes unexpected places. When compared to all the other vendors you need to manage, you might not think of an image container for apps as a high priority — but the recent breach of Docker Hub shows...

READ MORE »

Third-Party Cyber Risk: Blind Spots, Emerging Issues & Best Practices

Recently, BitSight and the Center for Financial Professionals (CeFPro) released a joint report that explores how financial services organizations are addressing challenges associated with third-party cyber risk management.

READ MORE »

Subscribe to get security news and updates in your inbox.