In the months since BitSight’s inaugural EXCHANGE forum inaugural EXCHANGE forum, we have been digesting and processing the incredible sessions and discussions that came about from this forum. It was a great event that brought together security executives from all over to discuss the challenges they face in their roles every day.
One discussion that stood out was the conversation between Niloofar Razi Howe (Former CSO of RSA) and Venky Ganesan (Managing Director of Menlo Ventures) about today’s threat landscape and closing the cyber risk gap.
“In our industry, in cybersecurity, we're plagued by the exact same issue, which is too many organizations find themselves unable to understand the business implications, the risk implications, from the technical details of the issues that they face. Now, 10, 15 years ago, cybersecurity was on... Actually, at this point, I've been in this industry for a long time too. I should say 15, 20 years ago. Our industry was a dark art. There is no question about it. The security officers were in, you know, the bowels of IT departments solving very, very technical problems. But today, it's not a dark art anymore. It's a business problem. It's about managing risk.”
“So many aspects of our lives are instruments. They're monitored, they're analyzed, all to help us make better decisions, right, about our health, about how we get to places, our living conditions, how we manage and how we use our time. As business leaders, we drive productivity. We drive profitability. We drive growth. We drive innovation by embracing technology. As you look forward, our personal and our professional lives are gonna only become more dependent on cyberspace as we embrace these new waves of technology. And the network effects are going to be absolutely pronounced.”
“So, what has all this investment done for us? Well, the problem is if you look at the threat landscape, it doesn't feel like it's done a whole lot for us, right? In 2017, there were over 53,000 security incidents. There were over 2,000 data breaches in over 65 countries, all of it with unprecedented implications. We saw with Mirai Botnet that your toaster could be turned into an attack vector to take down Twitter. And yet, we still are connecting devices to the internet at an unprecedented rate. J.P. Morgan, Yahoo, Equifax, basically the entire Western world, has been breached. Phishing is fascinating too. And I think someone touched on this earlier.”
“And, of course, enterprises have to think about this as risk management to protect the things that matter most. And once we start connecting the dots, right, as government and industry start coming together, we all have information. Sharing that information becomes more valuable. That's when we really close the gap.”
Thanks to Niloofar and Venky for an insightful discussion.