The officers and cadets at West Point US Military Academy came to listen to a talk by former CTO of Central Intelligence Agency, Bob Flores, and Cloud Security Alliance co-chair/Vidder founder, Junaid Islam, about how to avoid catastrophic cyber failures. Such a failure occurs when a cyber attacker is able to exploit a single vulnerability to breach an entire organization’s cyber defenses.
A strategic framework for effective cyber security proposed by Bob (left) and Junaid (center) has the following essential components:
- Establish a comprehensive view of threats and capabilities
- Develop a security strategy that mitigates an organization’s biggest vulnerabilities
- Link security controls to ensure a single failure will not result in a breach
Catastrophic cyber failures have become the new norm. Data breaches at the US Department of Veterans Affairs, IRS, US Office of Personnel Management, Target, eBay, Experian, T-Mobile have all started with a single perimeter vulnerability.
How could this have happened? Here lies the problem:
- Poor alignment of activities with cyber threats
- Too many products to manage
- No re-evaluation of security setrategy as threats evolve
What this means is that not only should organizations be rigorous about creating a security framework proposed above, they should also make continuous improvement to stay ahead of the evolving attack techniques.
General Balough of the US Army (right) hosted the event.
“West Point is a very special place,” said Junaid. “They are extremely selective on who they invite. So, speaking there was truly an honor.”
This post was originally published on Vidder Blog.