October 23, 2014 | Written by: Bill Timme
Categorized: Defence & Intelligence
There were two interesting speakers at the Atlantic Council Cyber Risk Seminar, one commercial (Dmitri Alperovitch, Co-Founder and CEO of Crowdstrike) and one government Tom Corcoran, senior policy adviser to the US House of Representatives Permanent Select Committee on Intelligence. An interesting point they made is that organizations should assume that their firewalls are penetrated and hackers are operating inside their networks. They noted one company learned they had a breach not by detecting activity, but by having Whitehats ask “If I were inside, what would I do?” and then went to look for evidence.
The takeaway is that cyber protection is a comprehensive set of activities both at the network level, training, processes and more. Those are insights you need to share with your clients.