Promoted
C2 Montréal

Surviving the cyber attack of tomorrow

We have to change the way we think about cyber security - it's getting a lot worse ...

Robert Masse talks to workshop participants at the C2 conference
Robert Masse talks to workshop participants at the C2 conference

Over the past year we’ve seen more businesses fall victim to security breaches. TalkTalk hit the headlines in late 2015 after an attack on its customer records saw thousands of files with personal information leaked. JP Morgan Chase, Target, TK Maxx, Home Depot, eBay — have all fallen victim to cyber attacks over the last two years.

Robert Masse, a partner at Deloitte, said you don’t put measures in place because you might get hacked, you prepare for the fact that you will. "Everyone gets hacked," he said. "We have to change our way of thinking to, ‘When will we get hacked? And how will we recover?’ "

Masse ran a workshop at the C2 conference in Montréal that took participants through the steps of a cyber attack. He also offered useful nuggets on how innovation and cyber security go hand-in-hand when it comes to protecting businesses.

Masse identified the root causes of infiltration as accidental, where things are published by mistake or by human error, hacking, or loss or theft of hardware; the "threat actors" are mainly hackivists; criminal rings; nation-states; insiders; or quite commonly, disgruntled employees.

Here are the top 10 cyber challenges for enterprises:

- Legacy systems that have not been patched or adequately secured

- Operating without central security policies and standards

- Lack of central management and monitoring of critical assets

- Focus has been primarily on looking down the perimeter

- Malware defenses are inadequate to address today’s threats

- Cyber incident response capabilities are basic or nonexistent

- Often ignoring or not considering insider threats

- Siloed operating model: lack of enterprise risk awareness

- Heavy reliance on technology without adequate operational processes and procedures

- Supply chain vulnerabilities are not measured or managed

The impact of cyber attacks is damaging. Consumers lose trust in the business; reputations are left in ruins; and in serious cases, financial fraud has a devastating outcome for consumers — and the business. But although things may be getting worse, businesses are beginning to take action and ensure they have proper response plans in place.

Apart from the obvious resolutions such as encrypting data, securing hardware and ensuring proper procedures are followed, cyber security will come with culture changes in our businesses.

Topics

More from C2 Montreal

Who gave the best talk at C2?
Forget storytelling. 'Hypertelling' is the future, says Google Zoo founder
Barclaycard follows Crystal Barn with visit to Upside Down House
Argonaut CEO and co-founder both leave agency
Sorrell: I'm going back to the 1990s
Primetime just got personal
DFS "Welcome in Spring" by Krow
Which? splits media duties between Craft, Goodstuff and Brainlabs
Best and worst U.S. agency parental leave policies revealed
Instagram allows users to buy products without leaving the app
Three hunts for first CRM agency
Are we there yet? DNA's president urges agencies to invest more in mentorship
Samaritans campaign uses handwriting of real men

insert your text here

insert your text here