Promoted
C2 Montréal

Surviving the cyber attack of tomorrow

We have to change the way we think about cyber security - it's getting a lot worse ...

Robert Masse talks to workshop participants at the C2 conference
Robert Masse talks to workshop participants at the C2 conference

Over the past year we’ve seen more businesses fall victim to security breaches. TalkTalk hit the headlines in late 2015 after an attack on its customer records saw thousands of files with personal information leaked. JP Morgan Chase, Target, TK Maxx, Home Depot, eBay — have all fallen victim to cyber attacks over the last two years.

Robert Masse, a partner at Deloitte, said you don’t put measures in place because you might get hacked, you prepare for the fact that you will. "Everyone gets hacked," he said. "We have to change our way of thinking to, ‘When will we get hacked? And how will we recover?’ "

Masse ran a workshop at the C2 conference in Montréal that took participants through the steps of a cyber attack. He also offered useful nuggets on how innovation and cyber security go hand-in-hand when it comes to protecting businesses.

Masse identified the root causes of infiltration as accidental, where things are published by mistake or by human error, hacking, or loss or theft of hardware; the "threat actors" are mainly hackivists; criminal rings; nation-states; insiders; or quite commonly, disgruntled employees.

Here are the top 10 cyber challenges for enterprises:

- Legacy systems that have not been patched or adequately secured

- Operating without central security policies and standards

- Lack of central management and monitoring of critical assets

- Focus has been primarily on looking down the perimeter

- Malware defenses are inadequate to address today’s threats

- Cyber incident response capabilities are basic or nonexistent

- Often ignoring or not considering insider threats

- Siloed operating model: lack of enterprise risk awareness

- Heavy reliance on technology without adequate operational processes and procedures

- Supply chain vulnerabilities are not measured or managed

The impact of cyber attacks is damaging. Consumers lose trust in the business; reputations are left in ruins; and in serious cases, financial fraud has a devastating outcome for consumers — and the business. But although things may be getting worse, businesses are beginning to take action and ensure they have proper response plans in place.

Apart from the obvious resolutions such as encrypting data, securing hardware and ensuring proper procedures are followed, cyber security will come with culture changes in our businesses.

Topics

More from C2 Montreal

Origin's new CEO Tom George
Head shot of Sara Bennison
Image of judges Rachel Forde and Trevor Johnson
Curtis Weir, out of home group director at Publicis Media
Image of two middle-aged men
A group of people laughing together
Still from EE ad
Ronald Ng and Ioana Filip

insert your text here

insert your text here