by senior contributor Brendan Kownacki
Photo credit: Brendan Kownacki
“How do you protect a perimeter that’s constantly evolving?” That was the big question posed by millionaire investor and cyber security expert Robert Herjavec as he addressed the CSX 2015 Conference in Washington DC, hosted by ISACA. Many know Herjavec for his presence on the hit television show Shark Tank, but don’t realize that his passion and background comes from being an IT entrepreneur and founding The Herjavec Group, a company dedicated to cyber security.
This week in history actually marks the anniversary of the creation of the first computer virus and also of the first self-replicating computer worm; two events that arguably kick started the cyber security industry and help to accentuate Herjavec’s point. How is it that we go about policing an industry that grows and changes at such a supersonic pace? Herjavec showcased a picture of the Titanic, at the time the largest moving object on Earth, and then he showed off a modern day cruise ship, which makes Titanic look puny in any comparison. Herjavec pointed out that this is an easy example of what 100 years of progress looks like, and that we know today that the technology industry changes even quicker, which comes with many positives but presents an array of problems and challenges to address.
Robert Herjavec
There is hacking, there is piracy, there are data leaks—a series of problems that on vocabulary alone would confuse our ancestors and thus leaving us in uncharted territory. Many industries in recent years have struggled to keep up with an evolving threat to the cyber landscape and know what to do when a hack hits. “More data is not more intelligence,” says Herjavec. Just because we have a lot more information in the modern world doesn’t mean we know how to handle it. Herjavec says that with his clients, he sees that a hacking crisis will hit and at first, CEOs will search for answers wanting to know who did it and how and call the police. Before long he says, the priority shifts quickly to ‘how do we get back to business?’ and the particulars matter much less.
This attitude is easy to see if you look at the aftermath from the infamous Sony hack last December. There was a lot of finger pointing, but very quickly the focus became about how to move on and get back to business-as-usual and minimizing the damage to trust and reputation in the bigger marketplace. Hollywood is the perfect example of an industry that faces constant challenges in the cyber world; an industry that exists based on distributing content and information when authorized and securing that same content and information from piracy. Film and music is one of the largest (and most prominent) exports from the United States around the globe and so the piracy problem is not a small one.
Herjavec said that regulation will come down the line but that it won’t be the saving grace to tackling cybercrime. At this point, the threat is evolving as quickly as the solutions and without any limits, so sometimes faster. “You’re really not responsible if someone gets in—but you need to know when they got there and what did they take” says his perspective on being fully prepared for every predator in cyber land. He pointed out that just because windows and doors are easy to crack when breaking into a house, we didn’t stop using those, and the same will be said about digital precautions in the future.
Cyber security problems seem like a regular occurrence in the news these days; whether it is credit card fraud, a data breach for a major retailer or even the recent news that CIA Director John Brennan had his person email account hacked. Hollywood on the Potomac spoke with former Congressman Mike Rogers who served as the head of the House Intelligence Committee to gain some perspective on how private industry as well as the US government is tackling the cyber threat.
former Congressman Mike Rogers Photo courtesy of mikerogers.com
“It’s bad and getting worse,” said Rep. Rogers who served in the House of Representatives from 2001-2015. “It’s not just a technology problem, it’s an anthropology problem; it’s a people problem.” Rogers said that the technical act of securing our information needs to be paired with human preparedness and a logical preparedness to keep adapting our methods. Rogers pointed out that our cyber problems are just beginning and that the so-called ‘internet of things’ will add some 28 million new targets for hackers to cause mischief with as we integrate technology and network pairing with more and more daily objects that we encounter. Every new application or technology is equal parts innovation and opportunity for the bad guys to cause mischief.
Photo courtesy of MikeRogers.com
“The internet was never designed with security in mind,” points out Rogers about the major flaw in trying to secure the electronic perimeter of our things and our information, just as Herjavec pointed out. New objects linked to networks like thermostats and cars may provide convenience but they also offer a new matrix of vulnerabilities that cyber criminals can use to terrorize the Average Joe. With each passing year, we increase the generation of people who are practically born with a cell phone in their hand who see an open culture of constant sharing and the more information volunteered into the cloud leaves more openings for chaos. As Herjavec had pointed out, more data isn’t more intelligence and it doesn’t mean we’re more prepared to handle a world where our financial data, our personal pictures and much more are constantly at risk of distribution. Social media has created the sharing economy when it comes to information but that doesn’t mean that information is safe; which Rogers said was easily seen during the cell phone hacks last year that dumped troves of nude photos of actresses onto the internet.
Rogers said that our culture still reveals too much of a “People Magazine approach to this” because hacks of nude photos or personal emails in the case of Sony just lead to more people wanting to see what was behind that curtain rather than a gut reaction of disgust that the material was at its core, stolen property and that the same thing could happen to them at any time. Rogers said that same cultural flaw is apparent in the cases of movie and music piracy, where younger generations act on a feeling that “if it’s on the internet, it must be free” and that our openness to share and put content online means that we also feel open to take, which can and is wrong in some cases. Industry organizations have been tackling this issue since the days of Napster and every other torrent and file sharing site that has followed.
Robert Herjavec
The big takeaway from both Herjavec and Rogers is that nobody is exempt or safe from cyberattack. Nation States are targeting governments but also individual companies and outsourcing their work to cyber mercenaries to pillage networks around the world. From the seemingly innocuous spam in your inbox to State sponsored attacks on our financial institutions show that, at least for now, the cyber landscape is little better than the wild west, no matter how safe we feel. In the wake of the Sony attack, many Hollywood studios began to examine how they secured their own content and put policies in place to help respond to threats and problems they might face down the road. Rogers says it’s going to take policy and education to meet the challenge or we risk tainting the trust level that people have for any information they get through an electronic device, and that could cripple our economy and our whole society.
Robert Herjavec
“Some days I feel like an undertaker” said Herjavec about running a business that some days gets new clients after a crisis hits. His approach though, along with others is hopefully preparing us for a better future. Rogers added that he too wasn’t sure what will be the big answer and that sadly that it may take something terrible to happen before the Federal Government actually takes a comprehensive stand. “This is why you need to go right to the bar after this and have a drink,” said the former Congressman about the bleak outlook. “And pay cash for it.”
