In this ESG360 Video, ESG's Doug Cahill and Mark Peters discuss current issues and trends in the world of Cybersecurity.
Read the related ESG Blog: Talking Cybersecurity Threat Landscape
Announcer: The following is an ESG 360 video.
Mark: Last time I spoke with my colleague Doug Cahill, we were talking about cybersecurity and the ability to address it, address some of the threats. This time, Doug, what I'd like to cover is actually the threats themselves.
Mark: Clearly the world is changing and it's very, very obvious and I've heard it talked about from the perspective of the having been generations of threats, and I wanted, first off, do you see that? And just talk a little bit about those generations, if indeed you do.
Doug: Oh, no question. I mean, you know, back in the '80s, when we all started to use personal computers, we had viruses that were really just sort of… They were nuisance attacks. They were sort of disruptive and they're really perpetrated by hackers as a hobby. It was sort of hacking as sport. All the way to today where we have different types of adversaries, with different motivations, with a range of attacks. Now different generations, in the middle there, for example, 2009, 2010, we really had a front and center nation state attack that was dubbed Operation Aurora, that sort of gave birth to the notion of an advanced persistent threat or a APT. And then since then, of course, we've had several criminals launching ransomware attacks. We still have some blended attacks. We now have nation states are using some of the vectors and methods of cyber criminals.
Mark: In between times, I mean, obviously, the internet came along so that made… You went from attacking an individual laptop to perhaps attacking an application, your firewalls, you got bots, you got all sorts of things to try and protect.
Doug: You bet, you bet. So we went from hooking up our PC to the internet and message boards though modems, remember those?
Mark: Yeah. Look, yes, I remember.
Doug: We had the internet, and then the web, and now cloud applications and sort of the set of controls that we've used over time have mapped to those new technologies. So yeah.
Mark: You used an interesting word I want to focus in on just for a second. You talked about motivations have changed?
Mark: Expand on that a little and at the same time, does that mean that the perpetrators, the people carrying out these attacks have changed?
Doug: I think so. We have a broader set of adversaries today. We truly are…need to worry less about the hobbyists today. It's really, front and center, we've got the insider threat, so the employee who has the various intent to either disrupt the business for...because they're disgruntled or to steal data. We have cyber criminals are looking to monetize things like ransomware. More recently, cryptojacking, stealing your CPU cycles, my CPU cycles, cloud server's CPU cycles to conduct crypto mining.
Mark: Okay, you just made me more worried, but okay.
Doug: Yeah, that's a new one. So cyber criminals and then nation state attacks for espionage, for stealing intellectual property, as we saw in the case Operation Aurora, as I mentioned, hacktivist, so hacking for cause, to political intent. So range of adversaries with different motivations.
Mark: As the range, the adversaries, the perpetrators, the motivations have all changed, I remember last time when we spoke, we were talking about how to address some of these things and it was very… you know, we talked about the fact that there are literal padlocks, there's virtual walls around everything. I presume..is it logical to assume that everything is, for want of a better word, accretive? In other words, you now, everything is still there, you don't just suddenly all end up in this latest generation of challenge. You still need to be able to address all the potential problems.
Doug: Yes, with a qualifier. So we still need to have defense in depth, because the attack surface has expanded. We have different attack vectors that are vulnerable. But that's become somewhat untenable for, especially larger organizations, that have one of everything, right? The operational overhead of developing a set of expertise and a broad set of security controls, it is very expensive. So we're starting to see a consolidation of disparate products and technologies to cyber security platforms. And it's something we're keeping a close watch on.
Mark: Okay, so that you have ability to defend against all sorts of different attacks, in quick summary.
Doug: Yeah, in a more consolidated product.
Mark: Let me finish on this, which I know you hate asking and I probably…you hate answering and I…to some degree, I'm nervous about asking, but are you optimistic?
Doug: Yeah. So I'm here. I'm an optimist at heart, right? So it's easy, no matter where in cybersecurity you work, to be a pessimist. With that said, there is so much innovation and there is so much collective intelligence that's now being shared amongst vendors and organizations, that I am optimistic, I think we can at least keep pace, but we absolutely have to be vigilant.
Mark: All right, Doug, thank you very much.
Doug: Thank you, Mark.
Mark: Thank you for watching.