BitDepthFeatured

Cybersecurity must be driven from the top

4 Mins read

Above: Illustration by ArtemisDiana/Depositphotos

BitDepth#1415 for July 17, 2023

Leading the June 29 panel discussion on building a security minded culture at the AMCHAM Tech Hub Islands Summit, Bryan Kane, Innovation Director for Digicel Business, offered a provocative question.

Putting two links to a Digicel website up on a slide; he asked a room of experts which was the fake.

Kane was demonstrating a homoglyph domain used in phishing, which disguises the real URL by using a letter from another language in the domain name.

The “L” in Digicel was a letter in another language that appeared identical to the Latin character set.

Microsoft analysed 1,700 homoglyph domains between January and July 2022 and discovered that 170 techniques were used to disguise URLs, but seven per cent of domains used just 14 techniques.

Quick tip. Hovering your cursor over a text URL on most modern operating systems will reveal the actual link you will be directed to.

“Seventy per cent of attacks are the result of human error or misunderstanding,” Kane said. “People are the major culprits in cybersecurity lapses.”

“I want you to remember that every single day within your organisations, your people, your citizens, your employees, your users, are having to deal with all these things, all the time. So they’re receiving emails, Teams messages, SMS messages. How do they know what’s real and what’s not?”

Vitra Gopee.

The consequences can be dire. Vitra Gopee, moderator for the panel discussion, noted that according to IBM, it takes an average of 197 days to identify a security breach and 69 days to contain it.

Factor in the months that can be lost trying to reconstruct lost business records and the cost of cybersecurity prevention begins to look much less expensive.

“I work with a lot of customers throughout the region and there is there is a gap between the board and CEO and cybersecurity,” said Stephen Juteram, VP for Sales at Hitatchi.

“What we’ve seen happen is that organisations are taking strategic decisions for digital transformation and in many cases, cybersecurity is an afterthought.”

“We’ve started to see more chief information security officers being hired to be that person at the C-Suite level, making sure that security and privacy are embedded by design into the projects from day one.”

“Some businesses can’t justify having a full time CIO, so organisations have been offering those services to give boards support in making those decisions.”

“CEOs are responsible for cybersecurity,” agreed Kane.

“When a board of directors hires a CEO [cybersecurity] needs to be an interview question during that stage. Because when you think about it, CEO’s can be fired for [the consequences of] a cyberattack. Now it’s a boardroom conversation.”

But Kane also advocates a company-wide response to the growing cybersecurity threat.

“To build a cybersecurity minded culture, it’s really all about education. Teach everybody everything. From the CEO, all the way down to every individual user within the organisation. Everybody needs to understand why they’re part of the problem and how they can be part of the solution. Don’t leave any gaps. The CEO or the CIO is responsible for how this happens.”

Bryan Kane.

“People are causing the problem, but people are also the solution to the problem. [It can be] very hard to get them understand that and get into that cybersecurity mindset.”

“When you can’t get the people to guide the organisation, it becomes very difficult to manage things, to decide how to do things, how to implement, what to buy, how to buy it.”

The cybersecurity challenge is only going to grow as artificial intelligence begins to power tools. AI doesn’t need nap-time or breaks or vacations, Kane warned.

“It just keeps going until it finds a way into the organisation, and then it passes that [access] on to a hacker.”

“AI can bring 24 -7 [response] visibility, it brings you to that point where you’re able to collect information, analyse it in real time, you’re able to isolate and you’re able to repair and remediate.”

“[Let’s say that] Brian logs on to his laptop in Trinidad and then 20 minutes later, he logs on to his laptop in Poland. That sort of behaviour is not normal. AI can now detect this and help you to isolate Brian off the network, protect everybody else while we’re dealing with Brian. Brian’s a nuisance.”

Kane warns that spending money on cybersecurity doesn’t improve safety.

“There are companies who spend hundreds of millions on cybersecurity, but they still get breached every single year, so it’s really about how cleverly you implement it, who’s watching in real time, what are you doing every single day of the week?”

“Are we missing some of the alerts that are coming in every single day? Are we catching everything and filtering correctly?”

The most important thing is to make a start and make it a good beginning.
“Stay vigilant.” Kane warned. “Don’t allow them even an inch into your infrastructure. Do not give them any opportunity to get in. “

“Always look for new ways to protect yourselves. Always be training your staff. Be vigilant when they’re following the frameworks that you’ve laid out for them.”

“And it’s simple things. You know the password policy? Nope? If you don’t change a password, you’re off the network. Be diligent about it. Be strict about it.”

“I believe in execution, I believe in beginning, I believe in starting something, even if it is just the basics. Even if it’s just the training and the endpoint protection with just those two things alone, you can reduce your attack surface by up to 85 per cent.”

Blue skies for microblogging?

Blue skies for microblogging?

Bluesky hit its current high of 23 million users faster than expected, but it’s way behind X.
Read More
The apps that thrive in Apple’s ecosystem

The apps that thrive in Apple’s ecosystem

By Apple's own yardstick an app that shares usable data across three devices is acceptable one that synchronises with four is a winner.
Read More
America’s open mic moment

America’s open mic moment

What made online pundits so effective in the US election?
Read More
The press and the president-elect

The press and the president-elect

Beyond the president-elect's often-expressed intent to retaliate against journalists he believes are unfairly attacking him is the agenda of Project 2025.
Read More
All washed up

All washed up

Dirt on its own will simply shake out of fabric. What keeps it in place is oil and grease, readily generated by human skin.
Read More
The state of Caribbean digital transformation

The state of Caribbean digital transformation

Despite 87 per cent believing that digital will disrupt their industry, 87 per cent acknowledged that they don't have the right leaders
Read More
The WordPress War

The WordPress War

WPEngine and the websites of its customers were blocked from the WordPress log-in system theme and plug-in updates and other background processes that enable a Wordpress website.
Read More
A budget of concrete and asphalt

A budget of concrete and asphalt

Four years after Hassel Bacchus took up the pioneering role of Digital Transformation Minister, the 2025 budget could not identify any completed transformation project that's positively affected citizens.
Read More
Arima’s first step toward becoming a smart city

Arima’s first step toward becoming a smart city

The public WiFi was officially activated on September 28 at the hospital, and it's fast. A local ping registered 250 megabits of download speed and 126 for upload.
Read More
Now hear this!

Now hear this!

Budget headsets will effectively dampen ambient sounds, but tend to be an all or nothing solution.
Read More
A taxing time for all

A taxing time for all

Tax collection began using the least customer-friendly interface imaginable, lines outside a government building.
Read More
Mobile devices, a war of increments

Mobile devices, a war of increments

Mixing and matching the two rival ecosystems is essentially impossible, so it's the utility of the products combined that makes the biggest difference.
Read More
Why cash is king in Trinidad and Tobago

Why cash is king in Trinidad and Tobago

In 2017, 16 per cent of users owned a credit card, a figure that dropped to 15 per cent by 2023.
Read More
I shopped at Temu!

I shopped at Temu!

Temu is great fun to explore and offers many bargains but product quality can be wildly variable.
Read More
What’s needed to make e-Governance happen?

What’s needed to make e-Governance happen?

“If we look at successful governments that have achieved a certain level in of success in these programs, some things stand out."
Read More
Changing the education conversation

Changing the education conversation

There are local schools that aspire to continuous improvement and others that struggle to make it through a working day without bloodshed.
Read More
Practical steps to reducing cybersecurity risks

Practical steps to reducing cybersecurity risks

The process, to be effective, must be ongoing and managed to ensure that vendors meet required standards.
Read More
The consequences of careless code

The consequences of careless code

The cruel reality of Crowdstrike is that it wasn't a cybersecurity attack. It was a quality of service lapse and the incident puts IT professionals in an odd space.
Read More
What leaders are doing to enable digital transformation

What leaders are doing to enable digital transformation

If people in your organisation are coming to you, telling you we need to change these things, you really should listen.
Read More
Apple’s photography workflow

Apple’s photography workflow

Every Apple device has a Photos database and every image that's taken with a mobile iOS device or imported into the desktop Photos app gets added to it.
Read More
Blue skies for microblogging? Blue skies for microblogging?
The apps that thrive in Apple’s ecosystem The apps that thrive in Apple’s...
America’s open mic moment America’s open mic moment
The press and the president-elect The press and the president-elect
All washed up All washed up
The state of Caribbean digital transformation The state of Caribbean digital transformation
The WordPress War The WordPress War
A budget of concrete and asphalt A budget of concrete and asphalt
Arima’s first step toward becoming a smart city Arima’s first step toward becoming a...
Now hear this! Now hear this!
A taxing time for all A taxing time for all
Mobile devices, a war of increments Mobile devices, a war of increments
Why cash is king in Trinidad and Tobago Why cash is king in Trinidad...
I shopped at Temu! I shopped at Temu!
What’s needed to make e-Governance happen? What’s needed to make e-Governance happen?
Changing the education conversation Changing the education conversation
Practical steps to reducing cybersecurity risks Practical steps to reducing cybersecurity risks
The consequences of careless code The consequences of careless code
What leaders are doing to enable digital transformation What leaders are doing to enable...
Apple’s photography workflow Apple’s photography workflow

🤞 Get connected!

A once weekly email notification of new stories on TechNewsTT. Just that. No spam.

Possible UI Glitch. Click top right corner to dismiss 👉

Get Connected!

A once weekly email notification of new stories on TechNewsTT.

Just that. No spam.

Related posts
Press Releases

Samsung extends Knox security to its home appliances

2 Mins read
Knox Matrix is a security solution that comprehensively protects connected devices and networks using private blockchain technology.
BitDepthFeatured

The state of Caribbean digital transformation

3 Mins read
Despite 87 per cent believing that digital will disrupt their industry, 87 per cent acknowledged that they don’t have the right leaders
Opinion

Emerging trends and innovations in B2B management software

4 Mins read
Blockchain provides a transparent record of transactions and makes it an attractive option for businesses who want to strengthen the trust and security of their operations
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

1 Comment
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
×
BitDepthFeatured

Strengthening cybersecurity for your business

1
0
Share your perspective in the comments!x
()
x