After a company has been hacked and the hack has been discovered to be a harmful one, top executives and IT leaders normally huddle in a room to assess the loss.
It is usually not a pretty scene. While there may not be exploding heads, it can be more of a Damascene moment.
“It’s not good,” said cybersecurity expert Tyler Cohen Wood.
Cohen Wood has participated in post-hack forensics activities in companies and has witnessed the faces of panicked executives first hand.
Panicked
“People are scared, and a lot of times they don’t even have logs of what happened in the hack and they still have to get the company up and running,” Cohen Wood explained. “They have to have help as much as possible and [they have to] work quickly.”
Cohen Wood is currently cybersecurity advisor for online learning provide, Inspired eLearning, but has been part of cyber-incident response teams in previous jobs. Before her current role, she spent 13 years as a Defence Intelligence Agency senior intelligence officer and deputy division chief for cybersecurity.
“I’ve never personally been hacked, but I’ve been through the trauma of incident response at companies to help them with their trauma,” she said. “I understand the pain. People are worried about how to fix it and what do to. It’s a terrible thing to go through. It’s the feeling you have when something personal is stolen, but much worse — that feeling of being vulnerable.”
Those kinds of insights have influenced her blogs, presentations and curriculum materials to help companies protect against cyberattacks and beef up their cybersecurity.
In an era when private-sector and government cyberattacks are reported daily, Cohen Wood is worried that apathy has set in. In that sense, it helps to reflect on how it feels when a company gets hacked.
Serious problem
“Companies are getting hacked left and right. When you get to the point where every day you read about another major company getting hacked and your reaction is, like, ‘OK,’ then that’s a really, really big problem. People are apathetic about cybersecurity. We have a serious problem.
“It’s not like we use devices only as a tool. They have become part of daily life and we rely on them. We have shifted to where we have so many different types of systems — from banking to healthcare to transit and the power grid.”
Cohen Wood believes companies need to educate workers about cyberthreats and that IT shops need to assiduously stay on top of them with a shed of tools. She is also concerned that the major university computer science programmes are failing to do nearly enough to prepare IT workers and coders with cybersecurity courses.
Education hole
“As we move to everything being connected in an internet of things world, these devices need to be coded securely… As hackers get better and better and we have a generation with less training in security, we have a big problem.”
Cohen Wood said her advice to average workers is to make sure they are involved in some type of security education programme, just to understand the cyberthreats.
“You have to be cognisant that what you post on your social media about yourself or your company doesn’t make it easy for somebody to piece together a pattern about your company or your kids that can later be compromised. When you get a device, like a smartphone, really look at the risks, change the default password, read the terms of service and update it when attacks come out.”
Subscribers 0
Fans 0
Followers 0
Followers