Light Dark
July 16, 2018 By Caleb Barlow 4 min read
Artificial Intelligence
CISO
Fraud Protection

In recent years, we’ve seen ample evidence of our collective cybersecurity failures. But we still haven’t learned the most important lessons.

To start, there is no silver bullet — no single technological fix. What’s more, while cybercriminals have been coordinating in organized groups, we have been trying to fight cybercrime in silos. If we are going to beat back the advances of cybercrime, we need better collaboration within the cybersecurity industry, with shared intelligence across public and private sectors.

We must focus more on responding to the inevitable “boom moments” after a breach occurs, not just what comes “left of the boom,” the prevention and detection of threats. Furthermore, we need a drastic elevation of cybersecurity skills and awareness.

On that last point, we need to raise the level of cybersecurity awareness — not just to protect our businesses, but among the general population. Our families and friends must understand what we’re up against and become knowledgeable of security hygiene to deny cybercrime organizations the victims they need to finance their operations.

That’s why I’m so proud that IBM Security teamed up with Atomic Entertainment and Science Channel to create a documentary special that explains, in provocative detail, what we’re up against.

Go Behind the Scenes of the Fight Against Cybercrime

Dark Web: Fighting Cybercrime” — airing on Science Channel at 5 p.m. EDT on Thursday, July 19 and available afterward on-demand — brings to a mass audience a close encounter with the dark corners of the internet and offers insights into the history of cybercrime and where it’s headed. Better yet, the film goes behind the scenes of the fight against cybercrime, bringing you right inside a security operations center (SOC) to witness a simulation of a cyberattack and the challenges of responding in the moment to stop the “bleeding” and mitigate further damage.

Take a peek inside the dark world of cybercrime

I’ve been a part of hundreds of these simulations in our IBM Security X-Force Command Centers, and I have seen many accomplished and smart executives grappling with a kind of pressure few have experienced before.

When you watch the Science Channel special, you’ll see why practice runs are essential for security teams and business leaders to understand how to respond to an attack. While first responders and military service members train rigorously to deal with threats, the same can’t be said about organizations under threat of cyberattacks.

Just think about the training and preparation a military pilot goes through — hundreds of hours in simulators and in classroom training. But business leaders today are taught to be deliberate in their decisions, to pause and collect all the data before acting. That’s about the worst thing you can do when there’s a breach. After the boom, you need to act right away to prevent a bad situation from becoming worse.

Learn How to Keep Calm in the Face of a Cyberattack

Many of the people who go through the simulations in our command centers can become flustered and discouraged, despite being highly capable leaders. When the CEO who normally acts with confidence when making business decisions is suddenly thrust into the unknown of a cyberattack, the fight-or-flight adrenaline makes decision-making extremely difficult, and he or she starts to make mistakes.

It’s like trying to learn a new sport: You are bound to fail at first, but it’s by failing that you learn. And it’s far better to strike out or miss a tackle in practice than in a real game.

For many of our clients, it’s very apparent that rehearsing these situations is essential to honing their crisis leadership. By experiencing a simulated cyberattack, teams build muscle memory of what to do and with whom to communicate. By incorporating what they’ve learned, leaders can go back to their organizations and script their responses to automate as much of the decision-making process as possible. You can act faster and more effectively when the rules are written down, processes are established and everyone understands their job.

As the Science Channel special demonstrates, there’s a common thread among successful teams in our cyber ranges, and that’s the calm and collected leadership of people with backgrounds in the military or first responder jobs.

We need more of these disciplined and quick-acting men and women in cybersecurity. But the traditional way of recruiting cybersecurity staff — finding experienced professionals with a background in cybersecurity, college degrees and information security certifications — can overlook nontraditional candidates who can nonetheless do the job. At IBM Security, we’ve advocated and put into practice a “new collar” approach to recruiting professionals. It means looking beyond credentials to find individuals with the skills, aptitude and attributes to adapt to new cybersecurity roles.

Why I’m Optimistic About the Future of Cybersecurity

Unfortunately, there’s a lot of pessimism right now about the acceleration of threats, mounting breaches and exploding costs of incorporating a wide array of disparate and disconnected security technologies into IT environments. Yet, I am optimistic, because we do not have to fight alone.

By collaborating across organizations and within the security industry, we can limit the spread of threats through shared insights and intelligence. Together, the cybersecurity industry and our partners can simplify security by integrating our solutions, because complexity is the enemy of security.

We also have a new partner that can help turn the tide in the fight against cybercrime: artificial intelligence (AI). By advancing the security applications of AI, we create a force multiplier, because automating tasks and limiting false positives frees up human analysts to make critical decisions faster.

Finally, it bears repeating that we must create more allies in this fight by educating our employees and the general public about threats to their online privacy and security. I think “Dark Web: Fighting Cybercrime” does a standout job of doing just that.

Whether you’re a security professional, business executive or concerned citizen of our digital world, you’ll gain valuable perspective from this fascinating documentary. Check out the trailer below to get a taste of the action, and watch “Dark Web: Fighting Cybercrime” on Science Channel at 5 p.m. EDT on Thursday, July 19, and later on-demand. Get your friends and family members to watch too — after all, we’re all in this fight together.

https://www.youtube.com/watch?v=NJRYJ2MfxWw

Take a peek inside the dark world of cybercrime

 |  |  |  |  |  |  |  |  |  |  |  |  |  | 
Caleb Barlow

More from Artificial Intelligence
April 25, 2024

NIST’s role in the global tech race against AI

4 min read - Last year, the United States Secretary of Commerce announced that the National Institute of Standards and Technology (NIST) has been put in charge of launching a new public working group on artificial intelligence (AI) that will build on the success of the NIST AI Risk Management Framework to address this rapidly advancing technology.However, recent budget cuts at NIST, along with a lack of strategy implementation, have called into question the agency’s ability to lead this critical effort. Ultimately, the success…

April 24, 2024

Researchers develop malicious AI ‘worm’ targeting generative AI systems

2 min read - Researchers have created a new, never-seen-before kind of malware they call the "Morris II" worm, which uses popular AI services to spread itself, infect new systems and steal data. The name references the original Morris computer worm that wreaked havoc on the internet in 1988.The worm demonstrates the potential dangers of AI security threats and creates a new urgency around securing AI models.New worm utilizes adversarial self-replicating promptThe researchers from Cornell Tech, the Israel Institute of Technology and Intuit, used what’s…

April 10, 2024

What should an AI ethics governance framework look like?

4 min read - While the race to achieve generative AI intensifies, the ethical debate surrounding the technology also continues to heat up. And the stakes keep getting higher.As per Gartner, “Organizations are responsible for ensuring that AI projects they develop, deploy or use do not have negative ethical consequences.” Meanwhile, 79% of executives say AI ethics is important to their enterprise-wide AI approach, but less than 25% have operationalized ethics governance principles.AI is also high on the list of United States government concerns.…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature