Member Article

Security industry must come together to create a vaccine for today's cyber-attacks, says BOHH Labs

With incidents of cybercrime continuing to rise every day at alarming rates, security systems must now evolve automatically to effectively combat these threats. This is according to Simon Bain, CEO of BOHH Labs, who suggests that for this to be achieved, organizations must collaborate and share their learnings from the nearly constant stream of hacks so they can prepare themselves for the increasingly complex world of cyber warfare.

According to Breach Level Index, approximately 9,053,156,300 records have been lost or stolen since 2013. While no industry is immune from cyber threats, the financial services sector is particularly vulnerable, with Equifax providing evidence for this after the credit monitoring agency lost the personal data of 143 million customers in a massive hack in May, and also revealed it was the victim of another breach in March.

Simon Bain suggests that as ransomware, fraud, Point-of-Sale, phishing, keylogging, and malware-based attacks continue to gain traction, organizations are at increased risk of enduring costly hacks that grow more intricate and difficult to prevent each day.

He explains: “Even though organizations have the industry’s best solutions: firewalls, VPN’s, SSL certificates, encryption, and authentication policies, we still see on a daily basis that millions, and in some cases billions, of records – for example, consumer information, money, and private personal details – are stolen from these so-called secure systems.

“Currently, most security solutions merely analyze and assess network holes and system weaknesses without patching or offering fixes. Simply put, the main focus and financial investment is on support for early detection and minimising the impact of attacks; however, this does not address the root of the problem,” Bain says. In essence, it’s like getting a diagnosis from your doctor without receiving any guidance on treatments: ‘We noticed that you’re sick and the operation will be costly. Good luck.’ Obviously, detecting security weaknesses is not enough to keep hackers, who are bent on stealing resources and consumer funds and information, from winning.

As such, Bain and the BOHH Labs team believe security systems need to evolve automatically with each new call; they need to be able to react to situations, like how the human immune system reacts to an incoming disease – much like an immunization can react when germs enter the body, rather than creating feeble and unrealistic goals to prevent the germs spreading disease in the first place. Similarly, data must be protected from within. It is up to organizations to try preventive measures initially, to stop the disease – in this case the hack – in the first place and to protect consumer data before there’s a threat.

“Current technologies still have a part to play in security, but they remain unreliable in a vacuum without addressing their vulnerabilities in the first place,” Bain notes.

“Improving security in 2017 requires industry collaboration. With all the detection solutions being employed currently, organizations must share the insights they learn during the nearly constant stream of hacks they face daily. Take virus protection – everyone shares that information publicly and within a few hours the virus is dead. While most organizations do not want to disclose to the public incidents of breaches for fear of damage to their reputation and customer loyalty, without open communication organizations will not progress when it comes to security analysis and preventing future hacks,” concludes Bain.

This was posted in Bdaily's Members' News section by BOHH Labs .