CEO Today Magazine September 2018 Edition

www.ceotodaymagazine.com 18 SPECIAL FEATURES Beyond Detection Dan Turner, CEO of British cybersecurity firm Deep Secure, surveys the ever-growing list of successful attacks and asks why the cybersecurity industry has been getting it so wrong for so long. Unquantifiable Risk Some years ago, in a previous life, I had an experience that changed my view of cybersecurity forever. At the time, I was running the cybersecurity business unit of one of the largest System Integrators in the world, and one of our key customers was a global FMCG client. The carefully designed, multi-tiered cybersecurity defence we had put in for the customer hadn’t stopped them being hacked, and I was called into their head office to explain how and why the breach had occurred. It wasn’t an easy meeting. I explained that we had installed the best detection technologies that money could buy – firewalls, secure web gateways, anti-virus, intrusion detection systems. All of which were working as advertised and that the breach was largely down to a so-called zero-day exploit (one that their defences couldn’t detect) combined with the perennial weak link in any cybersecurity defence – the human factor – in the shape of a user who had clicked on something they shouldn’t have clicked on. As the session ended, one of the senior board members took me to one side and observed that despite all the investments that they had made, what I was telling him was that – in cybersecurity terms – the fact that their detection technologies were so easily evaded, left them with unquantifiable business risk. Did I have any idea Dan, he asked me, how uncomfortable the board of the company was with unquantifiable risks? As he walked away, his parting shot was “you cybersecurity By Dan Turner, CEO of Deep Secure

RkJQdWJsaXNoZXIy Mjk3Mzkz