As an attendee and a panelist at the recent Fortune MPW Next Gen Summit, I had the opportunity to learn from some of the most inspiring, disruptive and creative women from government, business, philosophy, education, sport and the arts, as they challenged our thinking on everything from health and wellness to the future of tech and diversity.
Joining me on the “The Looming Cyberthreat” panel was moderator Michal Lev-Ram, a senior writer for Fortune; Melody Hildebrandt, CISO at 21st Century Fox; Wendi Whitmore, Global Partner and Lead at IBM X-Force Incident Response & Intelligence Services; and Michelle Zatlyn, COO and co-founder of Cloudflare. We covered a lot of ground and the insights from my co-panelists were so incisive that I decided to share them. There are some real, tangible actions here that are valuable to any organization.
Looming cyber regulation was, unsurprisingly, a major concern. The panel’s view: expect to see more and more focus on this by regulators from now on. From General Data Protection Regulation (GDPR) to the New York Department of Financial Services (NYDFS) to China and beyond, new rules are coming on line, particularly around incident reporting and breach notification. And for any company that thinks GDPR doesn’t apply to firms based outside the European Union (EU), think again. The regulation in fact covers EU residents and how their data is managed and protected, regardless where the company that gathers the data is based.
The audience asked a lot of questions about cyber innovation and how emerging companies are garnering funding from venture capitalists. At the top of the list are companies that provide new ways to detect and prevent insider threats, enable data classification and automation for security operations center orchestration.
We all agreed that the future for cybersecurity doesn’t lie with implementing single-point solutions that introduce cost, complexity and often difficulties with interoperability.
Going forward, as organizations move to the cloud, we’ll see more and more platform-as-a-service solutions, with managed security services focused on outcomes. Enabling cloud security is an urgent priority. So is ensuring that systems are patch-ready, because once vulnerabilities are published, cybercriminals exploit them within minutes, not hours or days.
Accenture Security is in the thick of all these issues. We’re organized around solving the most challenging cybersecurity challenges:
The beautiful basics – embedding security into all aspects of operations so that bad guys can’t take advantage of known vulnerabilities
Innovation – investing in new ways to address cybersecurity issues (how do we outpace the bad guys?)
Diversity and inclusion, because it’s going to take truly creative and diverse ideas to rise to this challenge
Drawing on our experience with clients, it’s clear that business and security professionals have to get much closer together. For security organizations to be successful, they must not only have sponsorship from the business, they also need to understand the business they are securing. In the security world, we often say that you can’t protect what you don’t see. We should also be saying that you can’t properly protect what you don’t understand.
From a threat perspective, we have to recognize how difficult it is to attribute attacks to their sources—today and in the future. A hacker might be working for an organized criminal organization one day and selling services to a nation state the next day.
Whether at a national level, or for companies and public service organizations, the trend toward highly destructive attacks has grown exponentially in recent years. This is a massive concern and why partnerships between business and government are so important.
From what we see, financial services clients are often the most advanced in this space. The most sophisticated among them practice incident management with other firms, government partners and third parties.
The bottom line, and something all of us agreed on at the Summit’s security breakout session: to counter the huge threat posed by cyber crime, we need to be investing in new solutions together.
By using innovations like blockchain, encryption and biometrics, we can get beyond just protecting consumers with passwords and usernames to protecting their privacy and making the world’s financial system more secure. It’s where partnerships like Accenture and Microsoft’s ID2020 digital identity initiative for the United Nations are a great first step.