Last week, we hosted #SecChat on the topic of threats and cyber espionage. With the recent Night Dragon threat earlier this month, we thought it would inspire a timely and lively discussion. We were right. Looking back on the chat, we had over 50 contributors who were engaged and shared with us over 300 tweets on the topic.
We kicked off the conversation by asking what companies should be doing to protect against IP theft. According to @kevinkrus, it’s important to start with a presumption of suspicion and take into account a level of risk-tolerance where trust should be dealt out sparingly. For @DaveMarcus, he stated, “forensics and IR are becoming more important than ever. Expect compromise and targeting.” In the meantime,@joshcorman began a list of thoughts and one of them being that as an industry, we need more precision and commonality in our language use. This was widely agreed by other participants. He also stated that APT is not a question of “what” but rather a question of “who and how” thus leading him to coin the phrase Adaptive Persistent Adversary.
As the conversation moved onto the question of security priorities and the importance of protecting IP, @anton_chuvakin expressed that assuming assets are owned is a good model but it is a difficult one to apply. @DaveMarcus added that while it may be a difficult model to apply, it at least causes one to think through answers and stages deductively. @Joshcorman also emphasized that compliance should never be confused with security whereas @djbphaedrus rephrased and said that good security can result in compliance.
The chat turned to big picture when we brought up the need to broaden the security community and begin hiring criminologists, economists, sociologists and psychologists to help with cyber-espionage. As@davemarcus mentioned, the more non-infosec people we can get into infosec, the better. So long as those people have a passion and a willingness to learn and contribute, according to@danielkennedy74. Other participants suggested bringing in skilled and motivated educators to teach and shape new behaviors. In the end, participants felt that a focus on social engineering, like research, training and awareness would help the state of affairs for threats and cyber espionage.
Readers, what are your thoughts on the topic or the comments provided by the contributors? Post your comments below and let us know.
We’re also taking suggestions for new #SecChat topics each month. If there’s a topic you’d like to discuss, please leave it below or tweet @McAfeeBusiness with the hashtag #SecChat.
by Brian Contos
