The 12th annual Dallas conference is underway, and C-level executives and their teams are sharing industry know-how and new ideas. With day two just beginning, here's a taste of what we've learned so far:
Multiple speakers have used the term "surgical information" to describe the type of attacks that are being carried out. Hackers are looking for high value data, not massive dumps of it - they are combing through gold mines of information to find those little nuggets that have the most impact and will do the most damage. A recent survey from the Ponemon Institute shows that only 24% of respondents are confident in their effectiveness of preventing the leakage of high value information by malicious or criminal insiders. Keynote speaker Dr. Larry Ponemon highlighted his research Tuesday morning that showed 73% of executives don't believe they are able to restrict the sharing of confidential files amongst their employees. Whether your organization is being threatened by malicious insiders or outside hackers looking for surgical information, the level of confidence in preventing attack isn't looking good. Keynote speaker John Pirc, Director of Security Solutions for Forsyth Technology, also addressed the need to be, "more surgical in who you give access to," within your organization.
As always, communication is key. "You don't wait until your building is on fire...you can't plan for everything but you can plan for a lot," cybersecurity attorney Shawn E. Tuma said in his presentation on cybersecurity legal issues that IT practitioners should be aware of. He pointed out that in 2015, 91% of the data breaches that occurred were failures of the basics - things like passwords and data sharing. "The companies you work for are both the victims and the wrongdoers," Tuma said, addressing the attendees. So what can be done to better prepare? Everyone needs to take responsibility in protecting data, and an emergency response plan needs to be established and implemented in case of a breach. A checklist for preparing one can be found here.
Thank you to everyone in attendance; we are looking forward to Day Two and all of the information that is to be shared.