Blog Posts Process Analysis

Cybersecurity: Predicting Yesterday’s Crimes

Blog: Enterprise Decision Management Blog

Minority Report

Sometimes, even when a vulnerability is identified or a threat properly qualified, it is too late to do something about it. The crime has already taken place.

This is the antithesis of the future seen in the Spielberg movie Minority Report, where seers expose “PreCrimes.” In today’s security world, we’re less likely to find something about to happen, or even something happening now, and more likely to find something that happened long ago.

Here’s what I’m talking about. Earlier this year, IDG polled security “experts” to predict the “single biggest security threat of 2016”. The brief was to sum this risk up in just one sentence.

My contribution was: “The biggest single security threat is cyber – more specifically, for business and political entities it is probably nation state espionage and APT (advanced persistent threat) actors.” It was a view, from the survey, shared by only about 8% of my industry colleagues.

Unfortunately, my “prophecy” was bang on, as recent reporting about a “state-sponsored” hacking attack against Yahoo has revealed. This, in the public domain, is the single largest cyber-breach in history, affecting an estimated 500 million Yahoo users and potentially compromising their personal, demographic, contact and security information.

But when I made my predicton, this crime had already happened. In fact, it happened back in 2014 and has only just been made public. Those affected were neither informed nor allowed to try to remediate any exposure through changing passwords or other security credentials for two years.

Why is that?

Complex attacks or highly sophisticated threat actors like nation states can, and often do, operate covertly for some period. But two years is as unacceptable as the level of individuals affected is unprecedented.

Getting ready for future breaches is critical. But so is checking the rearview mirror for evidence of any past compromises.

I commented on my Twitter post (@KinchB) following the recent “Future of Cyber Security” event in London that,

“No-one at #cyberEurope2016 claimed they could satisfactorily achieve the 72hr #databreach requirement. #GDPR – principled but impractical?”

This prompted some pretty hot responses about the General Data Protection Regulation and its suitability as a framework within which data breaches should be managed. The dichotomy, of course, is that nefarious activity might not always be detected, and even when it is there is no absolute guarantee that the extent of the activity has been comprehensively determined, good or bad. One only needs to look at the Yahoo case – or the TalkTalk one before it – where initial risk evaluation when news of the breach was breaking suggested a different level of exposure than what came to be revealed. For Yahoo the estimate moved from 200m to 500m. For TalkTalk it was 4m to 157k. Where information offered by the breached organisation is inaccurate it gives rise to even greater public and potential regulatory criticism and scrutiny.

We live in a world where information has never been so accessible and where adequate security measures have struggled to keep pace. We should all, as individuals, be selective about the data we volunteer, get better informed about the risks that our interactions pose, and recognise that just because we have not (yet) been told our information has been breached does not mean that someone with nefarious intentions has not already gotten it. Tomorrow’s announcement of a data breach is merely a reflection of today’s risks. And those risks are growing.

The post Cybersecurity: Predicting Yesterday’s Crimes appeared first on FICO.

Leave a Comment

Get the BPI Web Feed

Using the HTML code below, you can display this Business Process Incubator page content with the current filter and sorting inside your web site for FREE.

Copy/Paste this code in your website html code:

<iframe src="" frameborder="0" scrolling="auto" width="100%" height="700">

Customizing your BPI Web Feed

You can click on the Get the BPI Web Feed link on any of our page to create the best possible feed for your site. Here are a few tips to customize your BPI Web Feed.

Customizing the Content Filter
On any page, you can add filter criteria using the MORE FILTERS interface:

Customizing the Content Filter

Customizing the Content Sorting
Clicking on the sorting options will also change the way your BPI Web Feed will be ordered on your site:

Get the BPI Web Feed

Some integration examples