Cybersecurity: Innovation Challenges with Bores Consultancy, StoneTurn, Mambu, CyberD TV and SAP NS2

Throughout the whole month of January, fintech times It will explore every dimension in one of the industry’s most pressing topics: cybersecurity.

We’ve covered the latest innovations to look for in 2022 in cybersecurity, but as with all things new and experimental, this adoption won’t be smooth sailing at first. Each of these innovations will face unique challenges. Exploring these obstacles in more depth, Fintech Times heard from mosques cavity, Director Borse Consulting; look Tenerife, Partner in Stone; Bronwyn BoyleChief Information Security Officer, mambo; johnny small, Founder CyberD . TV; And Kyle rice, CTO of SAP NS2.

James Burr, Director, Bores Consultancy
James Burr, Director, Bores Consultancy

Finding a real innovation that can fundamentally change the industry is not easy. James Burr, director of Bores Consultancy, argued that many of the “innovations” are close to carbon versions of other products, so finding a new, innovative product is like finding a diamond in the rough. “Security fundamentals have not changed for thousands of years, and so most real innovations are about better applying those fundamentals to the tech scene. Unfortunately, a lot of real innovations are buried under a plethora of non-new products piled high with marketing keywords, and the sort-through-the-husk process Painful that not many have the time or resources for.”

Luke Tenry, Partner at StoneTurn
Luke Tenry, Partner at StoneTurn

The idea that cybersecurity fundamentals don’t need to change much has been echoed by Luke Tenery, partner at StoneTurn. Believing that many of the cybersecurity problems we face in the modern age are the result of poor employee training rather than faulty technology, he said, “There are two main reasons why cybersecurity innovation has largely stagnated. The first is that it is actually not required. The vast majority of Networks fall short around basic security hygiene 61 percent of the vulnerabilities in CISA’s catalog of known exploits are at least a year old Most intrusions can be linked to human error, whether it’s password reusing, clicking a phishing link, or Misconfiguring a public facing asset, or failing to debug properly These are not things technology can actually fix, it’s a cultural and training problem When the foundational security problems that have been endemic to networks since the early 1990s are still the primary issue, it’s hard to find a solution Innovative, especially given that the problem is about combating human nature and is not really a technical issue in its essence.The second major reason is that the security industry has not been properly incentivized to be innovative. Really ball. In fact, it is stimulated to move slowly and incrementally. Truly solving a class of threats or reducing the amount of impactful breaches fundamentally undermines the cybersecurity industry, as they make their money and inject venture capital into the sector, based on an ever-increasing fear of these breaches and consequences. So, between the economic disincentive and the fundamental problem that cybersecurity is generally a human behavior rather than a technical problem, you have a sharp decline in innovative solutions.”

Bronwyn Boyle, Chief Information Security Officer at Mambo
Bronwyn Boyle, Chief Information Security Officer, Mambo

Many companies simply cannot take the risk of trying out new technology. In an area where mistakes are made, Bronwyn Boyle, Chief Information Security Officer, Mambu explains that many small and medium businesses cannot risk using a new and unproven form of technology, “from a resource perspective, new projects and partnerships can struggle to get on impetus with target buyers;Organizations are often so cumbersome that they lack the ability to pilot and experiment with innovative solutions.Many of the companies that will benefit most from cyber innovations are also operating in highly regulated industries, which means greater risk requirements and additional barriers to entry. Finding ways to facilitate sandboxing or working with innovation panels is key to pioneering innovative solutions in a challenging operating environment.

“If you look at how cyber innovation is promoted, there is a lot of hype in the market – security companies make up a growing percentage of unicorn ratings. But where value is often overlooked is the SMEs and the mid-market. It is also where innovation is most needed. Cyber ​​where small businesses can provide a foothold for much larger cyber attacks.Small and medium businesses do not always have the money to invest in massive solutions and may not understand what is the best in the market or the right products for their business.Therefore, it is imperative that sellers prioritize this market in the year Next, to provide this education along with affordable services.

In terms of social impact, fraud has continued to be a significant threat since the start of the COVID-19 pandemic. Changing consumer behavior, working from home, and increasing reliance on digital services have led to a massive increase in cybercrime and fraud. Figures show more than £4m is stolen every day by scammers in the UK – with UK Finance Equating it with a threat to national security. With consumers forced to adopt more digital services than ever before, it is imperative that they are fully aware of the risks involved and how to protect themselves when doing things like managing their money online. We often hear that people are the weakest link when it comes to cybersecurity, but they are also our first line of defense – as an industry, we must do more to innovate with end users in mind.”

Johnny Young is the founder of CyberD TV
Johnny Young is the founder of CyberD TV

CyberD TV founder Johnny Young argued that many of these innovative companies are simply trying to take advantage of a burgeoning industry but will end up paying more insurance fees if they are unable to properly protect their customers,” Cybersecurity innovations happen every day, as they should. Hardware, software, and development technologies such as quantum computing, are all driven by high-speed innovation.

“But let’s think more broadly; what are the main problems that companies that buy cybersecurity insurance must face, and an entire industry is currently exploding?

“Companies are emerging like mushrooms to take advantage of the growth in demand for cybersecurity insurance, although the best thing about some of them is their marketing skills.

“Having a policy is one thing, because it makes the insured company feel like it has a safety net. Getting paid after a data breach is another. As a wise philosopher once said, “Insurance is great, until you need to use it.”

“New companies write policies in droves, but do they have cybersecurity experience, or knowledge of their customers’ security position, so they know what they are insuring against? To do so, they will have to conduct a thorough audit of their customers’ policies, processes, and procedures, perform compliance tests, and go deeper into the business.” Which most companies allow.

On the other hand, innovative insurance companies can be on-site partners and take charge of the cybersecurity business as an additional service. This can be another great source of revenue, as many small businesses like to outsource their cybersecurity needs.

“But still, what happens if a company writes too many policies, and many of its customers are exposed to data breaches at the same time, such as Solar winds, or logj4 exposure? Will they pay or will they fold up their tent and get out of business?

“If they stay afloat, the court system will overwhelm them. The insured companies will sue for payment, while the insurance company will fight back, claiming policy violations.

“I expect we will soon see a multi-billion dollar cybersecurity insurance industry, albeit innovating itself in a disorganized mess. Yes!”

Kyle Rice, Chief Technology Officer, SAP NS2
Kyle Rice, Chief Technology Officer, SAP NS2

Kyle Rice, chief technology officer at SAP NS2, points out that the vast number of hackers and cybercriminals outnumbers the cybersecurity team, and with each hacker attempting new forms of deception to gain access to data, security teams have a huge burden of keeping up with what’s new. forms of attack. In addition, there is no room for error. Security teams must be 100% successful every time or face severe consequences:

“Cyber ​​threats change and evolve rapidly, so it is critical that cyber-defenders continue to innovate to stay ahead of these threats. Given the inherent asymmetry of cybersecurity, there are two aspects of cyber defense that make innovation in this area particularly challenging.

“The number one factor that complicates matters is that online attackers have a significant numerical advantage. Your cyber team and vendor partners are innovating as quickly as possible to come up with new strategies to protect your network environment. But there is a whole world of potential cyber attackers innovating against you – and there are simply more of them.

“The second factor is that in a traditional network environment, cyber-defenders should be successful 100 percent of the time, while attackers should only succeed once. This duality extends to innovation: A cyber-innovation that works 10 percent of the time will be useless The benefit is greatly to the defender but will be of great value to the attacker.

“So how do you innovate successfully? The key is to strive to balance asymmetry. Don’t limit your defense innovation to just your team and partners, but expand your collaboration to allies in industry and government. Organizations such as Cyber ​​Security and Infrastructure Security Agency (CISA) helps drive these public/private partnerships that can significantly expand your defense innovation network. Configure your environment so that when the inevitable happens and the attacker succeeds, they won’t be able to cause immediate damage. This is the Defense in Depth (DiD) concept: a series of wooden doors that are 90% effective is more secure than a 99.99% effective stone wall – because you can now detect and mitigate a much smaller group of attackers who enter through the first door.”

  • Frances Bennell

    Francis is a junior journalist with a BA in Classical Civilization, with a special interest in North and South America.

Leave a Reply

Your email address will not be published.