15 Feb Today’s Cyber Battles: Machines Vs. Machines

Three decades after the world’s first CISO, how has security changed?

– David Braue

Melbourne, Australia – Feb. 15, 2021

Cybersecurity has such a high profile in the C-suite today that it seems hard to imagine a time when having a cybersecurity executive was a novelty. But that was the environment that Steve Katz was working in during the mid-1990s when he fronted up to a job interview at Citi for what ended up being a six-month interview process.

Katz, who was working in the Information Security Office at JP Morgan at the time, “took the interview to find out what was going on at Citi so it wouldn’t happen at Morgan,” he said during a recent video episode on our podcast — recounting an “in-depth, sometimes painful interviewing process.”

Citi created the position after “a couple of Russian kids in St. Petersburg” hacked into the multinational banking giant’s international funds transfer system — and the board realized it wasn’t going to be an isolated incident.

“I had been involved with things resembling cyber risks, and cybersecurity, pretty much way before it had a name,” he recalled. “There weren’t a whole lot of people at the time that had the amount of time that I had doing data security, information risk, and financial services. So I was offered the job.”

For Katz, that job — which branded him as the world’s first CISO — was a significant step in a decades-long career working in information security that, in 2019, was recognized with a Lifetime Achievement Award from the Shared Assessments Program.

Despite cybersecurity rapidly becoming a mainstream issue and a tier-one executive priority during that time, Katz said things aren’t as different now as you might think — and it’s not just that the Russians are still hacking us.

“Social engineering was an entry point years ago,” he said, recalling amateur cybercriminals — as he put it, “script kiddies trying to be pains in the butt … looking for bragging rights” — using social engineering strategies to trick telephone support representatives into giving up sensitive information or credentials.

With the efficiency of today’s spear phishing attacks, he said, the game has changed dramatically — even if the goal has not.

“Social engineering has become a much more sophisticated risk with the wonderful technology of phishing and spear phishing,” he said, “and your ability to glean information about almost anybody within a corporate structure.”

The more things change…

Increasing automation has changed the speed and volume of attacks CISOs must deal with on a daily basis, pointed out Jack Blount, president and CEO of Intrusion Inc., who also joined us on the podcast episode.

Although today’s cybercrime is “fundamentally the same in that it’s about theft,” Blount said, “the game has completely shifted as AI and supercomputers have come on the scene.”

“You’re being attacked thousands, if not hundreds of thousands of times, per day — but it’s not by a guy sitting at the keyboard, trying to figure out the next hack. It’s by a computer algorithm that has an understanding of every firewall on the market, and knows how to identify what you’re using and get around it.”

Backed by automation and iteration of cybersecurity attacks — “AI algorithms can process things at millisecond speeds,” Blount noted — today’s cybersecurity battles are less about pitting humans vs. machines than they are about pitting machines vs. machines.

AI-based attack systems “can hit you 1,000 times in a second,” he explained, “and they don’t get tired — or take a break. No matter how many people you can find and hire, you never have enough.”

Yet despite these odds, Katz said, CISOs must fight the good fight — and “every CISO runs the risk of getting fired. You have to be willing to risk your job by saying ‘what is happening here is not right, and we have to do more about it.’”

“That takes a hell of a lot of courage,” he said, “and the really good CISOs are that courageous. They understand that if they get fired to do the right thing, they will have another job within a month.”

– David Braue is an award-winning technology writer based in Melbourne, Australia.

Go here to read all of David’s Cybercrime Magazine articles.

Sponsored by Intrusion

Intrusion Inc. is a global provider of entity identification, high speed data mining, cybercrime and advanced persistent threat detection products.

Intrusion’s products help protect critical information assets by quickly detecting, protecting, analyzing and reporting attacks or misuse of classified, private and regulated information for government and enterprise networks.

We believe that the Internet should be a safe place to work! Free from cyber crime, ransomware, theft of trade secrets, harvesting corporate knowledge, insider threats, and IoT extraction of data.