While recently being interviewed about my work as a technology risk specialist, it occurred to me that cyber security protection is quickly becoming a game of Whac-A-Mole. Granted, it was my eight-year-old son who conducted the interview for his school newspaper. Regardless, the fact remains that ensuring information security requires a dual course of action: An immediate response to counter incoming threats with simultaneous preparation for and mitigation of future activity.
Son: What do you do at work?
Me: I play a never-ending game of Whac-A-Mole. I try to understand the evolving threat landscape in order to reduce holes where a mole can appear, and when they do, I whack them. As the sophistication and technological means of cyber criminals increase, it is impossible to eliminate every threat.
Son: So what is the score?
Me: I lost count, as moles – such as advanced persistent threats, nation-state attacks, insider threats and denial-of-service incursions, etc. – are here to stay. Instead of counting how many moles we have whacked, we are working to educate colleagues as to how they can stop the mole breeding ground.
Within an organization, every employee has a responsibility to be alert for moles taking the form of phishing attacks. The best IT practices to counter these include requesting vendors to develop secure codes and improve IP stacks.
Son: Can you stop moles from appearing?
Me: Unfortunately, until we make technological strides to eliminate all cyber threats, we won't be able to stop moles from popping up.
While the industry has taken steps forward to protect and defend against attack, current government efforts to create a new framework are not sufficient on their own to adequately address the issue. Additional checkmarks – verifying an organization's compliance with mandated protocols and standards – will not hinder moles from continuing to appear. Instead, organizations need to take action and improve the overall security and traceability of IPv4/IPv6 and IP stack network-enabled devices. Requiring each vendor to go through international standards bodies, such as the Internet Engineering Task Force (IETF), to obtain an IP stack certification before allowing that device on any network will go a long way in ultimately strengthening an organization's information protection. Apple used a similar approach to secure its infrastructure by certifying all applications prior to making them available on the online store.
Son: Should I be scared of these moles?
Me: Don't be scared. Whack the mole as soon as you see it and, hopefully, it will go away and never come back.
But, cyber attack is a serious threat to the integrity and stability of an organization and, as a result, the Whac-A-Mole game is here to stay for information security pros. We need to continue preparations to combat these moles and maintain vigilance in identifying mutated forms of security threats. Every employee within an organization needs to be empowered to assist in this effort and help security and risk specialists proactively whack the mole to combat and, ultimately, prevent threats from occurring.
Parthiv Shah is VP and deputy CISO, technology risk management at The Depository Trust & Clearing Corp. (DTCC). The views and opinions expressed in this article are those of the author and do not necessarily reflect the official policy or position of his current/past/future employers.
