The Dito marketing team traveled to Atlanta, Georgia in September for the Global Security Exchange (GSX) in order to learn about the newest trends in the security space and to share how Google and Dito are leading the way in cybersecurity.\
It is crucial we build stronger connections between tech, business, and the boardroom. Cybersecurity is a team effort. Yet there are silos between the CISO and the C-suite and Board of Directors. A gap exists between security and the business.
The risk of an attack rises as our systems’ interdependencies grow more and more complex. Many of the breaches we see are still preventable with sound cyber practices and strong controls. Converting data into value, securely and ethically, is the business imperative for the next decade.
We had a great time in our flashy jumpsuits – all while learning a ton about all things physical security – there were a few topics that stood out to us…
Validating Security Controls. Moving from “We Think” to “We Know.”
We all have security controls in place that we hope are detecting and blocking threats. But are they really? Which threats & behaviors are they blocking? Does your internal/external security team know the answers to these questions?
As cybersecurity continues to increase in importance every day, we need to know our tools are actually working. If one of your security controls fails, will the activity still be detected? There is real value in validating your security controls while scaling up through your entire organization.
Becoming the Threat
Around 82% of data breaches reported in the “2022 Verizon Data Breach Incident Report” involve the human element. Since this is a big vulnerability, what can be done to better combat this threat? Understanding “threat actors” doesn’t have to contrast with organizational values. The attackers come in all shapes and sizes and get more advanced every day. While this happens, the security experts on your side need to up their game as well to meet the challenge. A new thought? Understand how a hacker operates. Learn how a malicious threat campaign is made and distributed. In the spirit of The Art of War, it’s important to understand your enemy in order to defeat them. While this session was out of the ordinary for a typical security event, it provided a new perspective on combatting cybersecurity threats.
Anticipating and Preventing Attacks Before They Happen
Adversarial attacks are increasingly sophisticated, often using combinations of cyber, physical, technical and human tactics. To address these evolving attack strategies, organizations must understand adversarial focus and have the tools, techniques and processes to anticipate and prevent an attack. We’ll review tools for a holistic approach to build awareness throughout an entire organization.
In this session, we reviewed a case study of an organization that was under constant attack and redesigned their own strategy and tactics to anticipate an adversary’s moves. The result was stopping nation-state attacks five times! Yep — this stuff really works!
Decoding Digital Transformation
As security gurus, we can feel as if we’re drowning in information. Yet, the same tech we hold responsible for “noise” gives opportunities to take away valuable insights in the delivery of world-class protection. The paradox is real: To lead digital transformation in risk reduction programs, we must accept risk through technology innovation in a controlled manner.
Is digital transformation necessary for your organization? If so, where can you start or identify the next best steps? Digital transformation is about people, not technology.
Next Generation Enterprise Security Risk Management
The Fourth Industrial Revolution is here. Technology is transforming the global industrial landscape and is dramatically changing enterprise security risk management (ESRM). Ubiquitous CCTV placement, advanced facial recognition, ad-tech data, facial recognition, IoT, 5G networks and “smart cities” have arrived.
Persistent physical and online surveillance, biometrics and advanced analytics is fusing our physical, digital, and biological identities. Literal and figurative ‘blind spots’ are quickly being reduced or eliminated. For security leaders, this enables multiple surveillance surfaces to robustly monitor, track, assess and even predict behavior in real time and forensically examine events quickly with high granularity.
Everybody Can Change the World – And It’s Easier Than You Might Think
We understand that when you align your passions with emerging new technologies, you can create a lasting impact for people that wasn’t originally possible. Case in point: When Mateo Salvatto, the CEO of Asteroid Technologies, combined his passion for robotics and technology, into an app that helps over 250,000 people with hearing and verbal communication disabilities. Háblalo translates speech to text and vice versa in real time.
Leveraging Behavioral Analytics to Meet Cybersecurity Threats
Cybersecurity risks can threaten any organization’s operability and profitability. Managers across business functions are charged with responding to cybersecurity incidents — a delicate endeavor that can falter if managers fall short in understanding how their teams perform under conditions of uncertainty.
As cybersecurity attacks increase in frequency, intensity, and sophistication, every organization must ensure that its managers remain assets, not risks, in responding to cybersecurity incidents.
At the end of the day, your store and products may be safe – but what about your most important asset – your data? It’s more crucial than ever before that your entire organization’s environment is secure from bad actors – not just your physical locations, but your digital infrastructure. In the current age of e-commerce, a data breach can lead to disaster.
When Dito approaches security, we take into consideration four major factors:
- Internal threats – are your employees following security best practices when it comes to their devices? With a lot of organizations working remotely, or in some form of hybrid environment, teams may be using a variety of devices, on a variety of internet connections, from a range of locations. By ensuring your users are protected and secured from start to finish, you can rest assured a lost laptop, compromised password, or personal breach doesn’t affect your entire organization.
- External threats – phishing attempts, malware, scammers, and other bad actors are more abundant than ever. The last thing your organization needs is an external influence gaining access to sensitive customer & organization data. We take a holistic approach from start to finish to secure and provide best practices for your organization’s infrastructure – utilizing zero-trust concepts combined with Google’s fortified cloud platform.
- Reputation – if an attempt on breaching your company’s environment does happen to succeed, do you have a plan to immediately secure and lock down the rest of your organization? When it comes to reputation, we’ve seen time and time again that a data breach can lead to massive losses. Customers feel less comfortable using your website or swiping a credit card at your location. We ensure your reputation stays intact, and even gains credibility in trust, by ensuring you have a process in place for handling potential breaches.
- Regulation – we all know there are plenty of regulatory items in place that your organization has to adhere to. In order to process payments online or in-store, you have to make sure your system is compliant with current regulations. Dito has the experience and regulatory/compliance expertise to make sure you are prepared to meet and go beyond current regulations.
The Dito Team would like to thank all those involved in making the 2022 Global Security Exchange event a success and we can’t wait for next year! Keep a look out for our next appearance in January at the acclaimed CES!