The Hidden Costs of “Business as Usual”

A new survey by Ponemon and ServiceNow of nearly 3,000 cybersecurity professionals reveals that in the past 2 years, 48% of companies have experienced a data breach. Clearly companies can’t afford to forge blindly ahead, doing the same old “business as usual.”

In this episode Bob Bragdon, Senior Vice President and Publisher of CSO, and Piero DePaoli, Sr. Director for Security and Risk at ServiceNow, explore the cost of conducting “business as usual.”

The truth is, hackers and criminals aren’t operating in a business-as-usual way anymore, says DePaoli. “They’re employing new methods and tricks and looking for a simple crack into an organization. Fifty-four percent of the respondents to our survey said that hackers are outpacing enterprises with technologies such as machine learning and artificial intelligence.”

DePaoli outlines a sample scenario. “A hacker is looking for a way to penetrate your organization,” he explains. “Before some of these newer technologies came along, they might go to the leadership portion of your website and then maybe a business social network to go look for employees. And they probably easily figure out the email address convention for the company and then send a series of phishing emails that look related to the company, hoping someone would click on them.”

“But throw in machine learning and AI and hackers can maybe automatically go scrape the leadership portion of a website and a business social network and then collect a ton of information about a bunch of different people,”  he continues. “And machine learning and artificial intelligence can go even further by trying to learn more about you. And they do this with programming, not manual research.”

“In a word, the odds are stacked against us,” he says. “They only have to be right once.”

Related: