On June 7, 2016, Palo Alto Networks held an international cybersecurity conference in Tokyo called Palo Alto Networks Day. Over 1,200 participants from government organizations and industry came together to learn about the latest global trends in cybersecurity, threat intelligence, legal and policy issues as well as to look for networking opportunities with each other. Compared to last year, the size of this year’s conference almost tripled – highlighting the ongoing importance of and interest in cybersecurity.
Multiple participants shared challenges they face in getting their leadership and management teams’ buy-in to invest in and commit to cybersecurity technology and the people and processes needed to defend their organization against cyberattacks. Some struggle with keeping their executives up to date on new cyberthreats that are attacking today’s organizations. Until recently, most executives didn’t often consider cybersecurity in the context of their most common concerns, such as managing risk, preserving business operations and hitting sales targets. Because new threats are “unknown,” they often cannot attract enough attention from executives to take any immediate action to pay for “unknown costs.”
This is understandable. It is hard to invest resources in something not easily measurable when we have multiple things to worry about in today’s complicated and interconnected world. Nonetheless, it is also true that cyberattackers take advantage of such a mindset. This means culprits can keep winning as long as they adjust the ways they mount successful cyberattacks for the purpose of stealing proprietary information, customers’ personal data, sensitive government intelligence, or even crippling the operations of critical infrastructure to harm people.
During Palo Alto Networks Day, Mark McLaughlin, our chairman, president and CEO, reiterated the importance of automated prevention and the sharing of threat intelligence, saying that it is crucial to take unknown threats, turn them into known threats, and share the threat intelligence as openly and quickly as possible to bring greater security to the world. The Cyber Threat Alliance and Financial Services – Information Sharing and Analysis Center (FS-ISAC) are two good examples of organizations that use sharing frameworks to provide threat intelligence among member companies in the same industry. Their efforts jointly raise awareness at the global cybersecurity level and bring greater value to their customers in the form of protection from advanced cyberattacks.
William H. Saito, Special Advisor to the Japanese Cabinet Office and vice chairman of Palo Alto Networks K.K. pointed out that this kind of framework may sound odd to traditional business minds; some businesses would rather keep what they know than give it up for free, because information can be a source of power. However, that action may lead to the loss of an opportunity to utilize the information to protect other companies within the same industry against similar cyberattacks. The global threat of cyberattacks is too great not to share threat information among peers.
The U.S. defense and intelligence communities learned this the hard way during the 9/11 terror attacks, which prompted the paradigm shift from “need-to-know” to “need-to-share” to make relevant threat intelligence available to all stakeholders as soon as possible. Such a revolutionary change is needed for cybersecurity as well. Bad guys – whether cybercriminals, hacktivists, terrorists or state actors – work organizationally, tactically and strategically to achieve their adverse goals by cyber means. Defenders also need to collaborate in the same manner to increase the cost of successful cyberattacks – and make that cost prohibitive for attackers.
Second, organizations must switch from reactive defense to proactive and automated prevention. This does not mean denying the importance of incident response. Since there is no 100 percent effective security, incident response is an indispensable part of cyber resiliency. Automation allows defenders to compress the time for incident response, which involves time-consuming manual work and eventually reduces costs for cyber defenses.
The World Economic Forum argues that the Fourth Industrial Revolution relies on digital technology to push global economy and quality of life. The concept is dependent on people’s trust in the Internet. In his keynote speech, former Internal Affairs and Communications Minister Heizo Takenaka analyzed that economies are increasingly connected and only security can make them robust and successful. If people lose confidence in Internet security and use it less, the strength of the global economy will be diminished. In the 21st century, cybersecurity is not simply a cost as some people believe. Cybersecurity is, in fact, leverage to drive the Fourth Industrial Revolution.
[Palo Alto Networks Research Center]