Joseph Steinberg on the Current Cybersecurity Ecosystem
Technology is constantly changing, and, as a result, the way that people interact with computer systems constantly changes as well. The storage of information, which used to be done locally, has already migrated in so many cases to the cloud (that is, the data is stored in “the cloud” which is a fancy way of saying the systems of a service provider who services many people and organizations that wish to have their data hosted ), the internet of things is entering our lives at an accelerated rate, and mobile devices are quickly becoming an extension of us. All of these advances also have a down side – they mean that attacks on our systems, whether our personal devices or computers systems at our places of work, become more dangerous.
Joseph Steinberg is a popular cyber security expert well known throughout the world. He has strong credibility with both technical and lay audiences and has created authoritative reports and testimonies as an expert witness. Not only does he help legal counsel with evaluating cases and getting attorneys ready for trial, but he has also helped government agencies around the world solve cybercrime cases.
He ran several cybersecurity companies that he himself founded, and also over the last 25 years, has served as a member of many advisory boards, provided counsel on strategic endeavors, and aided various companies to enhance their public profiles, standing in cybersecurity industry, and ability to put plans into action.
Today, in addition to serving as an expert witness, Steinberg helps VC firms, family offices, and individual investors evaluate and perform due diligence on cybersecurity, privacy, and artificial intelligence investments, and gives advice to many businesses on cyber security based on the many years of experience that he has in the field. He also helps cybersecurity companies grow and succeed by leveraging his prominence as a leading influencer and reliable authority on cybersecurity and cutting-edge tech to help business that he believes in expand their clientele, partner base, and revenue.
The following are some interesting points I learned from listening to Steinberg speak during a recent webinar:
Probability
While we can evaluate the probability of something happening, sometimes the consequences are so catastrophic that no level of risk is acceptable. Someone may be willing to drink random cup of water selected from 5 if he is to be paid $100,000 to do so even if one of the cups contains a chemical that will give him stomach cramps, but that same person may not be willing to drink one cup of water selected from 10 if the payout is more, but one cup contains a deadly poison. Similar concepts apply to cybersecurity.
Threats
They are things that potentially may inflict harm. It is generally impossible to know all possible cyberthreats – but we don’t need to know the details of all of them in order to properly secure systems. That’s an important concept, because we will never know all the details of all possible threats.
Vulnerabilities
These are flaws in a system that allow parties to compromise it.
Threats manage to materialize through existing weaknesses, that is, threats are always present, but without the existence of a vulnerability, threats often remain as is but do not actually inflict any real “damage”. Of course, in reality, there seem to always be vulnerabilities – and we must work under the belief that a previously unknown vulnerability will at some point be found in whatever systems we are trying to defend.…
Vulnerabilities can be due to one or more of many possible causes: lack of technological knowledge and software use by the user, inadequately tested technology, insecure transmission over public networks, etc. , It is also important to understand that running outdated, unsupported software opens a person up to the danger that if a bug is discovered in the system there will be no way to fix it and protect the system from attacks.
Assets
These are the information systems and their physical and logical components. Typical examples are data, hardware, software, services, documents, buildings, and human resources. Many organizations do not have a clear understanding of what all of their assets are. As Steinberg said “If you don’t know that you have something, it is difficult, if not impossible, to properly protect it.” Also, assets can become liabilities – if you have a system that has a vulnerability and you don’t know that you have the system to begin with, that vulnerability will remain, and the system could be compromised and become a launching pad for attacks against other systems.
Impacts
They are the consequences of threats materializing into actual damage. In this content, Impacts are negative, hence there may be economic loss, material loss (breakage of technical equipment), loss of business opportunities, damage to the victim’s reputation, etc.
In general terms, a system needs three things to be secure:
1. Confidentiality
In terms of information security, confidentiality refers to the need to keep certain information from access by unauthorized parties. Encrypting data is one ingredient of doing this.
2. Integrity
Integrity, in the context of information security, refers to the fidelity of information or resources. The objective of integrity is, then, to prevent unauthorized modifications of the information (adding, deleting, or changing). If someone who has no permission to do so can change your data that you act on it does not matter how well else you protect that data, you will have serious problems.
3. Availability
Availability refers to the fact that system information must remain accessible to authorized parties at all times at which it is supposed to be available, or at least be available at a certain acceptable percentage of time at a minimum with some maximum limit on downtime.
The goal of availability is to prevent unauthorized/uncontrolled outages of computing resources.
Availability guarantees access to a service or resources, that is, it guarantees the correct functioning of information systems.
