Are companies ready for the cybersecurity challenge facing their business? Cyberattacks are one of the most significant, if not the most significant risks, for a business today, according to Pamela Gupta of Easton, chair of the upcoming North East Annual Cybersecurity Summit in Trumbull.
Yahoo’s disclosure of one of the largest-ever data breaches has been the latest focus of attention when it comes to data breaches. Yahoo was hit with a wave of class-action suits late last week, after it revealed that hackers stole information associated with half a billion accounts.
“This reiterates yet again that cyberattacks are a significant business risk,” Gupta said. “The bigger problem is that business leaders don’t understand how cyber risks can impact their bottom line. Also, traditionally, we in security have been protecting companies’s data assets. But the game has changed.”
She said there are 25 billion objects already online worldwide, gathering information using sensors and communicating with each other over the Internet, and the number is growing, with consumer goods companies, auto manufacturers, healthcare providers, and so many other businesses investing in the new breed of connected devices.
“With billions of devices being connected together, what can people do to make sure that their information stays secure?” Gupta said. “Will someone be able to hack into your toaster and thereby get access to your entire network? The Internet of Things also opens up companies all over the world to more security threats.”
Securing the Internet of things should become a major priority now that an army of compromised devices — perhaps 1 million strong — has swamped one of the industry’s top distributed denial-of-service protection services, Gupta said. A giant botnet made up of hijacked Internet-connected things like cameras, light bulbs, and thermostats has launched the largest distributed denial-of-service (DDoS) attack ever against a top security blogger, an attack so big Akamai had to cancel his account because defending it ate up too many resources.
(A distributed denial-of-service attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. Akamai provides Content Delivery Network services.)
“When the stakes are so high, as in cyber security crossing over into physical security, there is no room for privacy and security flaws,” Gupta said.
The North East Annual Cybersecurity Summit will help business and security leaders understand the current threats, along with traditional risks and how to create the right protection strategies, she said. The summit takes place on Friday, Oct. 7, a day that has been declared Connecticut’s Cybersecurity Awareness day by Gov. Dannel Malloy. It will be held at the Trumbull Marriott from 8 a.m. to 5 p.m.
The summit is presented by a consortium of Connecticut global security, governance and audit chapters — ISC2, IIA and ISACA. Gupta is the ISC2 Connecticut Chapter president, William Feher is the Westchester and Fairfield County IIA president, Peter Rosario is president ISACA Greater Hartford, and Marguerite McCarthy is ISACA N.Y. president.
The website to register and learn more about the summit it at neacs.org/register.