#alternate TechCrunch » Feed TechCrunch » Comments Feed TechCrunch »
This Cybersecurity Medicine Might Be Tough To Swallow Comments Feed How
We Celebrate New Year’s Eve On Social Media Around The World Ten Ways
The World Changed In 2014 alternate alternate TechCrunch WordPress.com
Menu TechCrunch Search
* Follow Us
* Facebook
* Instagram
* Twitter
* Youtube
* Flipboard
* LinkedIn
* Google+
* RSS
* More
+ Youtube
+ Flipboard
+ LinkedIn
+ Google+
+ RSS
Got a tip? Let us know.
* News
+ Channels
+ Startups
+ Mobile
+ Gadgets
+ Enterprise
+ Social
+ Europe
+ Asia
+ Old Crunch Network
+ Unicorn Leaderboard
+ Gift Guides
All Topics All Galleries
Video
Shows
* Apps
* Breaking News
* Bullish
* Crunch Report
* CES 2016
* Gadgets
* Interviews
* Reviews
* TC Cribs
* TC Features
All Shows
All Videos
Events
* TechCrunch Events
* Disrupt
* Startup Battlefield
* Crunchies
* Meetups
* International City Events
* Hackathon
* Include
* NFL’s 1ST and Future
* TC Davos 2016
* News About
* CES
All Events
CrunchBase
* Trending
* Apple
* Google
* Samsung
* News
* Startups
* Mobile
* Gadgets
* Enterprise
* Social
* Europe
Search TechCrunch
Search TechCrunch ____________________ (BUTTON) Search (BUTTON) Search
9th Annual CrunchiesFind Out Who Will Win The Crunchie For Best Mobile
App - Citymapper, Messenger, Periscope, Robinhood or Wish Get Your
Tickets Today
Enterprise
* FiveStars Gets $50M To Help Small Retailers Run Loyalty Programs
Like Their Bigger Rivals
FiveStars Gets $50M To Help Small Retailers Run Loyalty Programs Like Their
Bigger Rivals
* Iterate’s New Platform Helps Corporations Find The Best Tech
From Startups
Iterate’s New Platform Helps Corporations Find The Best Tech From Startups
* IBM Confirms Acquisition Of UStream, Forms New Cloud Video Unit
IBM Confirms Acquisition Of UStream, Forms New Cloud Video Unit
*
Browse more...
cybersecurity
* Why Cloud Computing Will Shake Up Security
Why Cloud Computing Will Shake Up Security
* Cockroaches Versus Unicorns: The Golden Age Of
Cybersecurity Startups
Cockroaches Versus Unicorns: The Golden Age Of Cybersecurity Startups
* Where Are All The Women In White Hats?
Where Are All The Women In White Hats?
*
Browse more...
This Cybersecurity Medicine Might Be Tough To Swallow
Posted Dec 31, 2014 by Ron Miller (@ron_miller)
* 0
SHARES
*
*
*
*
*
*
*
*
*
Next Story
How We Celebrate New Year’s Eve On Social Media Around The World
[15868178370_f1cd19af42_o.jpg?w=738]
Imagine you’re the CEO of a thriving company and you’ve been horrified
by the news of the Sony hack, the Target breach and the litany of
security issues that have plagued big companies in recent years. You
swear you’re going to do whatever’s necessary to make sure it won’t
happen to your company. But do you realize what that really means?
At a holiday party, a guy starts chatting you up while you’re working
on your fourth martini. And he speaks directly to your fears. He knows
someone who could help you out with your security problems — make it so
that you would never suffer the fate of those poor suckers at those
other companies. You have to admit, you’re intrigued because you never
want to be in the position of explaining to your board of directors why
you were the latest victim.
You get the name and run a background check and find out she’s good.
Very good. Her experience includes stints with military intelligence,
the NSA and a number of successful security startups. You’re ready to
write the check just to hear her pearls of wisdom.
The day finally arrives and your assistant shows the consultant into
your office where she quickly takes a seat, takes a speck of dust off
her pants and looks you in the eye.
“You’re really willing to do whatever I say?” she asks.
You tell her that if she has a plan, you’ll follow it. You wait
anxiously to hear what she’s going to say.
The first thing you need to do, she tells you, is disconnect from the
Internet. Before you can object, she holds up a hand and asks that you
let her finish. You start to sweat, and she keeps going.
You’ll need to take away all of the laptops. There will be no
smartphones or tablets allowed in the building. You’ll use desktop
computers without USB ports or DVD drives. There should be no way that
you can save to an external device. Everything will be connected on a
highly secure, completely private internal network accessible with
two-factor authentication.
You won’t use any cloud services and there will be absolutely no mobile
apps. If you run a website, you will keep it simple and with very
little information. Contact information will be through a form and you
won’t have an address for the company beyond a post office box.
You will hire highly skilled security personnel. Everyone will leave
their phones at the door on the way into the building — including you.
Everyone will be searched entering and leaving the building — including
you. No exceptions. You will put cameras everywhere and you will have
your security staff monitor them in a control room to make sure nobody
is doing anything suspicious.
Anyone caught with a prohibited device will be fired immediately.
You will keep partnerships to a minimum, and all guests, including
customers, will be subjected to the same strict security regimen, and
no one will be allowed to carry any devices of any kind inside.
“I couldn’t possibly do that,” you say to her wide-eyed. “I would be
sacrificing my entire business, handicapping and harassing my employees
and my customers, all in the name of protecting my company.”
“So it seems you wouldn’t do whatever it takes, would you?”
—
Playing Security Chess
So if you can’t lock down your company, what can you do?
You have to give up the notion of complete security and place your bets
on things you can control because there is an organized effort to
attack your networks. And depending on your type of business, the more
determined these parties might be.
Yet it seems that the further we advance technologically, the less
secure we become. David Cowan a partner with venture capital firm
Bessemer Ventures says one of the reasons for that is because
technology has become so intertwined in our lives.
“Broadly speaking we are adopting technology that’s becoming more and
more pervasive in our lives and jobs. The opportunities for cybercrime,
mischief and [mayhem] has grown over the years and there is more
motivation to do so,” he told me.
As Cowan explained, back in the 90s, hacking was about ego, but over
time it has evolved to include fraud, identity theft and other criminal
activity — and more recently nation-states partaking in surveillance
and organized cyber-mayhem.
But as one security startup CEO told me recently, we are doing better
than we think. You may find that hard to believe if you’re a CEO trying
desperately to avoid being tomorrow’s headline. But he described a
giant chess match between the people trying to get into our computer
systems and those trying to keep them out.
As bad as it seems today, this security executive says if it weren’t
for the checks and balances that security companies have put in place,
it would be far worse and we couldn’t be using the internet to conduct
business the way we do.
Walking the Security Tightrope
So we are left with a balancing act: We can’t be stupid, but neither
can we sacrifice the business in the name of protecting it. As Cowan
explains, security isn’t your highest priority as an organization.
Being a good company is your first priority, and security should be
part of that.
“Job one should be providing functionality your users need to get jobs
done and have good experience. For most of the interesting applications
in the world, trust is an integral part of good user experience,” he
said. And if you want to be trusted, security needs to be at least an
important component.
From a broader perspective, you cannot have a completely secure company
that has been stripped of internal freedom, precisely for the same
reason you cannot have a democratic society that is safe from any
attack and maintain anything approaching privacy. If you decide, as our
example above highlights, that you will do anything to be secure, you
end up with a company so locked down that it will not be able to
maintain a staff, let alone a staff that you would want to work with.
Surely there is always a tradeoff between security and privacy, and
everyone has their own tolerance level regarding which side of this
they should fall on. In the end, you have to ask yourself how much you
squeeze the individual factor out of the equation. Can you honestly
turn your workers into drones incapable of malicious activity, let
alone honest mistakes?
When it comes down to it, you would no doubt agree with the CEO in our
example that you cannot prioritize security over the company itself. No
CEO would. You just have to be able to reconcile the fact that you
could experience a breach — and that’s the tricky part.
Alex Wilhelm contributed to this post.
Featured Image: Matthias Ripp/Flickr UNDER A CC BY 2.0 LICENSE
* 0
SHARES
* 0
Share
* 0
Tweet
* 0
Share
* 0
* 0
* 0
*
*
Advertisement
Advertisement
TechCrunch Newsletters
[ ] TechCrunch Daily Our top headlines Delivered daily
[ ] TC Week-in-Review Top stories of the week Delivered weekly
[ ] CrunchBase Daily The latest startup funding announcements Delivered
daily
[ ] TC Europe The top European tech stories Delivered weekly
[ ] TC Gadgets Top stories about gadgets Delivered weekly
[ ] TC Mobile & Apps Top stories about apps Delivered weekly
[ ] TC Startups Top stories about startups Delivered weekly
[ ] TC Social Media Top stories about social Delivered weekly
[ ] TC Asia The top Asian tech stories Delivered weekly
[ ] Crunch Network The best from our contributors Delivered weekly
View More
Enter Address ____________________ (BUTTON) Subscribe
Latest Crunch Report
* Facebook Sports Stadium Wants to Be Your New Sports Hub | Crunch
Report
Facebook Sports Stadium Wants to Be Your New Sports Hub | Crunch Report
Watch More Episodes
* cybersecurity
* Enterprise
* Popular Posts
Featured Stories
* This Cybersecurity Medicine Might Be Tough To Swallow
Don Baer On Politician's Approach To Technology
VIDEO | 12:03 | Breaking News
* Werner Herzog On His Documentary Lo And Behold, Cockroach Movies
And Moving To Mars
Werner Herzog On His Documentary Lo And Behold, Cockroach Movies And Moving
To Mars
1 hour ago | Matthew Panzarino
* Get Ready For A Smaller iPhone 6s Mini
Get Ready For A Smaller iPhone 6s Mini
4 hours ago | Romain Dillet
* Netflix Makes Good On Promises To Crack Down On VPNs, But Blocks
Are Short-Lived
Netflix Makes Good On Promises To Crack Down On VPNs, But Blocks
Are Short-Lived
5 hours ago | Sarah Perez
* Forthcoming Samsung Galaxy S7 Benchmarks Leak
Forthcoming Samsung Galaxy S7 Benchmarks Leak
11 hours ago | Natasha Lomas
Latest From Enterprise
* FiveStars Gets $50M To Help Small Retailers Run Loyalty Programs
Like Their Bigger Rivals
FiveStars Gets $50M To Help Small Retailers Run Loyalty Programs Like Their
Bigger Rivals
8 hours ago | Ingrid Lunden
* Iterate’s New Platform Helps Corporations Find The Best Tech
From Startups
Iterate’s New Platform Helps Corporations Find The Best Tech From Startups
10 hours ago | Catherine Shu
* IBM Confirms Acquisition Of UStream, Forms New Cloud Video Unit
IBM Confirms Acquisition Of UStream, Forms New Cloud Video Unit
yesterday | Ron Miller
* Enterprise Mobile Software Company Nubo Raises $7M Series A
Enterprise Mobile Software Company Nubo Raises $7M Series A
yesterday | Catherine Shu
Up Next
How We Celebrate New Year’s Eve On Social Media Around The World
Posted Dec 31, 2014
CrunchBoard
Job Listings
*
Principal Analyst - Marketing Technology
CarMax
*
Architect - Enterprise Information
CarMax
*
Senior Software Developer - Web Development
CarMax
*
Online Systems Platform Manager
CarMax
*
Team Manager- CRM
CarMax
More from CrunchBoard
Advertisement
TechCrunch
[crunch-network.jpg]
* News
* TCTV
* Events
* CrunchBase
About
* Staff
* Contact Us
* Advertise With Us
* Send Us A Tip
International
* China
* Europe
* Japan
Follow TechCrunch
* Facebook
* Twitter
* Google+
* LinkedIn
* Youtube
* Pinterest
* Tumblr
* Instagram
* StumbleUpon
* Feed
TechCrunch Apps
* iOS
* Android
* Windows 8
Subscribe to TechCrunch Daily
Latest headlines delivered to you daily
[X]
Subscribe to Subscribe to TechCrunch
Daily
Enter Email Address ____________________ (BUTTON) Subscribe
© 2013-2016 AOL Inc. All rights reserved. Aol Tech Privacy Policy About
Our Ads Anti Harassment Policy Terms of Service
Powered by WordPress.com VIP
Fonts by
[b?c1=2&c2=6036210&c3=&c4=&c5=&c6=&c15=&cv=1.3&cj=1]
* TechCrunch (BUTTON)
*
News
+ Startups
+ Mobile
+ Gadgets
+ Enterprise
+ Social
+ Europe
+ Asia
+ Old Crunch Network
+ Unicorn Leaderboard
+ Gift Guides
+ All Galleries
Videos
* Apps
* Breaking News
* Bullish
* Crunch Report
* CES 2016
* All Shows
* All Videos
Events
* Disrupt
* Startup Battlefield
* Crunchies
* Meetups
* International City Events
* Hackathon
* Include
* NFL’s 1ST and Future
* TC Davos 2016
* All Events
CrunchBase
____________________ (BUTTON)
(BUTTON)
Most Popular
Get Ready For A Smaller iPhone 6s Mini
4 hours ago by Romain Dillet
A Day After Launch, “Exploding Kittens” Tops The App Store
1 hour ago by Sarah Perez
Forthcoming Samsung Galaxy S7 Benchmarks Leak
11 hours ago by Natasha Lomas
Netflix Makes Good On Promises To Crack Down On VPNs, But Blocks
Are Short-Lived
5 hours ago by Sarah Perez
Why Cloud Computing Will Shake Up Security
2 hours ago by Tom Gillis
Apple Has A New Apple TV Ad, And It’s All About Apps
1 hour ago by Romain Dillet
SpaceX Tested Its Capsule That Will Send Humans To Space
1 hour ago by Emily Calandrelli
These Are The Most-Watched Vines Of The Year
5 hours ago by Jordan Crook
Google Reportedly Paid Apple $1B In 2014 To Remain Default Search
Engine On iOS
17 hours ago by Jon Russell