Huda - Next Level Cybersecurity: Detect the Signals, Stop the Hack

Copyright 2019, 2020, 2021 by Sai Huda. All rights reserved.

Published in the United States of America by Leaders Press.

No part of this book may be reproduced or transmitted in any form or by any means whatsoever without permission in writing from the author except in the case of brief quotation embodied in critical articles with proper attribution to the author.

This book is general information only and is provided as is without any representations or warranties and the publisher and author specifically disclaim all warranties of fitness for a particular purpose. The publisher and author disclaim any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any reliance on, use or operation of any methods, products, instructions, or ideas contained in the material herein.

ISBN 978-1-943386-41-3 (pbk)

ISBN 978-1-943386-42-0 (ebook)

Library of Congress Control Number: 2019932451

To Gia and Sage, forever blessed

Contents

Chapter 1

The Opening

What do the following have in common?

Facebook in the United States.

SingHealth in Singapore.

British Airways in the United Kingdom.

While they are very different (one is a social-media company, another a healthcare organization and the other an airline), they all had cybersecurity.

And yet the hackers (well call them cyber attackers in this book) broke in, evaded the defense, and walked away with valuable data.

Facebook

Cyber attackers got access to the data of 30 million users. They stole details of name, email, phone number and other contact information on 15 million users. They also stole an additional 14 million users contact information plus profile details, such as username, gender, birth date, device type used to access Facebook, and people or pages the user was following.

SingHealth

Cyber attackers stole the personal information of 1.5 million patients and details of medical prescriptions of 160,000 patients, including the countrys prime minister.

British Airways

Cyber attackers stole personal and financial information, such as name, billing address, email, and bank-account and credit-card details, on 380,000 passengers booking flights over a 15-day period.

These three are just a sample of the thousands of organizations worldwide that have fallen victim to cyber attackers stealing or hijacking data or causing other harm. Almost every day, a new victim becomes the headline somewhere in the world.

Every organization no matter who they are, how large they are, or where they are located in the world is at risk from cyber attackers.

More than $100 billion each year is spent on information security worldwide and the spending is increasing. Cyber attackers are, however, evading the defense, breaking in, remaining undetected for months, and finding the Crown Jewels (these are so important I will highlight them in bold throughout this book). The Crown Jewels are essential data, intellectual property and other critical assets.

Cyber attackers are stealing or hijacking the Crown Jewels to disrupt operations, causing enormous financial and reputational damage.

They are increasingly operating on behalf of a nation, a rogue state or a criminal organization with deep knowledge and resources.

The attack surface is getting larger for the attackers to exploit:

IoT (Internet of Things) devices will grow to an installed base of 25 billion by the end of 2021;

Internet users will grow to 6 billion by 2022 (75 percent of the projected world population of 8 billion).

It is only a matter of time before the cyber attackers will break into the network, regardless of whether it is on the premises or in the cloud, and regardless of whether it is outsourced to a supplier. No amount of spending will prevent the cyber attackers from breaking in. There are too many doors, windows and entry points. It is not a question of IF but WHEN.

So what is an organization to do?

To answer this question, I wrote this book. I researched dozens and dozens of cases worldwide to hunt for the answer to these questions:

Are there patterns of behavior and commonality of steps in the cyber attacks?

As cyber attackers hunt for the Crown Jewels, are there signals that could detect the attackers in time?

What should organizations do differently going forward to avoid becoming the next victim?

The definition of insanity is to keep doing the same thing while expecting different results. My research revealed that just continuing to spend more money on tools to prevent the cyber attackers from breaking in is not the solution.

Instead the answer is to detect signals of the cyber attackers early, before they are able to steal the Crown Jewels or inflict other harm.

Implementing what I describe in this book will transform the defense into offense. By offense, I do not mean striking the cyber attackers, which would have unintended consequences. By offense, I mean proactively detecting the cyber attackers early, before any damage is done, and shutting the threat down.

While organizations are spending money to detect cyber attackers, they are not yet using the method that I describe in this book.

The early-detection method that I have discovered from my research is the game changer.

Ive spent more than 20 years with companies leading the way in risk and cybersecurity technology to help organizations globally stay one step ahead of the cyber attackers. Ive moved them toward a deep understanding of the cybersecurity challenges faced.

Recently, for seven years, as general manager, I led the Risk, Information Security and Compliance business at Fidelity National Information Services, Inc. (FIS), a Fortune 500 company serving more than 20,000 clients globally. Under my leadership, FIS attained the number 1 ranking in Chartis RiskTech100.

Prior to FIS, I was the founder and CEO of Compliance Coach, Inc., an innovative company providing risk management software and consulting services to more than 1,500 clients in financial services, healthcare and government sectors. We helped clients manage Information Security, Operational and Compliance risks. Compliance Coach was acquired by FIS.

The experience of leading a team of experts to help clients stay ahead of the emerging risks certainly gave me deep insights into the cybersecurity challenges faced by organizations. What hit home, however, was receiving the following notice in the mail, without any warning. (I have redacted some of the information for security and privacy reasons.)