Hackers seem to dominate the headlines these days, as major companies ranging from Yahoo and Uber to Equifax and JPMorgan Chase report data breaches resulting in the theft of millions of consumers’ information. Blame it in part on the changes in the way people access and share sensitive information.
The decade-long proliferation of mobile devices that allow employees to work and communicate off site has created more points of security vulnerability for intrusion by cyber criminals ─ and, thus, has made many defensive cybersecurity tools obsolete.
As a result, the industry is seeing a shift from defensive to offensive tactics in managing cybersecurity risks. This new approach has opened up opportunities for startup companies to develop next-generation cybersecurity technologies that can detect hacker attacks before, rather than after, they penetrate company or government networks.
At the upcoming Michigan Growth Capital Symposium on May 15-16, venture capital investor Jonathan Murray will host a panel discussion on “Next-generation Cybersecurity: From a Defensive to a Proactive Posture.” The founders and CEOs of cybersecurity startups Censys.io and WireTap will weigh in on technological and industry changes from their unique perspective.
“The cybersecurity tools from the previous generation are no longer adequate, because they were defensive responses and tried to stop inbound attacks on a network,” says Murray, who is managing director of Draper Triangle Ventures. “New technologies that are being developed using Big Data and predictive analytics are attempting to identify attacks before they occur. It’s easier than you would think.”
Accelerating the adoption of these enhanced technologies has been an uphill battle, however. Among the biggest hurdles facing companies, customers and investors are:
- Too much noise ─ Hundreds of companies are competing with one another to develop and promote different cybersecurity technologies, leaving customers, as well as investors, confused and uncertain about which ones to choose and use. “Some startups are doing really well while others are struggling through the noise to gain traction with customers and to get their technologies adopted,” Murray remarks.
- Cybersecurity understaffing ─ Customers must thread their way through the complexities of selecting, learning and implementing new cybersecurity technologies. “Most companies and government agencies are understaffed in cybersecurity, so they don’t have the personnel to do the analysis and to adopt and run new technologies,” Murray says.
- Employee behavior ─ It only takes one wrong click on a malicious email or fake website by a careless or unwary employee to create new vulnerabilities and give hackers the chance to breach a network. “It’s very difficult to put in place automated solutions that compensate for and defeat employee behavior,” Murray comments.
During the MGCS panel discussion, participants also will examine how large companies with valuable caches of consumer data, which are often hackers’ preferred targets, assess their cybersecurity preparedness and decide which new technologies to adopt.
“The last generation of cybersecurity venders concluded that they cannot prevent networks from being hacked,” Murray says. “But with all these new predictive tools being developed, there may be a future in which we’re on the offensive.”