In today’s era of artificial intelligence and cyber-attacks, neither consumers nor businesses can face insecurities alone. Having protection leads to empowerment and hopefully a day of human security in all technology.
Rajeev Chand, partner and head of research at Wing Venture Capital, moderated the “Great Minds: How to Build a New Cybersecurity Era” panel at CES 2023 with Jen Easterly, director of CISA, and George Kurtz, CEO of CrowdStrike, to take a look at cybersecurity now and where it is heading.
Unfortunately, neither Kurtz nor Easterly could deny that the number of breaches and cost per breach are on the rise. “Cybercrime totaled $6 trillion last year, is projected to be $8 trillion this year, and over $10 trillion in 2024; that’s just not sustainable,” said Easterly. “We have to take a different approach to sustainable cybersecurity, which is about technology companies creating technology that is secure by design and secure by default.”
“Security parallels the slope of the technology innovation curve,” added Kurtz. “As the technology curve increases in its complexity, so does the security. And that’s where the gaps come in. Hopefully programs can help aid and make it better, but sadly we’re still dealing with poor passwords and backward compatibility.”
Both Kurtz and Easterly concurred it would be nice to have a general report card but isn’t that easy. Industries like finance that are highly regulated are more prepared, whereas the electronics industry may not be.
“We have this focus on how prepared a company is,” Easterly said. “That’s important, but what we need to do is to figure out how the technology products that we use every day are going to be designed to be safe with security features built in and how they are built so the number of vulnerabilities is fewer than they are now.”
“Consumers shouldn’t have to think about security,” Kurtz added. “If you’re putting the onus on the consumer, you’ve already lost. That’s built into the overall economics of what people are buying.”
Among the many other topics discussed was Russian cyberattacks and where they may have fallen short, and the double-edged sword of AI in cybersecurity.
Related: Need to Know: Ransomware Protection
“AI in general is critical in the field of cybersecurity,” said Kurtz. “And we use it for good purposes but then there are the bad guys that use it for evil purposes.” Kurtz went on to discuss what he called community immunity and how AI equates to protection through training and monitoring.
Lastly, both Kurtz and Easterly agreed that companies should not be afraid to report cyberattacks or breaches. It is about protecting the consumer, and being able to analyze attacks will only further that.
“It’s not about blaming or shaming a company,” said Easterly. “It’s about protecting a company so we can do something about it. But most importantly we can use that information to protect a sector. It’s about keeping the neighborhood safe.”
“The intent is to add value, not to add burden,” she concluded. “We need to come together so that companies have an incentive to come forward. It’s about safety of Americans, not self-preservation.”