Following the news that hackers activated emergency sirens in Dallas over the weekend, Chris Pogue, CISO at Nuix commented below.
Chris Pogue, CISO at Nuix:
“As technology is increasingly integrated into the manner in which our society operates, the potential of cyber attacks that have a kinetic impact also increases. We have recently seen the Austrian Hotel, Romantik Seehotel Jaegerwirt, lose the ability to generate new key cards, the remote access and control of a Jeep Cherokee, and CCTV cameras disabledprior to the inauguration of President Trump. The latest iteration of these types of attacks occurred last week, when attackers turned on emergency sirens in Dallas, ultimately leading to the sirens being “unplugged”.
If something can be controlled by a computer system, it can be hacked. Period. In the world of cybersecurity, offensive capabilities have far outpaced defensive capabilities, so there exists a significant disparity in an organization’s ability to defend itself from maligned attackers. In addition, most organizations lack the detection capabilities (systems and people) to effectively identify threats; driving the average time to detection to anywhere from eight to ten months. But this is nothing new; I have been operating in this space for close to two decades, and overall, very little progress has actually been made. My fear is that a catastrophic event will be the only thing that will provide the necessary impetus for the pendulum to swing from passive defense (waiting for something bad to happen), and active defense (finding bad things before they happen); action is always better than reaction.
The merger of human intelligence and technology that can programmatically identify threats either before they occur or almost immediately after, will become the single most important aspect of business in the 21st century. Without question and without exception.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.