3 Infosec Notes From Our Time At the MIT Sloan CIO Symposium

Last week, Shape Security attended the MIT Sloan CIO Symposium. Hundreds of CEOs, CIOs, and senior IT professionals from all over the world met to discuss the issues that keep them up at night.
Here we have distilled for you the three most captivating points discussed during the cybersecurity panel.
3. “We are approaching a cybersecurity perfect storm,” said George Wrenn, CSO of European electricity distribution leader Schneider Electric.
Wrenn believes the convergence of  “aging infrastructure, the interconnection of everything, the increasing sophistication of cybercriminals, and the unfixed security weaknesses of the early Internet age” leaves consumers and enterprises vulnerable to attack for the foreseeable future. Not only will it be difficult to address these issues individually, but it will be near impossible to survive a severe, multi-platform attack.
2. “No IT leader wants to stand in the way of innovation or customer satisfaction,” said Roland Cloutier, CSO of payroll services leader ADP
To prevent and survive future attacks, enterprises must shift their focus to mitigating risk over short-term rewards. Customer growth and user retention will only get a company so far if the danger of a breach is always looming. To combat this attitude, product and security leaders must lower risk tolerance across all departments and work together to establish a realistic baseline – for example, a threshold of affected users or records lost.
1. “Adversaries have better technology capabilities than security professionals do sometimes,” said Roland Cloutier, CSO of payroll services leader ADP
Today’s attackers are well-funded entities armed with thousand-node botnets, sophisticated malware, and an entire darknet economy willing to do anything for the right price. This leaves enterprises stuck implementing reactive security measures. The eventual worst-case scenario would be a major national attack that would spur enterprises, governments, and regulatory bodies to produce and enact new security standards. Although the situation would be devastating, the outcome could lead to better protections for consumers.
Take a look at the other events where Shape is attending, exhibiting, and presenting on our website: https://shapesecurity.com/events