Pieter Vanlperen knows a thing or two about the cyber threats facing global businesses.
The serial software architect and security entrepreneur has been a trusted adviser to many Fortune 500 companies and, at a time when cybercriminals seem to be getting the upper hand, his knowledge is proving invaluable.
Today he is chief information security officer (CISO) at Own Company, a software as a service (SaaS) data protection and activation solutions provider. He has a clear message for those organisations wondering where and how they should spend their time and cyber budgets.
They must prioritise recovery, he says.
“Businesses need to worry less about whether they can prevent or detect an attack, and instead accept that something will happen and the question then is how do they survive an attack? How quickly will they be able to bounce back to protect their revenues and reputation?” he says.
Vanlperen has a software career spanning more than 20 years and has founded many companies. He writes blogs on cybersecurity and is a regular on the industry’s panel circuit where he imparts expert advice.
“A shared responsibility model is still important when it comes to data security, but you also need the skills to recognise something strange or different and shut it down fast,” he adds. “Once you find something odd, you need to consider quickly how you will weather the storm.”
Critical data is increasingly being stored in SaaS systems and, according to Own Company, 81% of organisations believe cloud applications are more important than ever. Should that critical data be impacted, organisations must have a plan for recovery and resilience.
Like other cybercrime experts, Vanlperen reiterates that the bad guys only need to get lucky once. With this in mind, it becomes vital that organisations are much more proactive when thinking about how they will recover from a cyber attack.
He urges companies to adopt a new mindset and ensure they have disaster recovery and business continuity plans in place – and that these are robust and tested regularly.
He believes many organisations have developed certain mental biases towards cybersecurity. They see reports of small hacks and infiltrations which businesses have largely learned to deal with, but they do not consider the sudden and unknown dangers.
Indeed, knowledge of common cyber threats such as phishing, ransomware and malware has certainly increased in recent years. But many businesses remain unprepared for unexpected incidents that could cause massive disruption. These are known as ‘black swan’ attacks.
“Remember how, during the Covid pandemic, people had to figure things out as they went? When it comes to your business being hit by a sudden cyber attack, you don’t know how bad things will get until that happens and you have to react. You need a plan.”
Vanlperen cites the example of the recent high-profile incident at cybersecurity company Crowdstrike where a software update caused millions of computers around the globe to crash, harming travel and health services.
“This global outage was caused by a bad patch from a security tool, and it affected different users based on how they were using that security tool,” he says. “It meant some people were affected and others were not. The Crowdstrike incident was not something anyone expected.”
The Crowdstrike outage illustrated how businesses rarely consider how they will keep operating, even at a minimum level, if their security fails.
Vanlperen is a certified penetration testing engineer and ethical hacker, as well as a network forensics examiner and cloud security officer. He has worked with hundreds of clients over the years and is always surprised by how many organisations don’t invest more in security resilience to protect their critical systems.
Research by Own Company reveals that 60% of businesses have experienced a data loss in the past two years, and one-third have suffered more than one. It’s telling that only two-thirds could restore all the data they lost.
“If you don’t invest in resilience, it can take weeks to retrieve data and get the business up and running again,” he says. “Backing up your data is not very useful if you cannot use it, so the focus should be security and fast recovery.”
Businesses can easily become complacent because they have cyber insurance, but this is rarely sufficient to protect a company that cannot operate because of a cyber attack.
Insurers will want to see a vulnerability management programme and ask how the company will respond to threats such as ransomware, but they won’t be able to cover against the unknown black swan threats.
There is also the evolving risk posed by AI, which cybercriminals are using to steal and modify sensitive data. Protecting and backing up data is all very well, but can leaders be sure that data has not been tampered with? Maybe email addresses have been altered?
Despite his warnings, Vanlperen remains optimistic about the future.
He is positive because he believes data is more valuable than ever. SaaS has allowed organisations to place large volumes of data in places where it can make a real difference to people’s lives.
“We are on the verge of a rapid 10-year period where we will see some truly amazing breakthroughs across many industries thanks to a combination of new technology such as AI and data,” he says. “We all need to be more aware of what is actually a cyber attack, and build our resilience so we can recover fast when the criminals get through. Because they will.”
To find out more, visit owndata.com