Chief Revenue Officer at Wire, Rasmus Holst, is not a man given to hyperbole. So, when he points to the growing risk of cyberattacks as the greatest cybersecurity risk for 2020 and the number one threat to the global economy, we needed to catch up with him to discuss it further.
Understanding how easy, how low-risk, cybercrime remains is paramount — as information surpasses oil as the world’s most valuable commodity, while security measures on both business and consumer services remain inadequate for protection.
“You can sit at home, you don’t have to break into the bank physically to steal from them. It’s just computer programming”
A lot of it is very simplistic, based on good old-fashioned phishing messages: “If one person clicks on the link, you can get a ransomware component installed, and lock everything up, and where large databases are concerned people WILL pay for that to be released”.
The extent to which such demands are paid remains unknown, and this is where the bigger global economic threat emerges. “With such attacks, it’s not just businesses losing money — that money is going straight to criminal organisations and rogue states. We’ve never had such an easy way for funds to flow from legitimate businesses to illegitimate ones, to go into fortifying and strengthening criminal organisations, at rates we’ve never seen before”.
Reducing the surface of attack
While businesses may have rightly been concerned about sanctions from regulators in the event of breaches, the macro financial impact is far greater, and will only be solved by better security and encryption. Moving towards zero-trust environments and multi-factor authentication, as well as better regulation, is a start. But given the low risk and unit cost to the attacker, the only real solution, according to Holst, is to drastically reduce the potential ROI for the attacker.
“At Wire we approach it by encrypting each piece of data, each message, individually — with a unique key”, he explains
“The bad actors then have to break into each one separately, and it’s not worth the effort”
This contrasts with the way that many large datasets are managed, where they become linearly more attractive to hackers as their honeypot grows day by day.
“It’s like having a million dollars in a physical safe”, Holst elaborates, “and by the following day, you’ve added a million more, making it way more tempting. Instead, you should be putting each dollar bill in its own safe, with its own lock and key.”
Communication = information
It will require thinking about the data generated by UC in a new way, and recognising the potentials risks for organisations of losing that data — whether leaking it to those who can misuse it, in the case of personally identifying information or intellectual property, or losing access to it altogether.
With enterprises adopting privacy and security regulation from the consumer realm, bills and laws like the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) are ushering in a new age of government regulation. And as we enter a new decade, it’s time to reconsider the true worth of the data our online communication and collaboration tools generate as both intention and surplus, and make sure we’re doing enough to keep things safe, for our own businesses, and for the world as a whole.
