New CIO paradigms for cybersecurity and prevention

New CIO paradigms for cybersecurity and prevention

New CIO paradigms for cybersecurity and prevention

You probably won’t believe it. The new approach to enterprise security is tectonic; traditional virus protection software is not required. You can stop doing your daily enterprise updates of new virus definitions. The premise that antivirus software is useful in the identification and removal of unauthorized software is flawed. Now introducing the new paradigm of prevention-based incident response.

A new paradigm shift is changing the prevailing security frameworks. First, let’s uncover the underbelly of a paradigm.

Thomas Kuhn’s famous book, The Structure of Scientific Revolutions, changed scientific thinking and introduced the concept of a “paradigm shift.” He shared his view that “Men whose research is based on shared paradigms are committed to the same rules and standards.” Whether we’re speaking of concrete scientific achievements, emerging theories or traditional paradigms, old beliefs can slow progress.  What is particularly of interest is Kuhn’s viewpoint that a shift can’t occur using full communication, forced logic or neutral experience. Rather, this uprooting must occur all at once. In other words, you can’t be "half in" when it comes to adoption.

Read Also:
Defining a Data Risk Strategy for an Organization

Past, present and future Belief systems rest on a bedrock of paradigms: Beliefs that are internalized by the practitioners who study their effects. Several paradigms were entrenched societal Belief systems — until they were changed. We are familiar with many of the past paradigms:

It’s often more intriguing to pontificate about modern quantum physics and unified field theory and the design of future paradigms:

In this modern world, we wrestle with existing paradigms that are accepted, if not overtly then by limited attempts to prove the alternative. Expanded value requires expanding thinking. The U.S. Office of Personnel Management (OPM) data breach presents a transferable case relevant to every CIO responsible for organizational security. A practical case that presents a lesson and has a clear solution.

Thomas Pace, a principal consultant at Cylance, delivered a presentation titled “Dissecting the OPM Breach” at the East IT Leader Forum (#EASTIT), which kicked off in sunny Miami in mid-November and was hosted by Ross Abbott, CEO of SINC USA.

Read Also:
Privacy In The Age Of The Data Breach

Pace led an amazing presentation on the advanced persistent threat (APT) case study on the Office of Personnel Management data breach full report. APT is a type of threat actor, an “advanced persistent threat.” An APT utilizes network-based attacks to gain unauthorized access to exfiltrate data.

The OPM data breach resulted in personnel records (4.2 million), background checks (21.5 million) and fingerprint records (5.6 million) being exfiltrated from OPM undetected. OPM had traditional antivirus software running. It didn’t help.

This threat went undetected until 2015 (not a typo). Records from current, former and prospective federal employees were compromised from a system called Standard Form 86 or “SF-86.” The template for the SF-86 form is 127 pages, and most applications require additional pages. This system contained detailed lists of federal and military personnel going back 30 years.

 



Data Science Congress 2017

5
Jun
2017
Data Science Congress 2017

20% off with code 7wdata_DSC2017

Read Also:
The Role of Data in Digital Transformation
Read Also:
Applying Predictive Analytics: The Role of Artificial Neural Networks in Predicting Alzheimer’s Disease

AI Paris

6
Jun
2017
AI Paris

20% off with code AIP17-7WDATA-20

Read Also:
What is Analytic Athleticism and Why is it Important?

Chief Data Officer Summit San Francisco

7
Jun
2017
Chief Data Officer Summit San Francisco

$200 off with code DATA200

Read Also:
Using artificial intelligence to create invisible UI

Customer Analytics Innovation Summit Chicago

7
Jun
2017
Customer Analytics Innovation Summit Chicago

$200 off with code DATA200

Read Also:
Lead your own data science projects with the 3 Ps

HR & Workforce Analytics Innovation Summit 2017 London

12
Jun
2017
HR & Workforce Analytics Innovation Summit 2017 London

$200 off with code DATA200

Read Also:
Privacy In The Age Of The Data Breach

Leave a Reply

Your email address will not be published. Required fields are marked *