Posted on Wednesday 7 November 2018 by John Mulgrew
Businesses of all shapes and sizes must expect to be the victim of a cyber attack but be ready to detect a hack when it happens, according to one of the world’s leading experts.
Mikko Hypponen was speaking to Ulster Business, following a keynote speech at Dublin Information Sec 2018 at the RDS.
The Finnish security expert, who has been working in the field for 27 years, is chief research officer at cyber-security firm F-Secure.
“My main message was that it is no longer good enough for companies to try and keep out of networks, all the time – you will fail,” he said.
“What you have to do today, in addition to having firewalls and filters, is you must have sensors inside you network to detect and then respond to a breach. No one wants to get breached… everyone hopes they will keep the attackers out.”
“The landscape has changed. They (companies) have to assume a breach.”
He said almost all of the world’s largest companies will have experienced some form of breach, regardless of how minor, due to their sheer size and the number of workstations they have across the globe.
“The reaction (for some firms) is, a phonecall saying ‘we have been hacked, come right away’. Then, when you start looking at the network you discover it was hacked last year.”
As for Irish businesses, with many of the biggest Silicon Valley companies having operations in Dublin, the city could be a target for hacking.
But it’s a much changed environment, now. Moving away from what Mikko says were young people “doing it for the fun and the challenge” in the 1990s, right through to organised criminal gangs, intelligence agencies and governments.
“I have been doing this work for 27 years and everything has changed in that time,” he said.
“Obviously, the technology has changed. The biggest is the change in who we are fighting… we didn’t have extremists, intelligence services or governments. We have organised crime gangs, Trojans and foreign intelligence. I would claim we now have entered the stage where (you) are more likely to become a victim of crime in the online world. That’s changed.”
And he says smaller companies should look at outsourcing their security, with some of the largest cloud providers employing some of the best talent in the world.
The third annual Dublin Information Sec 2018, Ireland’s cyber security conference, also heard from speakers such as Michael Gubbins, head of the Garda National Cyber Crime Unit, and Minister for Justice and Equality, Charlie Flanagan.