LISTEN TO THE PODCAST
Peter Warren Singer is a best-selling author and strategist for New America. Named one of the nation’s 100 leading innovators by the Smithsonian, one of the 100 most influential people in defense issues by Defense News, and one of the Top 100 Global Thinkers by Foreign Policy, Singer is one of the United States’ leading experts on security and 21st century warfare. This October, he will deliver the keynote address at the Payments Breakfast at AFP 2019.
In this episode of AFP Conversations, Singer discusses the “cyberthreatscape”, providing treasury and finance professionals with key insights on how to protect their payments infrastructure from modern cybercriminals. From ransomware to BEC scams to state-sponsored data breaches, corporates face an ever-changing threat landscape that puts their organizations and payments infrastructures at risk.
AFP 2019, this October in Boston, is where treasury and finance professionals separate the hype from the reality. Visit www.afp2019.org/register to sign up and use discount code PODCASTAFP2019 at checkout to save $100.
The following are four key takeaways from our interview.
For information sharing to be effective and widely adopted, it needs to go both ways. “I think a common complaint—and not just in the United States—is that the industry often feels like it's doing more of the information sharing with government and not getting the reciprocity in terms of timely, actionable information. And what's notable is that's not just within the areas of industry that really first kicked off information sharing in terms of finance, but a number of other sectors where people again and again say, ‘We're providing but we're not getting back as much as we think that we need.’
“There are lot of different reasons for this. In government, basically, there's an inability or unwillingness to share sometimes because of clearance issues. There are also liability issues that are there. So there's a general sense that, while we've certainly gotten better at information sharing than we were, say, five years back, we're not where we need to be. There's also an aspect of it that, people need to recognize; it isn't, nor was it ever going to be, the silver bullet solution for this. We put a lot of effort into it and I think some people thought that would solve all the problems and it didn't.”
Information sharing is also needed for disinformation threats, and it currently doesn’t exist. “What’s notable as you take the discussion of information sharing and apply it to other types of cyberthreats, is that we're not there yet. So as frustrating as what's been going on with the steering of the information in [information sharing and analysis centers (ISACs)] is, we don't have an equivalent to that for the social media side. So while it's easy for companies to share information around [traditional cyberthreats] we don't have the ability to do that for disinformation threats: ‘I'm seeing this group of bots or sock puppet actors; this network that's pushing this false narrative. It's going after this corporation. You ought to be aware of it.’ Again, we haven't worked out the regulatory and the liability questions around that even to the limited way that we've done it with traditional cyberthreats.”
To combat ransomware, you first need to understand that it’s a whole different animal than other cyber threats. “It is a form of attack that flips the traditional discourse around cybersecurity. It’s important to understand that it's not about seizing information to make use of it yourself, like stealing emails, credit card numbers or whatnot. This is about seizing information to keep the other actor from making use of it—the idea of holding it for ransom. And it is one of the fastest growing cyberthreat areas if not the fastest. If you look at some of the numbers, we saw 167 times growth in this area—not percent but times. And I think there's a couple of reasons that are important to understand why it's growing so much.
“One is the idea that the average take per victim is escalating. If you go back to 2015, the average take per victim in a ransomware attack was $294. Last year it was over $1,000. So if you are on the attacker side, you're looking at this and going, ‘It pays and it pays better.’ And so not only are you going to continue to do this, but other attackers are drawn into this space. And then in turn, victims are looking at the cost of say, what happened to Baltimore or previously, Atlanta. And they're going, you know what, ‘I'm going to pay this time. And it's not something that the FBI or experts would say is a best practice, because obviously it just drives more incentives. But it's just like paying ransom for your kid. You're not supposed to do it. But of course, it's hard for people to think logically in that moment or think about the broader community. It’s their networks, their files, their operations.”
Get your responses to attacks ready before they hit. “The answer to all of these situations is that you want to be thinking about the types of threats that are emerging, preparing for them and ensuring that you've got ready responses to them. So for example, backups so that when they say, ‘Okay, we're going to hold your systems ransom,’ you say, ‘That's fine; I'm ready. You can't blackmail me in this way.’
For more insights, check out the full interview. And don’t miss Peter Singer’s presentation at the AFP 2019 Payments Breakfast, sponsored by Bottomline Technologies, Discover, Fiserv, Nacha and Visa.