Science Channel: Inside X-Force Command

4 Lessons for Winning the Fight Against Cybercrime 

In recent years, we’ve seen ample evidence of our collective cybersecurity failures. The consequences are great and growing – with the cost of a data breach rising to an average $3.9 million, up 6.4 percent from the previous year, according to IBM Security and Ponemon Institute’s 2018 Cost of a Data Breach Study.

This trend has contributed to a sense of pessimism that cybersecurity is only getting worse. Yet I think there’s reason for hope. In my experience, as the head of Threat Intelligence at IBM Security, I’ve seen a lot of organizations turn their lack of preparedness around, proactively face threats, and become more cyber-resilient. The most successful organizations have a lot in common. Here are four lessons we can learn from them.

1. Battle breaches with cyber first responders

There will inevitably be “boom moments” when a cyberattack occurs and you need to respond quickly. Most organizations focus on what comes “left of boom” – the prevention and detection of threats. Successful organizations also emphasize what comes after an attack, or “right of boom.”

While first responders and servicemen and women in the military train rigorously to deal with a threat, to practice their response so they can act instinctively and with purpose. But business leaders today are taught to be deliberate in their decisions, to pause and collect all the data before acting. That’s about the worst thing you can do when there’s a breach. After the boom, you need to act right away to prevent a bad situation from becoming worse.

Many of the people who go through the simulations in our X-Force Command Centers, all highly capable leaders, can become flustered and discouraged. They respond too slowly and make mistakes. It’s like trying to learn a new sport – you are bound to fail at first. But it’s by failing that you learn, and it’s far better to strike out or miss a tackle in practice than in a real game.

Rehearsing these situations is essential to honing your crisis leadership. By experiencing a simulated cyberattack, teams build muscle memory of what to do and with whom to communicate. When you practice the experience of boom moments, you can take lessons learned to script your responses, allowing you to automate as much of the decision-making process as possible. You can act faster and more effectively when the rules are written down, processes are established and everyone understands their job.

2. Close the skills gap with new collar workers

A common thread among successful teams in our cyber ranges is the calm and collected leadership of people with backgrounds in the military or first responder jobs. We need more of these disciplined and quick-acting men and women in cybersecurity. But the traditional way of recruiting cybersecurity staff – finding experienced professionals with a background in cybersecurity, college degrees and certifications – can overlook non-traditional candidates who can nonetheless do the job. At IBM Security we’ve advocated, and put into practice in our own organization, a “new collar” approach to recruiting professionals. It means looking beyond credentials to find individuals with the skills, attributes and passion that allow them to adapt to new cybersecurity roles.\

3. Augment human intelligence with artificial intelligence

While new collar professionals are helping to bridge the skills gap, the volume of threats and security events can quickly overwhelm analysts. There’s just too much data to sift through manually to find and address the most critical threats before it’s too late.

This is where new applications and innovation in artificial intelligence (AI) are making a difference. AI is ideally suited for collecting, sorting and analyzing billions of data points, recognizing patterns and, through deep learning, predicting areas of weakness. Cognitive capabilities such as natural language processing allow human analysts to interact with AI to investigate the most critical threats.

By advancing the security applications of AI, we create a force multiplier for the work of under-resourced security operations teams, because automating tasks and limiting false positives frees up human analysts to make critical decisions faster.

4. Elevate cybersecurity smarts

Unfortunately, the security industry and the clients we serve have been battling cybercrime in silos. We need more collaboration. That’s why IBM Security has opened up our vast collection of threat intelligence through IBM X-Force Exchange, and why we built the IBM Security App Exchange for developers and business partners to create security app extensions and enhancements to IBM Security products.

Beyond creating alliances within the cybersecurity industry, we need to raise the level of cybersecurity awareness among the public. Our families and friends must understand what we’re up against and learn security hygiene, in order to deny cybercrime organizations the victims they need to finance their operations.

Dark Web: Fighting Cybercrime

On the last point about cybersecurity awareness, we have a unique opportunity at IBM Security to help raise cybersecurity smarts. That’s why we teamed up with Science Channel to create the documentary special Dark Web: Fighting Cybercrime. The 45-minute program features interviews with subject matter experts and security analysts fighting in the trenches. It explains the nature of cybercrime and where it’s headed, and the security innovations we’re working on to help turn the tide. I’m also grateful for the opportunity I had to participate in the production of this documentary, when we took the filmmakers inside our X-Force Command Center and Cyber Range to see a live simulation of a cyberbreach.

Whether you’re a security professional, a business executive, or a concerned citizen of our digital world, I think you’ll gain valuable perspective from this fascinating documentary. Check out the trailer below to get a taste of it, and watch Dark Web: Fighting Cybercrime on Science Channel at 5 p.m. ET on Thursday, July 19. Get your friends and family members to watch too. We’re all in this fight together.