Pictured (from l to r): Kylie Watson, Sumitomo Mitsui Banking Corporation; Jason Harrell, Depository Trust & Clearing Corporation (DTCC); Edward Amoroso, TAG Cyber; and Joel Caminer, NYU Center for Cybersecurity.
Anyone who signed up to hear keynote speaker Jason Harrell from The Depository Trust & Clearing Corporation (DTCC) at the 13th AIG-Sponsored Cyber Security Lecture might have expected to hear a dry description of the current threat landscape. Instead, attendees at the June 1 lecture, which was co-sponsored by the NYU Center for Cybersecurity, were treated to a colorful and effective talk that used a collection of Marvel comic villains to describe today’s cyber threat actors. Thanos, the most powerful evil-doer of the bunch, embodied well-funded, persistent, and highly skilled nation-state threat actors like those involved in the 2007 Estonia Cyber Attacks, 2010 Stuxnet Attack, and the 2016 Bank of Bangladesh Heist.
Using these familiar characters as avatars for threat actors, Harrell made it clear that the chance of an attack affecting numerous systems—including vital financial-sector entities—is now inevitable. Harell points to two statistics that confirm that result. First, he observes, more money is now made each year in cybercrime than in narcotics, and second, it takes an average of just 84 minutes for an adversary to move laterally from an initial compromise. Therefore, Harrell emphasizes that it has become imperative that the cyber ecosystem be as resilient as possible, with resilience defined as “the ability to protect, detect, respond to and recover from operational incidents, including cyber attacks.”
Harrell emphasized that creating resiliency will involve leveraging a more diverse talent pool, and making effective use of emerging technologies like AI. Creating strong public-private partnerships is also key since, to continue the analogy, Thanos didn’t lose until all of Marvel heroes pitched in and fought him together.
The event concluded with a panel discussion moderated by Joel Caminer, Senior Director at the NYU Center for Cybersecurity, and featuring Kylie Watson, the CISO of Sumitomo Mitsui Banking Corporation-International Bank, and Ed Amoroso, the CEO of TAG Cyber. Among the points made by the group was that the cyber landscape is evolving so rapidly, that one does not need decades of experience to make a mark in the field. Since cyber professionals at every level must continually expand and update their knowledge base, it opens the field for a wider number of professionals with diverse backgrounds, both academically and in terms of work experience
To watch the event in its entirety, which also included remarks from AIG’s Ed Hayes, go to https://www.youtube.com/watch?v=XiRcyKnlcj8.