On June 7, 2016, the Center for Public Policy Innovation (CPPI) hosted a cybersecurity roundtable on the Hill featuring Chairman of the Armed Services Committee Mac Thornberry (TX-13), and Oracle’s Jackson Thomas. Mr Thomas serves as a security architect for Oracle, with 18 years of experience helping various customers in the commercial and public sector and is a key figure in Oracles cybersecurity strategy.
Chairman Thornberry kicked off the event with remarks concerning cybersecurity as one of the top threats facing our nation. “Not necessarily because it’s more devastating than WMD’s but because the threat is growing more quickly than the response and we need smart people to guide the policymaking to close the gap.”
Going on to site the data threat of attacks like the one on target and the OPM breach as well as the North Korean attack on Sony. “ISIS is releasing the personal data of military members, putting them at risk, serving as a method of intimidation,” noted the Chairman.
Jackson Thomas opened his statement with a discussion on data- the value of today is data, he explained to the group of attending staff
Joel Hinzman took the stage to introduce Mr. Thomas. He began by noting that the CIA and the FBI were the first Oracle Customers, and security is built into everything the company does. There has been a lot of focus on protecting networks, but china is already inside the network, that said we need to protect the valuable assets on the network.
When Mr. Thomas took the mic firstly saying that if you lose your guard, you are under attack, as long as your guard is up, you know what’s going on around you. Furthermore, the value in today is data. “How do we protect it? If you lose a record from your database with PII information, that’s a big deal. If it has some elements of health information, the value goes up three times.” Cautioned Mr. Thomas
“Uber is the largest car company in the world, and Airbnb is the largest “hotel” company in the world- they both own data and connect people- that’s part of what makes them so valuable,” continued Mr. Thomas.
He went on to note that in the 1980’s 83 % of a company’s valuable was in tangible assets, Now 88 % are intangible. We can see the data is most valuable. Some organizations accept risk without recognizing the real problem. But if you lose trust, that’s something you can never buy back. And to lose trust of employees and customers could be detrimental to your success.
How Does a Breach Happen?
- Victims of phishing attacks, sometimes obvious it is dangerous, but sometimes these emails can look legitimate.
- Step #1 malware in your system- once you get into the system, only a matter of time before hacker can own data.
- Step #2- identify weak targets → many organizations use default passwords, gain access to database, get the info out through SQL injections (or smart code) try to lift the data from the network.
What we are seeing is only the beginning. We are always playing a catch up game. What is very disturbing is there were three breaches in one year that came from the same Chinese organization.
In regards to the Cyber Sprint, Mr. Thomas said it is very straight forward-1. Identify indicators that tell us about threat vectors, scan systems, to see what is happening. 2. Security patches are applied. Should also be looking at access of privileged users. Need multi-factor authentication. Government taking small steps, but more can be done.
There are three ways to secure a database:
- Encrypt the data, make it useless to a hacker on your network
- Prevent unauthorized database access- think carefully about who has access, such as contractors, etc.
- Look for anomaly where a lot of data is being moved or accessed
When asked why some organizations aren’t using all the security features available to them, Mr. Thomas suggested it’s sometimes a matter of education and awareness. For example, just turning encryption on.
Finally when asked about ransomware and whether encryption would solve this problem, Mr. Thomas explained “Ransomware is a new way for bad guys to get what they want. You need to have a defense in-depth strategy. Encryption is in place, an organization needs to make it difficult for someone to access the data and implement layers of security. Multi-factor authentication is important in this situation.
Lastly, when asked about his thoughts on the U.S. Government partnering with private entities to retaliate on cyber-attacks, Mr. Thomas responded that it was a necessary evil, a combination of defense and offense.