Cybersecurity Industry “Fighting the Wrong Battle for 20 Years”—New Research
SYDNEY – April 13, 2016 — Global technology company Nuix has published a provocative white paper by cybersecurity veteran Chris Pogue arguing that the technology industry has been “fighting the wrong battle with the wrong weapons” against cybercrime for the past two decades. The paper contends that for technology to fight cybercrime and insider threats effectively, it must solve human vulnerabilities.
“In the more than 2,500 data breaches I have investigated, I can count exactly zero that were caused by non-human-initiated system failure—like it or not, people are the problem,” said Pogue, Nuix’s Senior Vice President, Cyber Threat Analysis.
The white paper examines five cognitive biases—“bugs in our brain software”—that cause people to make poor decisions. It examines how other industries have learned to deal with these biases by concentrating on changing human behavior, and applies these lessons to the fight against cybercrime.
Pogue is visiting Australia this week to meet with government, law enforcement, and business leaders, launch the white paper, and demonstrate the soon-to-be-released Nuix Insight product line. These products will provide an integrated approach to cybersecurity threat prevention, detection, investigation, response, and remediation.
“Our focus with Nuix Insight technology is to reduce the number of human decision points, thereby dramatically reducing the opportunity for mistakes and failure,” said Pogue. “To do this we’ve baked into the products decades of experience from experts in incident response, malware reverse engineering, threat intelligence, data analysis, insider threats, and digital forensics.”
The white paper includes a strategic battle plan and practical action plan for organizations to focus on using technology, people, and processes to address the people problems of cybersecurity.
“Do we have what it takes to outsmart our own brains and stop ourselves from repeating the mistakes of the past?” said Pogue. “Hopefully we can set ourselves up for the next 20 years, get serious about security, address the real human vulnerability, and start reclaiming surrendered ground.”
Nuix Insight Adaptive Security—a continuous-protection platform for threat prevention, detection, response, and remediation—will be available in May. Nuix Insight Analytics & Intelligence—a four-dimensional security intelligence platform that connects people, objects, locations, and events for breach investigations, deep-dive forensics, and big data visual analysis—will follow in the second half of the year.