Cybersecurity #detection more #important than #protection, says #Microsoft CTO

Detection is more important than protection in cybersecurity, according to Microsoft UK CTO, Michael Wignall.

Speaking at the Microsoft Decoded event in London, Wignall commented on the importance of security as an overarching necessity in order to work with new technology trends.

Wignall stated that security systems should work on three fronts; protection, detection and response. Noting the findings of a study which found that the average time that an attacker spends on a network before they’re detected is 144 days, the Microsoft CTO argued that detection is the most important aspect of this strategy.

He continued: “It’s vitally important to understand your technology environment and how it’s changed – you’re now much more connected than ever before. We have to think about cybersecurity in a very different way.”

One of the ways in which detection times can be reduced, argued Wignall, is through machine learning. The use of artificial intelligence and machine learning by attackers is becoming more prevalent, and as such, should also be used by security professionals.

Wignall said: “A lot of the threat isn’t as targeted and sophisticated as you might think, it’s actually much more opportunistic – they’re taking advantages of some of the changes in the tech landscape.

“If you’re not taking advantage of AI in your systems, you better believe that the attackers are – so you’ve got to keep up.”

Touching briefly on GDPR concerns, Wignall noted that the rules will put significantly more onus on organisations to treat data and privacy more seriously.

For instance, blockchain could be problematic for organisations looking to become GDPR compliant. Wignall noted some of the potential advantages – using the example of buying a car. It is plausible that the car could carry all its details through blockchain – the service history, ownership details, tax, licensing and so on.

However, when questioned on the possibility of conflict in terms of the immutable nature of blockchain records and the right to be forgotten enshrined in GDPR rules, Wignall accepted that it was a difficult topic.

“More than for things like car records, for individuals, it is very contentious. For instance, if somebody goes through a transgender process, and their previous identity is held in the blockchain, that can be a problem. It’s a challenge.”