Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish

Morgan Stanley’s Rachel Wilson on the democratization of cybercrime | #malware | #ransomware | #hacking | #aihp

Rachel Wilson’s stellar security career has seen her hold several senior leadership positions at the National Security Agency (NSA) and become the first head of cybersecurity for Morgan Stanley Wealth Management and Investment Technology, where she now works to protect the organization’s systems and data and advises leadership on key cybersecurity issues.

Wilson was opening keynote speaker at the recent CSO UK Security Summit where she reflected upon the biggest changes in the risk and security landscape and how CISOs must respond to lead teams and embrace emerging opportunities. What follows are highlights from that presentation.

Democratization of cyber capabilities

The last two years have brought about significant changes across the risk and security landscape, impacting organizations on several levels, Wilson said. “The real change over the last two years has been the democratization of advanced cyber capabilities. The vast majority of malicious cyber activity used to come from nation states—governments hacking governments. That’s changed, and we know that 70% of malicious cyber activity on the internet now is financially motivated.”

Cybercrime is increasingly more opportunistic in nature, with losses due to cyber-enabled theft and fraud skyrocketing in the last 24 months or so, Wilson continued. “We’ve also seen the rise of cybercriminal syndicates, where traditional organized crime rings are using cyber means to conduct crime, operating at a scope, scale, and velocity that is mindboggling. This is leveraging the exposure of very advanced cyber tools, tradecraft, and tactics that anyone can learn over YouTube.” These factors have dramatically changed the job for all in the CISO space, she added.

Pandemic a “boon” for security

The nature of cybersecurity has been significantly impacted by the shift to remote and hybrid working introduced by the COVID-19 pandemic, Wilson said. “The CISO community has always been committed to enabling businesses, but on that morning in mid-March 2020 when we realized we would be sending the entirety of our workforce home, a lot of us were summoned quickly before our board of directors and asked how we were going to do that effectively and securely.”

Wilson reflected that this made her and fellow security leaders far more conversant around security concepts such as multi-factor authentication (MFA) and zero trust that have had to come to fruition very quickly. “As much as that has been stressful it’s also been fantastic. Things that we have been pushing for years around second factor authentication or the idea that we don’t need to be persistently storing customer/client/propriety data—if I can make virtualization work from home, why can’t I make it work from anywhere, including in the office?” The hybrid environment that is here to stay has been a “real boon” for many CISOs that have been able to push an agenda that was once aspirational but is now existential to the organizations they support, Wilson said.

Copyright © 2022 IDG Communications, Inc.

Click Here For The Original Source.


National Cyber Security