Cybersecurity Is Broken: Ed Adams on the Hidden Risks No One Talks About
Ed Adams is the President and CEO of Security Innovation, a pioneer in software security that equips organisations with the tools and training to protect their most critical data. A cybersecurity leader with decades of experience, he has advised global businesses on compliance, application security, and secure software development. He is also the host of Ed TALKS, where he interviews thought leaders on technology, strategy, and the future of cyber.
With a background spanning engineering and business, Ed has held senior roles across leading technology firms and served on multiple cybersecurity boards. He is a Distinguished Research Fellow at the Ponemon Institute, Treasurer for Cyversity, and an active member of the BoSTEM Leadership Committee. A seasoned speaker, Ed has presented at global events including RSA Conference, PCI Community Meetings, and InfoSec World.
In this exclusive interview with The AI Speakers Agency, Ed shares his insights on the biggest threats facing businesses today, the impact of remote working, and how organisations can strengthen their security strategies.
Q: In the world of cyber security, what is the biggest threat that businesses currently face?
Ed Adams: “Oh, that’s an easy one for me. Businesses today are adopting new technologies faster than they learn how to secure them. Whether it is the Cloud, IoT, blockchain or presently artificial intelligence, there is always a rush to adopt this new technology because of the promise of the features that it can bring.
Which is, of course, wonderful, and we should be doing that. However, rushing into adopting that technology before learning how to secure it is doing nothing more than just expanding the attack surface and putting the businesses and their customers more at risk.”
Q: Now that remote working has become the norm for many companies, how have security strategies had to adapt to this new style of working?
Ed Adams: “That’s something that is all about return to the basics. It is back to basics. Organisations today, given the remote work environment, have got to be disciplined about cyber security fundamentals.
It sounds funny in 2023 saying that you have got to go back to the basics, but a lot of organisations got relatively lax when it comes to simple things like multi-factor authentication, basically relying on something other than just a username and a password to get access to a system.
That is something that most organisations still relied on, and the global pandemic that hit in early 2020 forced organisations to realise that that single point of failure was an insufficient protection. So, they started to adopt things like multi-factor authentication.
In addition to a username and password, I have a challenge question or push a code to a mobile device that the user has, combining something that you know, something that you have and something that you are. A biometric fingerprint. Combining any two of the three dramatically reduces the chance of an attacker being able to guess your credentials and get access to that private information or access to that system.
So, what do organisations have to do to adapt to the new style, which is now three years old, of remote working? Go back to basics, and the one thing that you can do more than anything else is multi-factor authentication.”
Q: What advice do you have for businesses in the process of integrating new software?
Ed Adams: “One word: training.
Education is vital when you are adopting new software, new technologies. Education, education, education. It is just like any new tool you might use. If you are going to use a chainsaw to cut down a tree, or you’re going to use some type of tool in your woodworking shop, you need to understand how to use that tool properly. New software is no different.
Whether it is commercial off-the-shelf software, new open-source software, or a new technology stack that you’re using to develop software, you need to understand and be trained on that technology in order to use it effectively. Otherwise, it is equivalent to handing me a scalpel. I am not a trained surgeon. I do not know how to heal people with a scalpel because I am not trained.
So, train folks on the new software, the new technology, particularly with security, and make sure that they think about security as an aspect of software quality. You have got a business in the process of adopting new software; they’re going to think about all the quality aspects of that software: functionality, performance, reliability. Include security as an aspect of software quality and you will be able to adopt that software in a much safer manner.”
Q: What are the business and financial benefits of companies staying up to date with the latest software?
Ed Adams: “In some instances and in some environments, it is stay up to date or die. It is evolve or perish, and I don’t mean to sound dramatic, but it is true. If you’re not keeping up with the latest advances in technology and improving your processes, and using those technologies to improve your processes, you might lose a competitive advantage that you have.
I know organisations are sometimes reluctant because they take the philosophy of: if it isn’t broke, I don’t want to fix it. There is a lot to be said about that. However, you always want to be analysing: what can we do better, what can we do faster, what can we do more efficiently or less expensively? If technology can enable that, you owe it to yourself to try to take advantage of it.
I know organisations can be reluctant to disrupt processes. However, disruption leads to competitive advantage. Disruption leads to evolution, and disruption leads to the capture of new markets that you might presently be blind to.
So, there are good business benefits and financial benefits. You also might open yourself up to new talent that you previously were not able to hire, because you’re adopting a new technology that can allow your business to grow and expand. Open your mind to new technologies that can be freeing, can be liberating.”
This exclusive interview with Ed Adams was conducted by Mark Matthews, Senior Keynote Speaker & Entertainment Manager at The Champions Speakers Agency.
The post Cybersecurity Is Broken: Ed Adams on the Hidden Risks No One Talks About appeared first on European Business & Finance Magazine.
