Why Cybersecurity Fails Without Strong Infrastructure and Leadership, Says Former US Cyber Chief Dan Lohrmann
In the world of cybersecurity, few experts can match Dan Lohrmann’s reputation for insight and authority. A leading technologist and data privacy expert, Dan has held senior roles across both the public and private sectors, including Field Chief Information Security Officer (CISO) for Presidio, Chief Strategist for Security Mentor Inc, and positions with Lockheed Martin, ManTech International and the National Security Agency.
Recognised with awards such as CSO of the Year and Computerworld Premier 100 IT Leader, Dan is also a best-selling author of several influential books, including Virtual Integrity, BYOD For You and Cyber Mayday and the Day After. He writes the internationally ranked blog Lohrmann on Cybersecurity, which is widely respected for its thought leadership on cyber resilience and future threat trends.
With decades of experience and a global reputation for excellence, Dan is one of the most sought-after voices in the industry and a prominent speaker represented by The Cyber Security Speakers Agency.
In the following interview, Dan shares his expert perspective on infrastructure resilience, cyber defence weaknesses, preparing for future threats and the importance of strong leadership during a cyber-attack.
Q: You talk about infrastructure resilience; why is this so important in business?
Dan Lohrmann: “The number of cyber-attacks hitting businesses around the world has skyrocketed. From ransomware and malware to online fraud, incidents have increased dramatically.
Your infrastructure is the first line of defence; it gives the business the capability to stop those attacks and enables the digital transformation of the business, allowing technology to be used properly. The protections we put in place for the infrastructure are paramount.”
Q: What do you believe is the biggest weakness in a business’s cyber defences?
Dan Lohrmann: “Technology. The challenges really span all those areas. People can be your biggest asset but also your biggest challenge. Actions such as clicking on a link, reusing a password, or falling for social media attacks can be used to penetrate any organisation.
No matter how good the technology is, we still hear of misconfigured services on cloud platforms. The challenge companies face is keeping things secure over time, even if they are secure at one point. It is about keeping them secure, ensuring that processes are maintained, people are well trained, and the technology is up to date.”
Q: How can businesses prepare for the cyber threats of the future?
Dan Lohrmann: “It starts with a good understanding of your current environment. We call it the ‘as-is’ environment: your current infrastructure. Then it is about knowing where things are going, having a good understanding of advances in artificial intelligence and autonomous technologies.
In government and finance, what attacks are being carried out today? It is about connecting those dots and looking at the attacks likely to happen in the future. There are a lot of ways we can do that: by connecting the dots, by looking at current threat trends, and by studying leading-edge trends that are becoming more prevalent.
We saw that with ransomware. It started slowly, then grew, and then evolved into new types of attacks. As we track those, and I track predictions each year, my prediction report brings in vendors from across the industry and looks at the top companies around the world and what they are predicting.
Bringing those together and making sense of them is key: what are the trends? What are the best practices for stopping those attacks? I keep close tabs on that every year, and my report at Lohrmann on Cybersecurity is the top report issued every December.”
Q: How important is strong leadership in the event of a cyber-attack?
Dan Lohrmann: “Strong leadership is essential in a cyber-attack. When a ransomware attack hits, the actions in those first few minutes are paramount. Who are you going to call? Who will get involved in the organisation? Does management know what to do and how to do it? The leaders, starting at the top, from the CEO to the CFO, CSO and CISO, all need to know what to do, where to go, who to contact, and which partners to work with.
Everyone needs to follow. Trust is so important: trust that people can do what they need to do, that they are well trained, that they know who to contact, and that they know how to address the media and communicate with the public, clients, partners, and colleagues. All of it needs to come together quickly, because time is very precious when a cyber-attack hits.”
This exclusive interview with Dan Lohrmann was conducted by Mark Matthews, Senior Keynote Speaker & Entertainment Manager at The Cyber Security Speakers Agency.
The post Why Cybersecurity Fails Without Strong Infrastructure and Leadership, Says Former US Cyber Chief Dan Lohrmann appeared first on European Business & Finance Magazine.
