Ninety percent of even the largest global firms are susceptible to advanced, sophisticated and targeted cyberthreats, warns Peter George, CEO of General Dynamics Fidelis Cybersecurity Solutions. And as adversaries have proven in recent attacks on JPMorgan Chase and Sony Pictures Entertainment: If they want to get in, they can.
It's critical, then, to have an updated, thorough breach response plan in place - and to have rehearsed it, says George, in an exclusive Executive Sessions interview with Information Security Media Group. "It's like practicing a fire drill."
Organizations need to heighten their defense against the evolving threat landscape, which is presenting more "content-based threats," says George, a 25-year security veteran who has previously held top leadership posts at Nortel and Crossbeam Systems.
"The adversary is being very smart, very targeted and very persistent, targeting the weakest link in company security posture, and that's the carbon layer - the human element, using [for example] spear-phishing attacks to compromise networks," he says.
"Unless you have visibility into the content where you can see the threat, it's very, very hard to protect yourself against the new kinds of advanced threats that are happening today," George says. At the same time, defending against those threats is becoming even more challenging because "the attack surface is changing...and getting bigger," he says.
All industries, including the healthcare sector, are dealing with how to best protect data from these advanced threats, especially when information security resources are limited and need to be stretched, George says.
"In most companies' networks, only 5 percent or 10 percent of their data is sensitive," he says. "So understanding where that sensitive data is and building a security posture to protect that information is absolutely critical."
In the interview, George also discusses:
- The changing security marketplace and the prospects for consolidation;
- His leadership philosophy, which focuses on building teams and "coming from an underdog position;"
- Advice to budding information security professionals.
George has more than 25 years of global network security experience. Prior to becoming president and CEO in 2008 of Fidelis Security Systems, a unit of General Dynamics and a provider of advanced threats defense solutions, George spent seven years as president and CEO of Crossbeam Systems, a vendor in the high-end segment of the unified threat management market. Previously, he was president of Nortel Networks enterprise business in Europe, Middle-East, and Africa, responsible for managing more than 5,000 employees and $2 billion in revenue. George came to Nortel via their 1998 acquisition of Bay Networks, where he was serving as vice president of European operations.