When it comes to user data, the majority of it is stored and held by online corporate networks. The main worry for users is not getting hacked individually, but a corporation or company that holds their data being compromised. From eBay to Snapchat, user data can be very vulnerable. Ted Schlein, a general partner with Kleiner Perkins Caufield & Byers, lays out the painful truths behind cybersecurity software in TechCrunch.
According to Schlein, there are only two types of companies: companies that know they’ve been breached, and companies that haven’t found out yet. “The average length of time it takes for an advanced persistent threat to be detected on a corporate network is now an alarming 229 days. We need to get that down to 24 hours — or one hour,” he writes.
Another problem is that encryption must occur at all levels, inside and out. “Rather than simply erecting thicker walls to fend off intruders, which becomes increasingly impractical in highly-distributed cloud-based architectures, we need to encrypt the data that attackers want,” he writes. If companies allow data to be stored, or circulated in an unencrypted environment, the first line of defense becomes the only line of defense.
The threats themselves are starting to have much wider impacts, Schlein writes. As more services like banking and online shopping become second nature online, data becomes much more sensitive. If a breach were to occur on Amazon, for example, hosted websites could be taken down or stolen, credit card information could be sold, or users may even have their identities stolen.
The sophistication of hacker tools has largely outpaced the tools used to deter them. Schlein suggest approaches, from fighting fire with fire, to hiring a team of white-hat hackers. Synack, a human-powered cybersecurity solution, pairs “the world’s greatest white hat hackers and [applies] them to your company’s security risk assessment with an automated platform” Schlein writes.
And the most important thing to realize is that attackers aren’t going to go away. So Schlein’s best advice is to deter them as much as possible. Putting a good internal and external defense in place enables most companies to react to threats quickly. “There’s no need to panic; it’s a matter of preparation and staying vigilant when the invaders land inside the wall. Innovation in the security space is high.”