KALAMAZOO — When it comes to cybersecurity, it’s useful to reflect on the words of that famous philosopher Mike Tyson: “Everbody’s got a plan, until you get punched in the mouth.”
Preparing as best you can before that punch comes was the focus of the fourth and final event in the 2014 Michigan Cyber Awareness Luncheon Conference Series, held Monday at Western Michigan University’s Fetzer Center.
Speaker Nathan Dragun, lead cyber security analyst at Merit Network Inc., brought up the Tyson quote — as well as the observation that more and more of our lives are linked to the internet, and frequently, the ways they’re linked was “designed more for convenience than security.”
And frequently, Dragun said, “it’s just a mess.”
How big a mess? Try hackers that can alter pacemakers or take over the engine of a car.
However, there is help for those seeking to make their data more secure. The Michigan Cyber Range, for example, offers 17 technology and security training courses. The FBI offers help in diagnosing what went wrong in intrusions and helping victims design better systems, according to David M. Martin, special agent at the FBI’s Cyber Task Force in Detroit. And there’s the Michigan Cyber Civilian Corps, a volunteer group being set up by the state to help small businesses that come under attack, as well as help deal with major attacks on the state itself.
And there’s help in the private sector — for exmaple, AT&T regional vice president Roger Blake said his company offers a free weekly program on the state of the art in cybersecurity called Threat Traq, available at www.att.com/threattraq.
And Blake said cloud technologies that create risk also make it possible to encourage the use of security best practices on a widespread basis. “We’ve got to all become involved” in the cybersecurity fight, he said.
All this is serious business. Said Martin: “Are global cyberattacks coming to Michigan? Well, they already are targeting Michigan every day, and have been for years.” Included are individual hackers, hacktivist groups like Anonymous, and state-sponsored groups. The purpose of the attacks may be “purely for amusement,” for political goals or for financial gain, Martin said.
Speakers said there are always new delivery methods for malware being developed, including being embedded in routine documents and images.
Another speaker, Faith M. Heikkila, chief information security officer and privacy officer at Greenleaf Trust, noted that more and more hackers are using social media to gain access to sensitive information — posing as old friends or classmates on sites like LinkedIn and Facebook, for instance.
The bottom line, Dragun said, is that “we’re all really interconnected.
There’s no way around it. We have to embrace it and accept it and deal with it.”
The Cyber Awareness Luncheons were a follow-up to the governor’s
cybersummit held last year. Earlier this year, luncheons were held in
Marquette, Traverse City and Detroit. And the next major cybersummit — now renamed the North American International Cybersummit — will be held Nov. 17 at Detroit’s Cobo Center. For more information on the event, visit this link.
Sponsors of the luncheon series included premium sponsors Comcast Business, Deloitte and AT&T, and series sponsors Motorola, ITC Holdings, The Engineering Society of Detroit, Symatec, Google and Unisys.