The biggest technology companies, finance firms and technology giants — including Facebook which now reports up to 50 million user accounts may have been taken over by criminal hackers — invest many millions in cybersecurity and still fall victim to significant attacks.
It may be a function of where those many millions are going, which at many companies, is often backward rather than forward, focused on yesterday's or last year's problems and not on what might be coming next.
Last November, Facebook CEO Mark Zuckerberg told investors that he intends to make a point of communicating that cybersecurity spending will be hard on earnings, but is a necessary component of the company's forward-looking goals.
He said Facebook would double its security staff in 2018 by adding contractors, especially security engineers, from 10,000 to 20,000 employees. The company has also been spending more on artificial intelligence, in part to cull rogue accounts meant to sow discord with false stories, in U.S. elections and other government activities.
In the company's second-quarter 2018 earnings call, Zuckerberg pointed out one of the toughest lessons for all companies as big as his, "Security is not a problem that you ever fully solve."
First, one of the top issues companies must contend with is that many of the cybersecurity problems they are tasked with fixing are backward-facing, based on major issues of the past. That leaves the door wide open for innovators on the adversarial side.
Whichever issue brings a company the sharpest criticism from the public, the most attention from regulators or the most worry from its board, that's what will get the focus internally, including from executives who hold the budgetary purse strings. In Facebook's case, its security efforts have been especially laser-focused on election-related "fake news."
The same is true at all big institutions with a target on their back for criminal attackers. Cybersecurity executives in the health-care, logistics and shipping industries, have told CNBC they are putting a significant portion of their attention to ransomware mitigation and disaster planning, following the WannaCry and NotPetya ransomware-worm attacks launched last year.
In the same vein, cybersecurity insiders at a range of top finance firms have told CNBC in the past year that they have put an exceptionally heavy emphasis on spinning up projects to prevent another breach like that which struck Equifax in September 2017, at the behest of boards and shareholders. Those initiatives typically include putting a huge focus on the public response plan for a data breach and reconsidering how these companies patch their systems en masse.
Of course, in 2017, Equifax itself was focused on something elsebefore its massive breach: Chinese spies, one of the headline cyberattack concerns of 2015 and 2016.
All of these cyber-issues are important to address, but it is also important to give equal focus to forward-looking matters. That's because criminals, trolls and other malicious actors aren't constrained by a company's yearly budget allocation meeting and quarterly reporting schedule.
Criminals, by contrast, can pivot strategies on a whim. And in some ways, they are just as mindful of what the Facebook CEO might need to do and say to please his shareholders and board as is Zuckerberg himself.
"This is a really serious security issue and we are taking it very seriously," Zuckerberg said.
Undoubtedly companies may be "serious" about security, but criminals are serious about working around it. And for that, it may be time for rethinking how companies are held accountable for breaches, and how they should look to keeping more secure in the future.
Latest Stories
-
Joy FM Prayer Summit for Peace ends in electrifying worship and prayer
3 hours -
The Conscience of Leadership: A call to President Akufo-Addo on Ghana’s environmental devastation
3 hours -
Ghanaian youth unaware of their right to hold politicians accountable – Youth Bridge Foundation
4 hours -
Judge delays Trump sentencing for a third time
4 hours -
2024 WAFCON: Ghana drawn against defending champions South Africa in Group C
5 hours -
Photos from DW-JoyNews street debate on ‘galamsey’
6 hours -
Mimmy Yeboah: Blending heritage with global sophistication, confidence redefined through couture
6 hours -
100 Most Influential People Awards 2024: Brain Hill International School’s Director Mary Anane Awuku honoured
6 hours -
Akufo-Addo commissions 97-km Tema-Mpakadan railway line
6 hours -
Majority requests recall of Parliament
7 hours -
Kanzlsperger and Professor Quartey support WAFA with medical Donation
7 hours -
Gideon Boako donates 10 industrial sewing machines to Yamfo Technical Institute
7 hours -
‘Golden Boy’ Abdul Karim Razak honored at WAFU-B general assembly
7 hours -
Buipewura Jinapor secures Vice Presidential position in National House of Chiefs with record votes
7 hours -
2024 election: I want results to come out like ‘milk and honey’ – Toobu
7 hours