Navigant's Cyber Risk and Information Security PracticeLearn More

Blog

Senior Executive Cyber Security Conference: Top 5 Takeaways17 September 2015

By
Events

Executives from all industries met on Thursday, September 10th for the 2nd Annual Senior Executive Cyber Security Conference, hosted by COMPASS and the Johns Hopkins University’s Information Security Institute. The event was based on two controversial topics, information sharing between government and private sectors, and consumer data privacy. With speakers from academia, legal, government, non-profit, and commercial sectors, attendees were able to hear and discuss the different perspectives on each topic and also gain insight into ways they can protect their organizations from a data breach. Here are the top five takeaways from the event:

1. National Security vs. Privacy
Renowned journalist Hodding Carter III set the tone of the day, describing the ongoing tension between the government’s natural desire to protect national security and the public’s Constitutional right to be protected from unnecessary snooping. Should the government sector have legal access to consumer data in order to secure our country? The controversial topic was the basis for the conference and will be an on ongoing discussion for years to come.

2. “It’s Going to Look Worse Before it Gets Better.”
Senior Director for Cybersecurity at the White House Ari Schwartz warned attendees that we may see an increase of data breaches in the news before we see an improvement in the country’s cyber security. As organizations actively work to protect and monitor their sensitive data, more breaches are being discovered. While this may seem like a setback, it is better for organizations to know when they have been compromised than to remain unaware. Organizations are improving their security infrastructure, which allows them better insight into their data security when and if they are breached. As a result, there is an increase in data breach reports.  In summary, while we will hear about more data breaches in the coming years, the actual number of breaches occurring may not increase.

3. The Solution, Starting with the Basics
Many of the speakers throughout the day, whether they were for or against information sharing, stressed that there are simple ways for organizations to better secure data. From employee education on cyber security threats to data management and vulnerability assessments, organizations can take proactive measures to improve their cyber security infrastructure. Without these basic starting points, information sharing cannot be effective.

4. Education Is Key to Security
Michael Echols, Department of Homeland Security, focused his presentation around the importance of cyber security education. Human error is, and will remain, most organizations’ largest weakness within their cyber security ecosystem. It is important to properly educate employees on cyber security threats and ways that they can assist in securing data. Echols stressed that the government can only give organizations the tools they need to protect themselves; what we do with those tools is up to us.

5. The Internet is not Private
Another theme throughout the day was the concept of privacy. Avi Ruben, of the Johns Hopkins University’s Information Security Institute, demonstrated that all devices that connect to the Internet can be hacked. Curtis Levinson, of NATO, stated that privacy, in fact, no longer exists. With companies such as Google and Facebook constantly capturing consumer data, no one can live completely off the grid. There is a constant balancing act between convenience and privacy. In order to have one, the other must be sacrificed.

The 2nd Annual Senior Executive Cyber Security Conference was a great success, thanks to the captivating speakers and the dynamic audience. The discussions throughout the day emphasized the importance of cyber security for all industries. While everyone may not have had the same view on information sharing between government and private sectors, all were in agreement that organizations need to start integrating cyber security into their everyday practice. To help you get started assessing your own organization’s security infrastructure, here’s an Assessment Checklist that outlines the key components.

Work With Us Learn How