Cyber Advisor

Cipher Brief Expert Daniel N. Hoffman is a retired clandestine services officer and former Chief of Station with the Central Intelligence Agency. His combined 30 years of government service included high-level overseas and domestic positions at the CIA.  Hoff man is an advisor to Vaillance Group.

Shawnee Delaney was a clandestine officer and former Detachment Chief for the Defense Intelligence Agency and IT Specialist for the Department of Homeland Security for 10 years. She is a subject matter expert on insider threat and is the CEO of Vaillance Group.

OPINION — If there is one thing we have learned from doing business during the COVID-19 pandemic, it is the great benefits but also associated risks, of relying on cyberspace. A force multiplier for free expression and commerce, cyberspace is also an unregulated playing field subjected to exploitation from adversaries like China, Russia, Iran, and North Korea as well as criminals and terrorists.

Now more than ever, organizations are recognizing that no matter what technical controls and policies they have in place, it is the human threat (both internal and external) that is their greatest vulnerability. While use of the internet enables companies to get work done, it also leaves them and their employees vulnerable to exploitation.

The shift from working in an office, with security measures long in place, to a home environment has highlighted a new set of security risks to businesses including the use of personal unprotected devices, a general lack of cyber hygiene, and an ignorance of the vulnerabilities employees pose to their companies.

When we served in the U.S. Intelligence Community, being in the incident response phase - or “to the right of boom” – of a counterterrorism operation meant we had not collected enough of the disparate intelligence or perhaps did not analyze it properly in order to prevent an attack. In most cases, terrorists, like hackers, conduct reconnaissance before mounting an attack. Failing to detect enemy reconnaissance and learn about the threat, allows the attacker to enjoy the element of surprise.

For this reason, cyber savvy companies should focus on prevention during the pre-attack phase. But the first thing they should do is assume they will be (or already have been) successfully hacked and prepare accordingly. This also applies to the human threat - or insider threat.