Partner Perspectives  Connecting marketers to our tech communities.
12/15/2016
10:00 AM
Lynda Grindstaff
Lynda Grindstaff
Partner Perspectives
50%
50%

Are Unconscious Biases Weakening Your Security Posture?

Proactively addressing your biases can help you build a resilient and adaptable security foundation.

As we move from one year to the next, it is valuable to reflect on what has changed and what hasn’t in our areas of interest. In cybersecurity, there are two notable things that have not changed over the past year, and one that has changed significantly.

The two issues that have not changed much are the ongoing scarcity of experienced security personnel and the somewhat related issue of little diversity in the security workforce in most organizations, especially the low number of women.

Where cybersecurity has changed a lot in the past year is the rate of innovation -- by organizations and their adversaries -- as they strive to gain an advantage.

There have been a fair number of blogs, articles, and research papers on these topics, and my goal is not to rehash those. Instead, I’d like to explore these three items from the perspective of unconscious bias -- the quick decisions that we make automatically and often without real awareness.

On the scarcity of experienced security personnel, many people I’ve spoken with have an unconscious bias toward hiring people with undergraduate degrees in security and/or various security certifications. But there are lots of other qualified individuals out there, whether they are coming from non-degree programs or lack a security certificate -- many of whom may already be working at your company. Consider organizing hacking contests or using video games that contain a realistic hacking component to identify potential candidates and reduce this bias.

Another unconscious bias that can affect the security workforce shortage centers on automation. Again, many people I’ve spoken with are concerned about letting machines make decisions such as blocking access, killing processes, or deleting files, which are tedious but critical components of any set of cyber defenses. It is time to actively work to counter this bias. Automation of tedious and repetitive tasks and that supports and augments the human security team is essential to dealing with the volume of attacks, alerts, and cleanup activities that most organizations deal with every day.

On the issue of women in the cybersecurity workforce, this is a longer-term project as it requires engaging more women and girls in security and technology concepts, training them, recruiting them, and keeping them. This can feel like a catch-22, as women sometimes look for jobs and environments that already have a reasonable percentage of women. However, it is also important to look at the work environment around you and make the necessary changes to attract and retain women. Sometimes the behavior of a group unintentionally excludes others, whether it is due to common topics of conversation, team-building activities, or after-work gatherings.

Finally, and possibly most dangerous, is the issue of unconscious bias and innovation. Studies repeatedly show that diverse groups are a bit more challenging to work in, but come up with better and more innovative solutions. Attackers are continually benefiting from this diversity, sharing and trading tips and code across national boundaries, among criminals and nation-state actors and others that have an interest in the technology. For example, a recent report on cyberattacks targeting the healthcare industry includes examples of attackers looking for partners, helping each other through some technical difficulties, and offering congratulations and a bit of envy after the theft of some medical records.

Adversaries have found new and creative ways to attack over the past year, including significant innovation in ransomware and DDoS attacks built on thousands of compromised webcams. Does your organization assume it may not be affected because it is located in a different country from where its suppliers and customers operate? Have you considered the impact of new devices and apps that are popular with your employees or consumers but not used by everyone on the team? Do you discount comments from younger employees because they have less experience? Any one of these things is an example of an unconscious bias that can increase the risk to your organization.

Our predictions for 2017 highlight another active year for cybersecurity. Proactively addressing your biases can help you build a resilient and adaptable security foundation that can more effectively detect, protect, and correct threats that are known, as well as those that haven’t even been invented yet. 

Lynda Grindstaff creates the future for Intel Security as the Senior Director of the Innovation Pipeline. In this role, Lynda leads a global team that brings the future to life for Intel Security through innovative strategies and prototypes. Her tenure with Intel spans two ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Devastating Cyberattack on Email Provider Destroys 18 Years of Data
Jai Vijayan, Freelance writer,  2/12/2019
Up to 100,000 Reported Affected in Landmark White Data Breach
Kelly Sheridan, Staff Editor, Dark Reading,  2/12/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-1695
PUBLISHED: 2019-02-15
IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 134177.
CVE-2018-1701
PUBLISHED: 2019-02-15
IBM InfoSphere Information Server 11.7 could allow an authenciated user under specialized conditions to inject commands into the installation process that would execute on the WebSphere Application Server. IBM X-Force ID: 145970.
CVE-2018-1727
PUBLISHED: 2019-02-15
IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 147630.
CVE-2018-1895
PUBLISHED: 2019-02-15
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ...
CVE-2019-4059
PUBLISHED: 2019-02-15
IBM Rational ClearCase 1.0.0.0 GIT connector does not sufficiently protect the document database password. An attacker could obtain the password and gain unauthorized access to the document database. IBM X-Force ID: 156583.