A worldwide cyber warfare

06 Dec 2018
Book your demo now >

Those who know – rarely speak. Those who speak – rarely know. But those who know and speak – are rare. I had the honor and pleasure of being in the company of such a rare person last Thursday,listening to him speak about the threats and dilemmas of cyber warfare on a global scale with applicability to the single corporate CISO.
His name is Haim Tomer, and he’s a Mossad veteran carrying the weight of 30 years of secrets in service of the Mossad. During his career, he served as the Chief of Counter-Terrorism, Chief of Intelligence and Chief of International Operations. For obvious reasons, it is difficult to find a picture of him online.

Mr. Tomer was the keynote speaker at the Pcysys Security Seminar, for CISOs, in Tel Aviv discussing the ways CISOs should manage their budgets and resources to stay afloat with the growing threat landscape and attack surface, yet not get fumbled with the many options of building their cybersecurity technology stack.

Haim has somewhat of a miracle-memory; his knowledge of the details of every attack or hack in the past decade (as much of the truth that has surfaced) was outstanding. He reviewed cyber attacks on each sector of the globe covering political elections, banks & financial markets, law firms, retailers, and critical power plant infrastructure.

At the same time, I was captivated by a great deal of detail and stories regarding who was behind what attack and the different kinds of attacks, players and motivations, but I was struggling to put together the full picture. Mr. Tomer read the crowd and set it off right then and there saying “many people ask themselves, what is really going on? Where is all of this going? Is it man or machine? State-level or simple cyber-crime? What is the story behind what seems to be an intensely increasing “all you can hack” global frenzy?

pen-testing

His modest answer was that no one really knows- even in the inner circles of the intelligence community, there are differences in opinion of where the attack vectors are going to hit next. However, there is a thesis that this is all training day; different parties are training and flexing their “cyber muscles” towards a type of conflict we have never seen. A “World War cyber” conflict on a scale we have not experienced in the history of mankind. We all know that electronic warfare and cyber-warfare are part of any modern warfare campaign, but it never crossed my mind of it being “the campaign”. Would it get bloody? How would the upper hand be determined? Who would be the winners and losers? Can we even imagine the reality of all the hacks from this decade happening in one day? What would happen if within 24 hours we got a combination of the equivalent of Stuxnet 2010’, Saudi Aramco 2012’, JPMC 2014’, Anthem medical data 2015’, WannaCry 2017’, Equifax 2017, Facebook 2018’ and the recent Marriott-Starwood breach 2018’? Would we all go back to the stone age as a result?

One thing is certain, the cyber arms race continues. Enterprises and corporates need to automate every aspect of the cybersecurity defense mechanisms of prevention, detection, and response – and without any less importance – the ability to measure their cybersecurity posture daily, automatically and continually pen-testing all their defenses to reveal and heal the real business vulnerabilities.

How Can Automated Penetration Testing Make Your Company Safer? Watch the Webinar.
Subscribe to our newsletter

Find out for yourself.

Begin your journey in security validation and see why leading companies trust us with their cybersecurity validation.

Start with a demo
Related articles

Create Stronger Passwords with These 5 Tips

Would you believe if I told you that you 81% of data breaches worldwide are caused by hacked passwords? This statistic provided by Verizon Data Brea...

Top Ingredients for a Winning Startup

“He shoots, he scores!” I still hear the sports announcer’s excitement coming across the loudspeaker -- in my high school basketball court days. ...

Comparing Cyber Warfare to Chess Strategies

In cyber warfare, like in chess, the game outcome is not determined by a single exploit (or move), but rather by a patient silent-predator strategy....