“The message here is please think before you click,” said Ray Kelly, vice chairman of K2 Intelligence.
If anybody would know, it’s Kelly. Formerly the longest-serving commissioner of the New York Police Department (NYPD), he has seen the damage that outside threat actors can have on organizations. And as the keynote speaker at ALM’s cyberSecure event in New York on September 27, he said that cyber attacks are among the most dangerous attacks he has ever seen.
“Yes, the threat may change, but our vigilance is as strong as it’s ever been,” he explained.
From experience, Kelly noted that vigilance from corporate legal departments requires a two-pronged approach. First, companies need a team, either internally or externally, that can respond quickly when suspecting a breach. Second, organizations need a comprehensive business continuity plan for cybersecurity defense.
Both the team and the plan need to encompass the entire organization, he cautioned. “Cyber has to be everyone’s problem and everyone’s concern, from the IT center to the executive suite. Particularly the executive suite.” If cyber isn’t a priority from up top, he added, “it won’t be effective for very long.”
Once that tone from the top is set, it’s incumbent on businesses to respond with a practical action plan. Kelly laid out his own plan in four distinct steps, which he said was designed to roll out immediately. The first step is to recognize the threat, though Kelly added that this is easier said than done.
“Those high profile reports are chilling. But the everyday reality of cybercrime happens far from public view,” Kelly said. “This is mostly about money, scamming and squeezing it away from people who have some.”