If cybersecurity breaches are the new normal – and they are – then it is critical that governments lead the centralised and coordinated defensive efforts at an economy-wide scale.
But that doesn’t mean governments have some kind of cyber superpower, says Peter Bauer, the co-founder and CEO of email and collaboration security specialists Mimecast.
Hardening an economy against evolving threats and building resilience into the system requires coordination, the pooling of knowledge and information sharing – things governments are good a brokering.
In this episode of the Commercial Disco, Mr Bauer talks candidly about the roles that governments, law enforcement and intelligence agencies play in building resilience broadly, and responding to incidents specifically.
Having set up Mimecast 20 years ago in 2003, Mr Bauer has steered the company through many generations of technology, and many generations of cyber threats.
He been the CEO through its early days as a bootstrapped startup, to taking friends and family investments, through to venture capital funding and growth funding and then six years as a NASDAQ listed company.
And finally, the company was taken private with a US$5.8 billion acquisition by private equity giant Permira.
Talking generically about the federal cybersecurity overhaul announced a week ago – which includes the creation of a National Office of Cyber Security, as well as new powers for government to take control of private systems where a damaging breach had occurred, Mr Bauer said working together was key.
The takeover powers might not be a bad idea, he says, but its complicated.
“I’m not sure that’s a bad idea. Cybersecurity is a team sport, so working together is critical,” Mr Bauer said. “[But] displacing a private sector organisation’s cyber team and replacing it, that is a tricky activity.”
“What we saw in the US, which was a very high stakes game around the Solar Winds breach… was a very coordinated public-private teamwork to counteract that [incident].”
The FBI and other agencies were able to advise private companies, giving them insights and indicators of compromise, as well as key data points that allowed those companies to more successfully deal with the Solar Winds issues.
“The reality is that the government doesn’t have any special cyber superpowers. But by pooling knowledge, pooling resources, having playbooks for coordination, and threat intelligence sharing… that’s constructive,” Mr Bauer said.
“It’s really a teamwork approach. I think that’s critical.”
The changing technology landscape means an endlessly changing threat landscape, and that has been a simple narrative since Mimecast was founded, he says.
In email security, data breaches are often the result of social engineering through human to human contact.
The arrival of AI systems that are relatively easy to use are definitely exciting because they offer new forms of productivity and creativity, Mr Bauer says, but they are absolutely a double-edged sword.
“Adversaries can use those tools too, and I think the one thing we worry about quite a bit are the human-to-human scams … [because] productivity enhancement tools like ChatGPT, can quite plausibly allow an attacker to have very targeted attacks at scale,” he said.
