Lior Div in Network World: What enterprises should take away from the CIA leak

The recent document leak detailing CIA spying campaigns and hacking techniques has fostered conversations and news stories on how to balance intelligence gathering with privacy, as well as discussions on the agency’s extensive spying capabilities. What hasn’t been discussed as much is what enterprises can learn from the WikiLeaks Vault 7 leak.

To me, three key takeaways are that leaks can happen to any organization, figuring out what entity carried out an attack is difficult to do, and we’re in an era when nation-state weapons end up in the hands of criminals. Collectively, these development make practicing information security more complex than ever. Now, let’s explore each one in more detail.

Figure out the impact of a leak on your organization

Every company is vulnerable to leaks. Whether a disgruntled employee releases your company’s secret sauce recipe or there’s a whistleblower who thinks your company has lost its way, there’s the potential for trade secrets to end up in the public sphere.

From a technical standpoint, preventing leaks from happening is challenging. You can prevent employees from using USB drives and FTP or monitor their email to see if any sensitive information is being improperly shared with outside entities. But just like a motivated hacker, a motivated employee will figure out how to get this information out of the company.

While taking proactive steps to prevent leaks is highly important, companies should also run scenarios that look at how they would be impacted by a leak that exposes key data and develop a response plan in the event of a leak.

Could there be public backlash if the leak shows the company was engaged in activities that some people would consider unethical? After Edward Snowden, for example, leaked information on U.S. government intelligence operations, civil liberty groups, law makers, tech companies and foreign governments demanded accountability. Companies involved in projects that could spark ethical concerns should talk about the potential fallout if the public learned about this work and how to quickly recover. Would the stock price tumble? Would revenue be hit? Would customers cancel contracts?

Or could a leak seriously jeopardized the organization’s main mission? The CIA may find itself in this situation after the Vault 7 leak. With information about the tools and techniques the CIA used to conduct operation publicly available, companies will use this information to patch flaws and harden the security of their products. This would force the CIA to develop new tools and procedures for carrying out its objectives. Companies need to consider how to react if their intellectual property were shared publicly, providing competitors with a chance to study their plan and even incorporate them into their product.

Want to read more? Head to Network World for the entire blog.

Lior Div
About the Author

Lior Div

Lior Div, CEO and co-founder of Cybereason, began his career and later served as a Commander in the famed Unit 8200. His team conducted nation-state offensive operations with a 100% success rate for penetration of targets. He is a renowned expert in hacking operations, forensics, reverse engineering, malware analysis, cryptography and evasion. Lior has a very unique perspective on the most advanced attack techniques and how to leverage that knowledge to gain an advantage over the adversary. This perspective was key to developing an operation-centric approach to defending against the most advanced attacks and represents the direction security operations must take to ensure a future-ready defense posture.

All Posts by Lior Div