“CEOs need to know that everything is hackable,” cyber security expert Theresa Payton, who served as federal chief information officer for two years under President George W. Bush, told a group of small business owners on Friday.
Payton, who founded consulting firm Fortalice, explained that businesses should concern themselves more with how to stop an attack that’s already happening as opposed to preventing attacks.
“The conversation should go more like this: ‘I don’t like it, but I know that it’s inevitable that one day we’re going to be hacked,” Payton said, according to a report by John Hamlin of The Statesville Record and Landmark. “So the focus I want to have is, how quickly will we know (we’ve been hacked) and will we be able to protect our customers’ data?'”
Last month, Target’s CEO stepped down after 40 million customers’ credit-card numbers were stolen by hackers. And a U.S.-led international operation recently disrupted a unprecedented cyber crime ring that stole banking credentials and extorted computer owners around the globe.
Payton attributed two-thirds of all security breaches to human error. For example, cyber thieves recently took data on 145 mullion eBay customers by hacking three corporate employees.
“There’s no patch for human stupidity,” she said, adding that companies need to cultivate a culture of cyber security by emphasising the risk to the individual, their families, and society at large.
“Every dollar that we keep out of a cyber criminal’s pocket is a dollar less they have to fund human trafficking, terrorism, gun-running, illegal drugs and whatever other evil going on in the world,” Payton said. “We’ve got to band together to fight evil.”