BlackBerry Executive Chairman and CEO John Chen said many businesses are not prepared mdash and are not preparing new hires mdash when it comes to cybersecurity and many likely have already been compromised

Technology

Your biz may be compromised long before you know it — if you ever do

July 20, 2016

NEW YORK. It's a disturbing prospect: hackers could be inside your company's network right now undetected, and if you're lucky, maybe you'll find and stop them. At its Security Summit Tuesday, BlackBerry said it found in cybersecurity breaches, hackers were inside companies' systems for a median of 200 days before anyone knew it.

Aaron Marsh

NEW YORK. It's a disturbing prospect: hackers and cybercriminals could be inside your company's network right now undetected, and if you're lucky, you may actually find and stop them. At its Security Summit in Manhattan Tuesday, that's one of the statistics BlackBerry disclosed from its market research: in cybersecurity breaches, hackers were inside companies' systems for a median of 200 days before anyone found out.

"For those of you who think this doesn't apply to you, we found something else interesting: 80% of European companies actually have suffered a [cyber] attack in the last 12 months," said John Chen, BlackBerry's executive chairman and CEO. The point is that many companies are likely already in trouble in terms of IT security and potential breaches.

Information from BlackBerry and others helped illustrate the (poor) global state of corporate IT security, including the growing number of apps employees are using:

• There were 38% more security incidents detected in 2015 than in 2014. (PricewaterhouseCoopers)

• Only 38% of companies are prepared to handle a cyberattack. (ISACA)

• 48% of business executives are "highly confident" of their organization's ability to provide mobile security practices. (Global BlackBerry Survey)

• 6.4 billion connected things will be in use in 2016 — up a sizable 30% from 2015. (Gartner, Inc.)

• There are now more connected devices on Earth than living people. (NowSecure)

• 75% of apps fail to properly encrypt data. (Hewlett-Packard)

• Nearly 25% of mobile apps include at least one high-risk security flaw. (NowSecure)

• 75% of all mobile security breaches will be through apps. (Gartner, Inc.)

• 55% of financial companies believe "bring your own device" (BYOD) policies create risk; 47% of business executives say BYOD policies lead to "major" risks. (Global BlackBerry Survey)

• Nearly 50% of companies do not have a security incident response team. (Global BlackBerry Survey)

• Nearly 60% of business executives want the security expertise of an external professional. (Global BlackBerry Survey)

BlackBerry has been undergoing a major transformation, basically shifting away from its handsets that dominated in the pre-Android and pre-iPhone days and now focusing on building on its security-enabling software suite — particularly via a number of recent acquisitions — to handle the range of emerging business connectivity needs. Chen noted that handsets account for about 30% of the company's revenue.

Why is BlackBerry continuing toward this focus on security software? "Simply put, the market needs it," Chen said. "We believe we're the best to secure the connected world; we believe we have the deepest technology 'stack' in the area of enterprise security and mobility."

BlackBerry's stated goal is "to be the world's leading provider of end-to-end mobile solutions that are the most secure and trusted." In that vein, Chen said the company has "thought through how everything is connected, and we believe that we have most everything that's needed" to secure messaging and all manner of business connectivity, which has extended recently to commercial trailer tracking and security.

"One of our most recent releases is called Radar for the IoT [Internet of Things] — this is asset-tracking technology. I think that's going to be interesting," Chen said. Later in a Q&A session with reporters, he noted that the Radar product is being rolled out now following testing. BlackBerry is also getting into cybersecurity testing services, including so-called "white hat" systems hacking.

BlackBerry's intention is "not only to help you mobilize your enterprise — not only help you secure your enterprise — but really do all the testing and making sure that your infrastructure is built correctly. We believe that's going to be a big help," Chen said. Global cybersecurity-related business losses are now estimated at $400 billion each year, he noted.

"Cybersecurity is the top of the risk-management list," he told the audience, adding that among all U.S. companies, 54% don't offer any cybersecurity training for new hires. "This is surprising, since you've seen that a lot of hacks are initiated from inside the company," Chen contended. "It's an area that needs to be fixed."

About the Author

Aaron Marsh

Before computerization had fully taken hold and automotive work took someone who speaks engine, Aaron grew up in Upstate New York taking cars apart and fixing and rewiring them, keeping more than a few great jalopies (classics) on the road that probably didn't deserve to be. He spent a decade inside the Beltway covering Congress and the intricacies of the health care system before a stint in local New England news, picking up awards for both pen and camera.

He wrote about you-name-it, from transportation and law and the courts to events of all kinds and telecommunications, and landed in trucking when he joined FleetOwner in July 2015. Long an editorial leader, he was a keeper of knowledge at FleetOwner ready to dive in on the technical and the topical inside and all-around trucking—and still turned a wrench or two. Or three.

Aaron previously wrote for FleetOwner.