Thomas Glocer, BlueVoyant: What’s the State of Cybersecurity?

Yale Insights

23 Jul 201907:42

Summary

TLDRThe speaker, an expert in cyber defense and finance, discusses the founding of Bluevoyant to combat rising cybersecurity threats, particularly targeting smaller financial institutions. They highlight the challenge posed by both nation-state actors and sophisticated criminals who exploit advanced hacking tools available on the dark web. Additionally, the speaker envisions a future where individuals can control and monetize their personal data, shifting the balance of power from corporations to consumers. This transformation could empower users to make informed decisions about their data privacy and how it is used.

Takeaways

😀 The speaker has a long-standing interest in cyber defense, rooted in their computing background at Yale.
😀 Experience at Reuters and Thomson Reuters exposed the speaker to significant cyber threats during the late 90s and early 2000s.
😀 The speaker is part of a group concerned with the vulnerability of the nation's banking system to cyber threats.
😀 Cyber defense encompasses geopolitical issues, including the intentions of foreign state actors targeting critical infrastructure.
😀 There are substantial technological challenges in cyber defense, such as detecting and preventing malicious code injection.
😀 The speaker founded Bluevoyant to address these challenges, focusing on protecting smaller financial institutions that lack resources.
😀 Advanced persistent threats from nation-states are difficult to counteract, but many lower-tier threats can be mitigated.
😀 Criminals increasingly use sophisticated tools and platforms, sometimes developed by nation-states, available on the dark web.
😀 The concept of personal data ownership is evolving, with potential new models for individuals to monetize their own data.
😀 A vision is proposed where individuals control their own data and can choose to sell access to it for micropayments.

Q & A

What sparked the speaker's interest in cyber defense?
-The speaker's interest in cyber defense began during their time at Yale in computing and was influenced by experiences at Reuters and Thomson Reuters, where they encountered significant electronic probing.
What key issues does cyber defense encompass according to the speaker?
-Cyber defense involves geopolitical issues related to state actors, technological challenges of malicious code injection, and strategies for defending against such threats.
What was the motivation behind founding Bluevoyant?
-The speaker founded Bluevoyant to address concerns over inadequate protection in the banking system and to leverage their experience on the Morgan Stanley board overseeing cyber defense.
Which sectors are considered well-defended against cyber threats?
-The financial services sector is considered well-defended due to early recognition of threats, advanced technology, and significant financial investment in cybersecurity.
What vulnerabilities exist in smaller financial institutions?
-Medium and smaller institutions, like savings and loans or community banks, are vulnerable because they often lack the resources to invest heavily in cybersecurity, despite having attractive assets for attackers.
How do advanced persistent threats (APTs) operate according to the speaker?
-APTs from state actors can infiltrate networks without detection, and their presence may go unnoticed until a significant incident occurs, if it occurs at all.
What has changed in the tools available to cyber criminals?
-Criminals now have access to sophisticated tools that were originally developed by nation-states, often available for rent on the dark web, making cyber attacks more accessible.
What concept regarding personal data does the speaker propose?
-The speaker suggests a model where individuals control their own data, stored in a digital vault, allowing them to monetize their information through explicit authorization.
How might individuals benefit from controlling their data?
-Individuals could receive micropayments for their data, allowing them to choose what to share and with whom, thereby gaining financial rewards while maintaining privacy.
What concerns does the speaker raise about genomic data?
-The speaker expresses concern about the potential misuse of genomic data, suggesting individuals might prefer not to store sensitive information in the cloud due to fears of exploitation by companies.