Island must guard against cyber attacks
A former White House cyber security expert has warned that Bermuda is a plum target for computer criminals.
And she said that Government and the private sector would need to work together on the massive and expensive job of making the Island’s networks as safe as possible.
Theresa Payton, chief information officer at the White House between 2006-08, said: “It’s one of those things. Bermuda’s economy continues to grow and attracts large global corporations which are attractive to cyber criminals.
“Bermuda will want to think, from a cyber security standpoint, about what security infrastructure decisions they have to make.”
Ms Payton was speaking after she delivered the keynote speech at the three-day Bermuda Captive Conference at the Fairmont Southampton.
Ms Payton, who now runs her own computer security company, Fortalice, in North Carolina, said when Government’s thought of infrastructure, they tended to think of areas like roads, airports and buildings.
But she added: “The other piece of infrastructure is cyber security. Bermuda is a very attractive place for business and this has to be on the radar when it comes to bringing business here.”
Earlier, she told delegates that companies that were the subject of high-profile cyber raids stood not only to lose money, but their reputations.
And she said that businesses and governments needed to work together because of the high cost of cutting edge cyber security.
Ms Payton said: “It would be too expensive for Bermuda to bear the whole cost.”
Earlier, Ms Paton told delegates at the conference that any operating system which could be updated could be hacked.
She added that an annual US military exercise pitted opposing sides, with one attacking a system and the other attempting to defend it — and the hackers always won.
But Ms Payton said: “Every year we do this, it takes the bad guys a lot longer to get in and they get away with a lot less.”
She added that security breaches of computer systems were “inevitable.”
But she said: “What they get away with is not — it’s how you respond.”
Ms Payton said that new computer systems come out, security “is the last thing thought about.”
She added: “A lot of the time security follows later — I’m not saying that’s right, it’s just the way things work today.”
Ms Payton urged companies to think about the assets they needed to protect and work from there.
She told delegates that hacking was a major source of funding for terrorism, while computers and networks could be hijacked for hacking in a bid to deflect attention away from the real culprits.
And she pointed out that, in a survey, 24 per cent of people said they had already ditched a service provider because of security breaches.
Ms Payton told delegates that in 60 per cent of cyber breaches last year, the hackers “owned the network within minutes”, while 28 per cent of companies “very strenuously require” partners, vendors and suppliers to match their own levels of risk control.
She said that US institutions like banks and utility companies would have to “increase their spending by a factor of nine to block 95 per cent of cyber intrusion.”
She added that statistics showed that more than 95 per cent of past breaches were a result of human error and that 78 per cent of attacks happened “through tricking the user.”
Ms Payton said she had seen a bicycle wheel still locked to a post in Washington — although a thief had escaped with the frame and other wheel — with the frame being the most valuable part of the bike.
She told delegates: “The breaches are going to happen ... someone is going to break into your network, but when they do it, don’t let them get away with the bike. They can take the wheel or the basket.”
Motorcyclist seriously hurt in crash
Police: ignore porn scam e-mails
Taxpayers ‘picking up slack’ for underpaid
BTA: sports tourism can be year-round
Drink-driver nearly hit police car
Reunited and it feels so good
Avoid financial advice from broke people
Take Our Poll