author photo
By Bruce Sussman
Thu | Nov 29, 2018 | 7:34 AM PST

If you remember anything about Greek mythology, chances are you recall the multi-headed serpent called the Hydra. As Hercules found out when he cut off one of its heads, two more would pop up.

Dr. Chris Pierson says that 2019 cybersecurity trends will drive security leaders to think of cyber risk like it's a Hydra and attack it that way. Pierson has spent more than two decades in InfoSec leadership.

2019 cyber risk is a multi-headed problem

Watch our interview from the SecureWorld cybersecurity conference as he explains the Hydra of cyber risk: 

"If you attack something from just a pure cybersecurity perspective and haven’t considered the business implications, the privacy implications, or the sale of the products and services your company has implications, you potentially could be making this a lot worse for yourself," Pierson says.

"The analogy I use really is think about what it is you are attacking, think about the nature of the beast. Make sure you understand it is multi-headed. You need to attack each aspect together and also not just by yourself, but also with other co-partners on your team and in your company. The privacy people, the lawyers, the marketers, the salespeople."

ISF top cybersecurity risks for 2019

Speaking of a Hydra of risk, the Information Security Forum just announced its top information security threats for 2019. The ISF Top 4 cyber threats for 2019 include:

  1. The Increased Sophistication of Cybercrime and Ransomware 
    "Criminal organizations will continue their ongoing development and become increasingly more sophisticated. Some organizations will have roots in existing criminal structures, while others will emerge focused purely on cybercrime."
  2. The Impact of Legislation
    "National and regional legislators and regulators that are already trying to keep pace with existing developments will fall even further behind the needs of a world eagerly grasping revolutionary technologies."  
  3. Smart Devices Challenge Data Integrity
    "It will be problematic for organizations to know what information is leaving their networks or what is being secretly captured and transmitted by devices such as smartphones, smart TVs or conference phones. When breaches occur, or transparency violations are revealed, organizations will be held liable by regulators and customers for inadequate data protection.
  4. The Myth of Supply Chain Assurance
    "In 2019, organizations will discover that assuring the security of their supply chain is a lost cause. Instead, it is time to refocus on managing their key data and understanding where and how it has been shared across multiple channels and boundaries, irrespective of supply chain provider.  This will cause many organizations to refocus on the traditional confidentiality and integrity components of the information security mix, placing an additional burden on already overstretched security departments."  

Hercules finally did defeat the Hydra, by collaborating with his friend Lolaus. Hercules would cut off a head and Lolaus would seal the wound shut with a torch or hot iron, so no head could grow in its place.

And this is why Dr. Chris Pierson says cybersecurity must partner with multiple lines of business within an organization. Collaboration offers the best hope of defeating the cyber risk beast.

Speaking of collaboration, here is SecureWorld's 2019 regional conference schedule