Cybersecurity may be beating cyber fear

Despite the drumbeat of data breaches, such as Facebook’s, the good news is that companies and governments are putting security first, according to a new survey.

Facebook CEO Mark Zuckerberg speaks at his company's annual F8 developer conference in San Jose, Calif., last year. He is expected to testify before lawmaker in Congress on April 10 and 11.

AP Photo

April 5, 2018

When Facebook founder Mark Zuckerberg testifies before Congress on April 10-11, he will try to explain why the social media giant let the personal data of 87 million users be exploited for targeting voters in the 2016 election. Yet just as important will be Facebook’s promised remedies for the privacy breach. The public will see how even the most innovative digital firms are quickly learning to better protect data.

Despite a drumbeat of data breaches in recent years, such as those at Facebook, Uber, and Equifax, the good news is that cybersecurity may be improving, at least in the United States. Both companies and governments “are getting better at discovering compromises in-house with their own internal teams,” according to a global survey by cybersecurity firm Mandiant.

In the US last year, nearly two-thirds of cyber intrusions were detected by organizations themselves rather than by a third party. And in the Americas generally, the median time between when a computer breach was detected and was resolved has fallen from 99 days in 2016 to 75.5 days. Worldwide this so-called dwell time is now only a quarter of what it was in 2011.

Why are detection capabilities improving? Big data collectors such as financial firms cannot afford the loss in public trust or bear the burden of becoming closely regulated. Insurance companies are also demanding upgrades in cybersecurity. And more organizations are hiring “white hat” hackers to test computer systems and hunt for bugs.

Another trend is that software developers are putting security first. “Increasingly privacy and security is being baked in from the moment the coders sit down and start writing the code to make their new technologies feasible,” states Jason Kratovil of the Financial Services Roundtable, an advocacy group for the industry. “Privacy by design, security by design are starting to become sort of the de facto standard by which entrepreneurs and technologists are building applications.”

Big Data, the catch phrase for the dominance of computers in commerce and governance, is here to stay. But as cyberattacks rise, cyber protection is fast catching up. The fear of data abuse is slowly giving way to building up trust in how data is used. With more diligence – and with more digital executives like Mr. Zuckerberg grilled by Congress – the promises of the Digital Age will eventually win over the perils.