Bob Stasio: Understand there is a limit in static cybersecurity measures

Jeffrey MacMillan/The Washington Post - Bob Stasio, chief executive for the cyber consulting firm Ronin Analytics, played the role of hacker in Washington Post Live’s cyber attack war game scenario, Oct. 3

As part of its 2013 Cybersecurity Summit, Washington Post Live convened leading national security officials, industry experts and journalists for conversations addressing cyber risks and the future of cyber defense.

Bob Stasio, former chief of operations, NSA Cyber Center; Chief executive, Ronin Analytics

Gallery

Contrails from jet planes passing overhead intersect the National Museum of Art in Washington, Thursday morning, April 17, 2014. (AP Photo/J. Scott Applewhite)

Photos of the day

Scenes from Holy Week events, South Korean ferry search efforts, macaw conservation and more.

If you’re a company, the best thing to do is to understand that there is kind of a limit in investing in static security measures. At some point you have to realize you’re going to get hit and you have to realize when that happens. So it’s having situational awareness of what’s happening in your network, so you can find the threat in 10 minutes or 10 hours versus 350 days, and find specifically where it occurred and remediate it.

I would say for an individual, the best thing you can do to make yourself not a target is understand what information is on the Internet about you. That means Googling yourself, setting up Google alerts, understanding what you’re putting on your social media profile. I practice abstinence when it comes to social media. I actually don’t have a Facebook account or a Twitter [account]. That’s really the best way to do it. But really, it’s understanding what’s out there because anything you put there, your birthday, where you went to high school, your husband’s name, your dog’s name — all those can be used to target you. For example, if you lost your bank account password, I can go on and try to figure out the secret questions by information you posted on social media.

The arms race in cybersecurity

After leaks, NSA struggles for trust

Fort Meade transforming from Army base to cyber city

 
Read what others are saying