Advisen: What do you see as the greatest cyber risks today?
Dan Kruger: I think the greatest risks can be summarized by the following:
Advisen: What will the greatest threats be in 5 years’ time?
Dan Kruger: The sheer number of connected devices. Due to the Internet of Things, the number of connected devices will grow explosively by 10-100X. Every one of these devices will provide a communications pathway, and therefore, be a potential vulnerability that can be exploited. Thus the problems of today will be magnified if we don’t change the focus to the persistent control of data. If your cybersecurity focus is on hardening the perimeter, how do you think you will be doing in 5 years?
Advisen: Is the insurance industry doing enough to adequately address these risks?
Dan Kruger: No, I don’t think it is. The industry needs to insist on valid measures of control. The current measures do not comprehend the actual problem. To what degree is my data in control? To what degree would a breach be irrelevant? To what degree is the data I send to others reliably constrained in its use? To what degree is the use of my data being reported? Currently, the insurance industry is mostly focused on remediation after a breach occurs, rather than making the breach irrelevant.
Advisen: What keeps you awake at night?
Dan Kruger: As bad as IT (Information Technology) is, OT (Operational Technology) is worse. The vulnerability of our industrial plant (chemical plants located in dense population areas) is my personal nightmare. And we are rushing headlong into the Internet of Things that extends those vulnerabilities into every part of our environment.
Advisen: In your opinion, what is the single most important cyber risk development in the past 12 months?
Dan Kruger: I think the largest development has been awareness as a result of events such as the Snowden revelations and Target breach. We are finally confronting the real risk and cost of complacency and checkbox compliance.
***
Dan Kruger is founder, president and chairman of the Board of Directors of Absio Corp., a position he has held since 2009. A pioneer in software-enabled collaboration, Dan is a 30-year veteran in consulting to businesses on teamwork, communication, technology strategy and the design and application of collaboration software.