On 09.10.15, the AIANY Design for Risk and Reconstruction Committee organized a panel on cybersecurity, providing guidelines for how to continually protect firms of all sizes from digital risk. Essential to resiliency and business continuity, cybersecurity includes practices such as securing financial accounts and critical data from hackers, and protecting a company’s reputation and brand on the Internet.
Moderator Barbara A. Nadel, FAIA, principal, Barbara Nadel Architect, began the evening highlighting the rise of visible and invisible forms of security after 9/11, and the critical importance of balancing transparency and security. Joseph Lawlor, associate managing director of Cyber Investigations and Incident Response at K2 Intelligence and a former FBI agent, presented many disturbing statistics: 70% of cyberattacks reach secondary victims, such as clients, and 75% of infections spread from the first victim to the second within one day; meanwhile, it takes 275 days, on average, for a company to recognize that it has been attacked. More often than not, Lawlor said, hackers enter servers through legitimate credentials. This makes it essential to create strong and unique passwords, in addition to installing updates and antiviral software regularly, backing up data offsite, practicing safe web browsing, having a defense plan, and continually reassessing your plan. Cybersecurity is critical to maintaining client relationships, as clients rely on firms to protect their personal and financial information. Moreover, as Craig Bueker, CEO and co-founder of Criterion 360, stressed, digital assets, from public presence to work proposals, are the fabric of any contemporary business.
Gary Bahadur, president of KRAA Security, advised training all employees to practice safe Internet use, including abstaining from laptop use or data transfer offsite, and exercising discrimination when sharing information, data, and opinions over e-mail, social media, or any Internet site. Lawlor recommended that employees be trained first to employ safe measures in their personal life, cultivating cautious practices they will bring to work. Bahadur honed in on the particular risks presented by social media, where there are no related security strategies in place, no enterprise-wide social media policies, no legal oversight of practices and uses, no training of employees to adequately use it, and no measurement of reputation risk.. There are also the risks presented by mobile devices, from which it is easy to track location as well as access data.
Each speaker approached cyberattacks as an unfortunate but inevitable reality, seeing the world in two categories: those that have been hacked, and those that will be hacked. At the end of the evening, each gave their most succinct advice to the audience: Take cyberattacks seriously. Know your brand, and know your vulnerability. Train your employees, and have a plan.
Event: Cybersecurity 101: How to Protect Your Data, Designs, and Drawings
Location: Center for Architecture, 09.10.15
Speakers: Gary Bahadur, President, KRAA Security; Craig Bueker, CEO and Co-Founder, Criterion 360; Joseph Lawlor, Associate Managing Director, Cyber Investigations and Incident Response, K2 Intelligence; and Barbara A. Nadel, FAIA, Principal, Barbara Nadel Architect (moderator)
Organized by: AIANY Design for Risk and Reconstruction Committee
Sponsored by: K2 Intelligence with additional support from SDA NYC