In a roundtable with members of the press, Giuliani and John Chen, the chief executive of BlackBerry, sat down to talk about broader trends in cybersecurity.
Computer crimes, Giuliani said, are generally on the upswing. “It’s is the fastest growing form of crime. It’s growing at rates that are almost impossible to calculate in almost every country,” he said. And cyber crime is becoming a larger part of Giuliani Partner’s consulting businesses. “A lot of consulting has involved cyber.”
There is a lot at stake. Giuliani Partners’ clientele includes small enterprises and operations, but government agencies, too. “When we get beyond the commercial and the harassment hacking, there are issues of national security,” Giuliani said. “There are many sensitive facilities and electrical systems.”
Worsening matters is a reluctance on the part of those clients to disclose data breaches and other forms of hacking. “In the past, there was [an unwillingness] to disclose successful attempts,” Giuliani said. “Private companies tried to do it on their own.”
That is why Giuliani partnered with BlackBerry. “They’ve developed some of the most secure software in the world,” he said.
Giuliani believes the biggest cybersecurity threats today are data theft — the surreptitious gathering of sensitive personal information like contact information, phone numbers, and email addresses — and ransomware, the infection of devices like cameras, temperature sensors, smart locks, and automation products for the purpose of extortion. “It’s the idea of a hacker taking a whole business or hospital down in exchange for money.”
Cybersecurity’s underlying dilemma, Giuliani said, is that it hasn’t kept pace with the tech industry’s other innovations. “We fell behind as a society,” he said. “We fell in love with all of our devices — and our ability to gain information. But we didn’t think about the fact that we have to increase defenses as we increase the amount of information we’re putting in the cloud.”
Chen used an example from BlackBerry’s Security Summit earlier this year to illustrate ransomware’s damaging potential. “A hacker could infiltrate a network with a Wi-Fi-connected home coffee pot,” he said. As long as the appliance in question shares the same network as every other device in an urgent care, a nefarious coder could “watch over other people’s login.” From there, the hacker in question could gain access to, say, an internet-connected morphine infusion pump and alter a patient’s dosage.
The problem’s exacerbated by the burgeoning Internet of Things. “Eventually, the world is going to connect the home, car, and office,” said Chen. “You’ll be able to update records, bring them to your car, and finally to your home Wi-Fi. A hacker could easily access your Wi-Fi and change those records at every transfer point.”
Giuliani contends that a lack of legislative — and regulatory — boundaries presents an added challenge. “We need more legislation” with to sectors like banking, Giuliani said. In U.S., he predicts regulations will emerge in the form of new Security and Exchange Commission (SEC) rules. “Business with banks requires a lot of cybersecurity — there’s a lot of activity and a person can lose a lot of money.”
Giuliani believes that fear of cyber breaches and theft has dampened innovation. He gave the example of a “health record card”: a single, compact credit card-sized device that could hold a person’s entire medical record. “You would know as much about me as my doctor knows about me,” he said. “But many people resist the idea because they think it can be hacked or stolen.”
It ultimately comes down to proactivity, Giuliani said. “When I talk to people about cybersecurity, I recommend they approach it in two phases: Buy the best possible defense you can afford, and the best possible detection mechanism.”
