MIAMI: Almost half of organizations globally will have experienced a cyberattack on their software supply chains by 2025, according to analyst firm Gartner.
As Manuel Medina, founder and managing partner of Medina Capital, said: “There are only two types of enterprises and government agencies today: the ones that have been hacked and the ones that are going to be hacked.”
Speaking at the FII Priority conference in Miami, Medina highlighted the risk of cyberattacks, and said: “The internet was not designed to do what it’s doing today.”
Globalization and technological advances, such as cloud computing, mobility and virtualization, have made the internet less secure.
Companies across a host of industries are spending billions digitizing their infrastructure, but that infrastructure is difficult to protect, he said.
On an individual level, it mostly comes down to common sense, Medina added.
Social media companies do not charge users on their platforms because they are monetizing the users themselves, and by sharing copious amounts of personal information, users are only making it easier for both social media companies and potentially hackers to access their data, he said.
“They (social media companies) take your personal identity, and everything that they do is (about) how they track you in order to get commerce and sell you stuff. So, that’s totally contradictory to protecting you.”
Medina Capital, which hires “elite hackers,” has a motto of not liking people, because “people are the weak link,” Medina said.
“You are as strong as your weakest link.”
He added: “You can have the best software and the best systems,” but “human weakness” is the reason for the collapse of a security system.
Cybercriminals do not need weapons, politics or strategy; all they need is a laptop and a network connection, and governments need to evolve and cooperate to tackle this kind of criminal, Medina said.
Prosecuting cybercriminals is difficult because of globalization and innovation whereby it is possible for some evidence or information to be stored on a server located in a different country than the one where the criminal is being prosecuted, he said.
“The system today is the same system that it was 80 years ago. So, one of the things that we need to do is bring ourselves up to date.”
Individuals, too, need to do some basic “common sense stuff” to protect themselves, such as using multifactor authentication and storing their passwords in a secure digital wallet, he said.
“You have to sacrifice a little bit of convenience in order for you to be able to sleep better at night.”