Almost every single day, somewhere in the world, a company falls victim to cyber attackers, even with millions spent on cyber security.

Every business is a target because they have data and there are too many doors, windows and entrances for cyber attackers to enter, whether it is locally or in the cloud. It's not a question of, but when the attackers come in.

Prevention efforts are of course important, but when attackers come in, equal attention must be on detection in the future. And the focus must be on early detection, otherwise it will be too late.

My book, Next Level Cybersecurity, is based on intensive reviews of the world's biggest hacks and reveals the signals from the attackers that companies are either missing or do not know how to detect early apart from all the noise. So the attackers slip over cybersecurity, remain undetected and steal data or commit other damage.

In the book, I explain the Cyber ​​Attack Chain. It is a simplified model that shows the steps that cyber attackers tend to follow in almost every hack. There are five steps:
external reconnaissance
intrusion
lateral movement
command and control and
performance.
At each step, there will be signals about the attackers' behavior and activity. But the signals in the intrusion, lateral movement, and command and control steps provide the greatest value because they are timely.

The external reconnaissance step is very early and the signals may not turn into an attack, while detecting signals in the execution step is too late because data theft or damage has already occurred at this time.

My research uncovered 15 major signals in penetration, lateral movement, and command and control steps that were to be the focus of detection.

My study of the world's largest hacks reveals that if the company had detected signals from the attackers early in the intrusion, lateral movement or command control, they would have been able to stop the hack and prevent losses or damage.

My book shows how to detect the signals in time using a seven-step early detection method. One of the key steps in this method is to map relevant signals to Crown Jewels (important data, IP or other assets). It is a good utility case for machine learning and AI. There is a lot of noise, so machine learning and AI can help eliminate false positives and expose attackers' signals early to stop the hack.

There are two blind spots that almost every business worldwide is facing that cyber attackers will take advantage of, starting in 2019 that businesses need to get on top of.

A blind spot is the cloud. There is a false sense of comfort and lack of attention to detection, thinking that the cloud is more secure because of the cloud provider's cyber security, or because the cloud provider has an out-of-the-box surveillance system. However, if the company does not identify all the crown jewels and maps all relevant cyber attack signals for surveillance, the attackers will come in, remain undetected and steal data or commit other damage in the cloud.

The other blind spot is the Internet of Things (IoT). IoT devices (such as smart TVs, webcams, routers, sensors, etc.), with 5G on the way, will be ubiquitous in businesses around the world. While IoT devices offer many benefits, they are a weak link in the chain due to poor built-in security and lack of monitoring. Cyber-attackers will focus on IoT devices to make the intrusion and then turn to get to the crown jewels. Detecting early signals from cyber attackers trying to exploit IoT devices will be critical.

Companies around the world need to prioritize cyber security, starting in the boardroom and with the CEO. It all starts at the top. In both cases, my intensive reviews of the world's biggest hacks reveal a common theme: inadequate or missing CEOs and cybersecurity oversight.

Here are five key questions from my book that CEOs should take the lead on and work with management to ask management to ensure that the company does not become the next victim of cyber-attacks and suffers significant financial and reputational damage:
Have we identified all our crown jewels and are not missing any?
Do we know where all the crown jewels are located?
Have we identified all the ways cyber-attackers could get to the crown jewels?
Have we mapped signals with a high probability of cyber-attackers trying to get to the crown jewels with each crown jewel?
Are we sifted through all the noise to detect early signals and report to the CEO and the board in a dashboard report for timely oversight?
If your answer is No to one of the questions or you are in doubt, you have a hole or a blind spot and are in danger and you need to follow up to get to a high confidence Yes answer.

In my book, Next Level Cyber ​​Security, I provide other important questions to ask and a practical seven-step method of taking cyber security to the next level to be one step ahead of attackers. It is written in plain language for boards, executives and management so that everyone can come on the same page and together mitigate one of the most significant and disruptive risks today, cybersecurity.