The shift to interconnected operations and an expansive distribution of work has created a “perfect storm of complicated challenges” for cybersecurity, Box CEO Aaron Levie said.
There could not be a harder set of factors in trying to assess real versus fake threats, malicious activity, and internal or external threats in this mixed environment, Levie told Cybersecurity Dive last week.
This helps explain why cybersecurity is now the most important and active topic discussed throughout Box’s workforce, with customers and among the board of directors.
CISOs, CIOs and heads of engineering are responsible for the design and delivery of a security strategy, but any CEO and any board must have a high degree of insight into cybersecurity threats and activities, according to Levie.
Levie assumes the ultimate responsibility for the protection of Box customers' most important data, he said. Security is one of the biggest factors and dimensions of the company’s resilience.
Box endeavors to keep customers informed and provide tools such as Box Shield to detect potentially malicious activities, establish access controls and persistent visibility. Lines of responsibility around customer data are less of a concern, Levie said.
The enterprise cloud content management company maintains a flexible approach to the default security requirements it imposes on customers, but it shares advice and provides access to controls and tools consistent with best practices.
Levie thinks the days of one-time passcodes via text message are numbered, but that doesn’t mean Box can institute a ban on the practice among its customers.
Enterprises recognize the heightened level of risk in identity and access management and appreciate the sensitivity and value of their data more than ever before, according to Levie.
“Unfortunately the trends are all pointing to a more complicated environment,” Levie said.
“Hyper personalized at-scale phishing has just become, effectively, insanely inexpensive” with the aid of AI phenomena like ChatGPT, he said.
“These are very, very complicated, dynamic, chaotic times on the security front,” Levie said. “This is an era where your architecture matters, your partners matter, your technology decisions matter. And it's not going to get less interesting.”