Rethinking cybersecurity in a digitally connected world

Cybersecurity is a popular buzzword in the era of digitalization. The rapid advancement in digital technologies such as big data, Internet of Things, cloud, blockchain and artificial intelligence, data security and hyper-connectedness has significantly raised cybersecurity risks and threats, as never before.

With promising technologies also come vulnerabilities associated with privacy and security. In fact, data security is the biggest problem in the digital age. As organizations embark on their journeys of digital transformation, they need to look for security approaches to ensure data protection.

According to the Cyber Threatscape Report 2018 published by Accenture, Organizations and critical infrastructure will likely experience a greater number of, and more-destructive cyber attacks, including physical damage perpetrated by highly funded rogue nation states and cyber criminals looking to disrupt business operations, make money or spy on targets. Ransomware continues to be the most prevalent attack vector for extortion operations, with attacks doubling from 2016 to 2017, rising from 13 percent to 27 percent of all reported incidents targeting corporations, the report adds.

The report has identified five key areas that are influencing the cyber threat landscape:

1. Iran-based threat actors and threat groups are likely to continue to grow their malicious activities and capabilities in the foreseeable future.
2. Cyber-criminal, espionage and hacktivist groups will continue to target supply chains and the strategic business partners that contribute to them for monetary, strategic and political gain.
3. Critical infrastructure is a high-value target for threat actors. The oil and gas industry organizations will continue to be an attractive target for threat actors.
4. Advanced persistent threats are becoming more financially motivated. Groups such as Cobalt Group and FIN7 have been targeting large financial institutions and restaurant chains successfully.
5. Miner malware is creating a cryptocurrency surge. Cybercriminals have grown their use of cryptocurrency miner malware and are likely to continue into 2019 in a shift toward malware mining alternative cryptocurrencies, most notably, Monero.

Also, the first volume of ISACA State of Cybersecurity 2018 Report, released at the RSA Conference in San Francisco, back in April 2018 reveals the following trends:

• High likelihood of cyberattack continues. Four in five security professionals (81 percent) surveyed indicated that their enterprise is likely or very likely to experience a cyber attack this year, while 50 percent of respondents indicate that their organization has already experienced an increase in attacks over the previous 12 months.;
• Nearly 1 in 3 organizations (31 percent) say their board has not adequately prioritized enterprise security.
• Men tend to think women have equal career advancement in security, while women say that’s not the case. A 31-point perception gap exists between male and female respondents, with 82 percent of male respondents saying men and women are offered the same opportunities for career advancement in cybersecurity, compared to just 51 percent of female respondents. Of those surveyed, about half (51 percent) of respondents report having diversity programs in place to support women cybersecurity professionals.
• Individual contributors with strong technical skills continue to be in high demand and short supply. More than 7 in 10 respondents say their organizations are seeking this kind of candidate.

Taking all of the above trends into account, it is clear that our private and confidential data is highly vulnerable. The increased adoption of digital technologies throughout the business, governments, and society has increased connectivity worldwide and thus the volume of data generated over the networks. Interestingly, data is directly proportional to vulnerability, i.e. more data equals more vulnerability.

 (Image Credit: Pixabay)

Past incidents of cyber attacks

• In August 2018, cybercriminals managed to siphon off over Rs 94 crore through a malware attack on the server of Pune, India based Cosmos Cooperative Bank Limited.
• Cybercriminals penetrated Equifax (EFX), one of the largest credit bureaus, in July 2017 and stole the personal data of more than145 million people. It was considered among the worst breaches of all time because of the amount of sensitive information exposed.
• WannaCry that spanned more than 150 countries leveraged some of the leaked NSA tools. In May 2017, the ransomware cryptoworm targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency. The attack was estimated to have affected more than 200,000 computers across 150 countries, with total damages ranging from hundreds of millions to billions of dollars.
• In April 2018, Facebook data breach affected 87 million users whose data was improperly shared with the political consulting firm Cambridge Analytica, to influence voter opinions.

These attacks clearly reveal the vulnerabilities of modern cyber infrastructures and also highlight the importance of cybersecurity as an integral element of an organization’s digital transformation journey.

As per a recent research, unsecured protocols, password flaws, missing system patches, out-of-date software and cross-site scripting comprised the top five most common enterprise vulnerabilities in both external and internal networks. 

No country, no organization, no government is immune to cyber attacks, cybercrimes, and invasion of privacy. The hyper-connected world needs to understand the potential threats and utilize the latest defensive techniques to help address potential vulnerabilities and stand vigilant against future attacks. To reap the value of technological innovation, a robust, coordinated system of global cyber resilience is indispensable to effectively mitigate the risk of cyber attacks. While traditional approaches are getting increasingly ineffective, a holistic and risk-based approach to combat cyber attacks is the need of the hour.

Potential measures that organizations can take to achieve cyber resilience must include:

Policy development

• A comprehensive and transparent national cyber strategy that incorporates private, public and civil sectors is critical to achieving cyber resilience. Additionally, it is equally important to check its successful implementation.
• Partnering with Law enforcement agencies to get up to speed on cybercrime.
• A multi-stakeholder approach to fight against cyber crimes.

Developing Cyber-security awareness

• Educating users to strengthen the awareness level and vigilance against online frauds, scams, and tricks.
• Organizations should implement initial and periodic cybersecurity training on information security concepts for their employees to identify potential threats and vulnerabilities.

Technical approaches

• Implementing network segmentation so that a compromise of one device or sector would not affect the entire system.
• Employing breakthrough technologies like AI, machine learning, and automation systems to boost cyber defenses.
• Regular back-up and updates to other off-site devices to ensure additional protection and quick recovery.
• Using strong passwords may help prevent “brute force attack” where the cybercriminals use software tools to try millions of character combinations to attempt an unauthorized login.
• Evolving and adapting the role of next-generation chief information security officers (CISO) to integrate security.

Incidents response plans

• Despite taking a number of preventive and potential measures, many organizations often experience compromises.
• To identify compromises at the earliest stage and to minimize damage and continue to operate under attack, incident response plans are needed.

Investments and Research

• Encouraging investments in cybersecurity technical education and research and development.
• Investing in leading technologies like artificial intelligence, machine learning, and automation that can automate defenses and respond in real-time.

And let’s not forget the famous saying by Benjamin Franklin ‘an ounce of prevention is worth a pound of cure’ because it literally takes fewer efforts to prevent something than to fix it afterward. Hence, preventing cyber attacks should be the key priority than to wait until the attacks happen. Last but not the least, integrating traditional approaches with modern technologies, legal frameworks and policies will surely work to address cyber risks and achieve resilience in the cyber ecosystem.