[BreachExchange] The Future of Cybersecurity

Audrey McNeil audrey at riskbasedsecurity.com
Thu May 17 18:01:08 EDT 2018


Mr Robot, the award-winning TV series portrays a world where everyone and
everything is under scrutiny. With a huge cult following that cuts across
generations, it paints a picture of dark forces that control our every
move. According to the show, survival in a technology-driven world depends
on understanding, embracing and managing ever-increasing cyber risks. And
quite often, art mirrors life in more ways than we might think.

As new data protection regulations come into effect on 25th May (GDPR), the
onus is on firms to protect customer data. But, research shows that few UK
organisations have a good understanding of the risks associated with
cybercrime. Fewer still, realise that their reliance on cyberspace and its
vulnerabilities may soon affect not just their business processes, but
continuity, too.

Scale of the Problem

It is estimated that every day the world generates roughly 2.5 quadrillion
bits of data. The emerging cyber risks reveal a world that is not only
obsessed with data but is riddled with complexity. As we become ever more
dependent on technology to manage our lives, hacking, malware, phishing and
other data security issues are now commonplace. The digital economy has
created a world of unlimited access and alerted us to the real dangers that
we face, where anybody can be compromised, at any time, from any source.

There are many threat vectors. As cybercriminals hiding behind fake
identities and data breaches become increasingly common, their impact
echoes across industries. Consider the most significant data breaches of
the recent past; eBay, Yahoo, Anthem Blue Cross, Equifax and other recent
case studies, which have exposed the seriousness of the issue.

And, it is bound to get worse as the cost of personal and corporate privacy
escalates. In 2017, US state government servers were hijacked using
“sophisticated mechanisms designed to be extremely invasive and hard to
research.” The message is now clear that all facets of our corporate and
personal life are vulnerable to cyber-risk. Today’s attackers are adept at
finding weaknesses in traditional security products and creating new ways
to exploit them. And, with a rising shortage of skilled personnel, the risk
to organisations is more daunting.

Changing Landscape of Threats

>From data exfiltration to system hacks, the environmental landscape has
shifted from one-dimensional to multi-layered attacks that have become the
most damaging and least likely to be detected. A hyper-connected digital
world creates opportunity as well as anonymity and criminal activity.
Increased accessibility without the right security tools designed to help
defend against the new threats will make us vulnerable. But, proactive
innovation could create better opportunities for effective threat detection
and response.

Understandably, the emphasis on a traditional approach to information
security is based on the principle of keeping threats out. However, in a
fast-evolving threat environment, the limitations of legacy security tools
cannot be overstated, as the knowledge of yesterday’s attacks is no
guarantee of protection against those of tomorrow. Several new solutions
can be effective in a firm’s security strategy; from endpoint devices and
applications such as anti-virus software that looks for malware, to border
controls, sandboxes, data loss prevention and log tools, which collectively
monitor real-time network activity to seek out and isolate risky files.

Innovation to meet cybersecurity challenges

The dynamic nature of the internet ensures that threat intelligence becomes
redundant quite quickly if it is not supported by innovation. As many firms
brave the threat of cyber-attacks, information-sharing offers a silver
lining, to build a common base of knowledge and best practice in the face
of ever-growing complexity of cyberspace. Awareness should be the starting
point to adopting new technologies. For example, in the event of an attack,
firms must immediately declare the incident and report the ensuing response.

An emerging perspective is that innovation ought to form part of broader
governance, risk and compliance puzzle, and would help to rethink the
current approaches to cybersecurity. So too would the assessment and
implementation of new security technologies that offer a global change
management opportunity, as the evidence shows. Traditional detection-based
security approaches have not been effective. They are reactive and will
only protect firms from already known, but not unknown, risks.

Sharing Threats

Cyber threats that are highly evasive employ tricks to infiltrate and
extract information. Protecting against such actors requires a different
strategy, and one that hunts for signs of hidden risks, automates defensive
responses and extracts rich forensic insights for future protection
measures. It is especially challenging to discern what is good or bad web
traffic. But, recent developments have identified more effective ways to
combat new and unrecognised attacks. For instance, “isolation-based”
security is useful in preventing all web code from ever reaching a user’s
computer. It only allows the user to interact virtually with web content
without the potential risk of compromising the endpoints.

The future of cyber security must be more vigilant in assessing suspicious
activities and sharing intelligence on threats and recovery processes. Not
that it will stop threats entirely, but it could go a long way to provide
insights, pre-emptively protect against the most sophisticated attacks, and
future-proof critical business infrastructure.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180517/907ef9dc/attachment.html>

More information about the BreachExchange mailing list