08 Jul Cybersecurity in a Post-Pandemic World
Digital shifts that business leaders and CISOs need to understand
– Kumar Ritesh, founder and CEO of CYFIRMA
Singapore – Jul. 8, 2020
Pundits across the world have set their sights on a post-pandemic future, arguing that a new normal is about to descend upon us. While we recognize much of what the future holds is ambiguous, there is an area which will become our inevitable reality — cyberthreats that come with rapid digitalization.
According to a report by Cybersecurity Ventures, global cybersecurity spending is set to reach $1 trillion (USD) cumulatively over the five-year period from 2017 to 2021. This signals the priority boardrooms have placed on cyber risk management as digitalization impacts many aspects of business.
To wrap their mind around the post-pandemic realities, business leaders and CISOs would need to understand the cybersecurity impact of these strategic digital shifts. COVID-19 has become the catalyst to trigger change in the ways of managing and operating technology. Let me outline a few here.
Telecommuting is the only way of working for many
1. Adoption of virtual desktop will finally see an upswing:
With tele-working likely to become the norm, virtual desktops could become the security baseline for IT teams to enforce data management standards. Virtual desktops emulate a computer system so that IT can control access as such adding input/output devices as well as software and applications. This could become an important control point when remote workers are operating outside the safety of a corporate network.
To meet the stringent criteria of regulatory and corporate compliance regarding data security, many companies will see the adoption of virtual desktops as the go-to solution.
2. We will notice surge in adoption of decentralized cybersecurity:
Traditional cybersecurity controls dictate a centralized approach where data is consolidated from different sources to perform analysis and investigation. With swift digitalization, security controls will shift to data sources, similar to the trend witnessed in IoT. We could start seeing a new wave of anti-virus, data loss protection, digital rights management and endpoint-based firewalls and other security controls gaining traction.
With millions of employees working from home, hackers’ focus has shifted from enterprise to remote working individuals. To handle the menace that exists in cyberspace, decentralized cybersecurity will rise where greater emphasis will be placed on data sources such as actual remote employees themselves.
3. Rise in biometric way of authentication:
User access controls have largely revolved around one or two-factor authentication. These methods rely on “something you know (username)” and “something you have (password)” and given hackers’ interest in employees as the weak link to start a technical exploit, we will see cyberattacks directed towards individuals.
This means identity protection will be of priority and the best defence should focus on building authentication systems which focus on “who you are.” This would require advanced biometric solutions such as fingerprint/thumbprint/handprint, retina, iris, voice, and facial recognition technologies.
With biometrics, hackers’ attempt at impersonating you just got a lot harder than trying to break into passwords.
New processes will govern our way of work
1. Global privacy regulation and policies will require a re-look:
The current state of privacy regulations is designed around the enterprise network and building the proverbial wall to keep sensitive data out of prying eyes. With remote working concepts taking center stage, re-evaluation of these policies is needed to address the new cyberthreats.
From a risk management perspective, global privacy policies will need to encapsulate standard operating procedures regarding BYOD, GDPR compliance and state privacy laws.
Governance around companies and employees’ social media profiles would also have to be included as these platforms are frequently trolled by hackers as they carry out reconnaissance before launching a cyberattack.
2. Cloud will become more important than ever before:
The shift to cloud services offers employees, customers, suppliers, and everyone else across the ecosystem a seamless and frictionless access to data and applications. Remote access by various users would compound security challenges and presents many new potential attack vectors.
In the post-pandemic world, IT resources would shift towards data, particularly keeping data secure across cloud platforms.
3. Containerization technology will be extended beyond enterprise network to include endpoints:
IT architectures will extend containerization and zoning concepts to include not just systems, but also people, roles, and the level of sensitive data they possess. Containerization, thus, will be extended beyond enterprise networks to include endpoints such as remote worker machines and mobile devices.
This will facilitate cybersecurity teams to apply varied access controls and demarcate data storage to minimize risk of cyber intrusion and data breach.
Technology and tools are taking over
Innovative technologies such as ML/AI, AR/VR will see greater adoption. As we have already witnessed, video conferencing applications will continue to rise as non-contact interactions surge.
Sectors such as retail, hospitality and manufacturing will layer their adoption of robotics with added AR/VR capabilities. By digitalizing the previously labour-intensive processes, factory operators will enjoy improved efficiencies, but at stake will be cybersecurity, if it was not integrated during the early stage of transformation.
And let’s not forget people as critical cyber defenders.
Hackers’ technical exploits will flourish in level of creativity and ingenuity, and a digital ecosystem is the perfect playground for malevolent agendas. Social engineering techniques to trick untrained and unsuspecting employees, third parties and contractors into releasing confidential information or letting an intruder into the corporate network will also intensify accordingly.
Instead of seeing people as the weakest link, view them as your frontline defenders. Cybersecurity awareness training for people across the entire supply chain and ecosystem will prevail.
Fundamentally, a mindset shift is needed to meet the cybersecurity challenges in a post-pandemic hyper-digital world.
The industry has been groomed and coached to pay attention to cybersecurity alerts, incidents and breaches. These are what we refer to as “cyber events.” Our brains have been wired to jump and take action whenever we see a blinking red light on a SIEM or SOAR dashboard. And we react, en masse, when an actual cyber incident has already occurred. A cyber incident gets the attention of everyone across the corporate hierarchy, from the rank and file to the board of directors. Cybersecurity teams who are saddled with events-based approach will be overly burdened with triages when a cyber breach occurs.
To effectively reduce the number of cyber intrusions, a radical mindset shift is needed. Leaders must redefine the concept of a strong cyber posture and relegate event-based security to its rightful place — as an inferior approach to managing cyber risks and threats. A more effective approach to prevent data breaches and intrusion would be an intelligence-driven approach where a proactive hunt for threats would take center stage.
Security leaders’ metric of success is not how many incidents have been managed, but how many potential threats discovered and remediated.
By shifting away from an event-driven cybersecurity mindset, security leaders embrace cyber insights, signals and intelligence as guiding principles as they navigate toward a stronger cybersecurity posture.
Resources are directed to proactively identify potential attack vectors and build appropriate security controls. Security leaders are focused on unraveling the context around a threat indicator (such as attack motive, intent, etc.) and not just remediating indicators of compromise (malicious IP, signatures, patterns, files, etc.).
Leaders should be expected to predict a cyberattack and ensure cyber readiness before an event is triggered. Knowledge of the external threat landscape becomes a key insight that guides leaders in making business decisions. Cyber intelligence gathered is also applied across the various business functions.
Hacker groups will rattle the cages of government and businesses as digitization efforts escalate. Cybersecurity strategies would have to shift downline towards the remote worker, decentralized controls, and enhanced policy measures. And underlying all of that will be a robust intelligence-centric strategy as the guiding beacon.
Digital transformation and cybersecurity are twin engines for sustained success, and this has just risen to the top of the boardroom agenda as economies awaken to the new realities of a post-pandemic world.
– Kumar Ritesh is the Founder and CEO of CYFIRMA
Headquartered in Singapore and Tokyo, CYFIRMA is a leading threat discovery and cybersecurity platform company. Its cloud-based AI and ML-powered cyber intelligence analytics platform helps organizations proactively identify potential threats at the planningstage of cyberattacks, offers deep insights into their cyber landscape, and amplifies preparedness by keeping the organization’s cybersecurity posture up-to-date, resilient, and ready against upcoming attacks.
CYFIRMA works with many Fortune 500 companies. The company has offices and teams located in Singapore, Japan and India.