Cybersecurity – A Practitioners View

Cyberthreats are ubiquitous in the digital ecosystem. To combat them effectively we should weave Cybersecurity closely into the fabric of our digital lives. Cybersecurity permeates through how we access and use the internet, our smart appliances, our electronic gadgets, our navigation systems, and many such. Its presence (rather an absence) formulates our perceptions, and directly influences our decisions and who we trust. It is both intrinsic and implicit. Our very existence hinges on how cyber secure we are, and how cyber secure our ecosystem is. 

This blog is a preamble to cybersecurity. Watch this space for more insightful and detailed blogs. 

Technological advances have significantly altered the way organizations deliver products and services. While it increased our digital assets, it also exposed them to associated cyber risks. For our end customers’ convenience and delight, we are creating more interconnected systems that produce and consume data in real-time. As we add features or products, unfortunately, we are adding new risks to cyber portfolios. So, unless backed-up by efficient cybersecurity measures, innovation will not last long or bring the desired benefits. 

Our systems and gadgets read consumer data to understand consumer behaviour patterns and create prediction platforms. Though essential to provide a good experience, a privacy breach, even if it is unintentional and essential, may bring regulation and compliance issues. The repercussions of a lawsuit will be serious – reputational damage, financial losses, loss of customer trust, and sometimes even the collapse of a business. The cyber-attack on Travelex is a case-in-point. A year ago, Travelex was the leading foreign exchange company, now sadly they are under administration. It could happen to any organization at any level. In December 2020, one of the biggest cyber-attacks on US federal agencies has unfolded. 

With cyber-attacks, it is not a question of if… it is a matter of when. 

Cyberthreats are increasingly complex and sophisticated. Cybercriminals have started employing AI to create attacks much earlier than the cybersecurity teams using AI for defense. Some of the advanced variants of modern-day malware stay dormant before even launching attacks, while some continuously mutate themselves. Detecting such malware is an extremely arduous task. With great cyber skills, hackers use the latest technologies like AI, Botnets, etc to launch attacks 24*7 for fun and huge money. In these cyber battles, odds are heavily in hackers’ favor… they need to be right just once… but defending organizations need to be right all the time!!! 

So how can we, as organizations protect ourselves against these everyday evolving threats? While there is no easy answer, we should start with adopting a holistic, proactive, and continual approach to cybersecurity. AI-enabled prevention, detection, and remediation measures ably supported by people, processes, and technology, will help pre-empt, combat and defend against state-of-the-art cyber threats. Continual cyber posture checks, assessments, and improvements will promote much-needed cyber-secure platforms for businesses to innovate and add value to their customers. 

People

Everyone hears about cybersecurity. Only a few know the details. Those who don’t end up assuming or ignoring things. Not many know that phishing and credential theft are by far the most used means to breach into organizations. Humans are central to these. Hackers exploit our unhygienic cyber practices like creating easy-to-remember passwords that many can easily guess, or reusing passwords, especially across personal and professional fronts. They launch phishing attacks and play with our complacency, curiosity, and greed to extract sensitive and confidential information. With the advent of spear phishing and bait campaigns, it is much easier to trick unaware humans. 

To address these, every employee must undergo cybersecurity, phishing, and social engineering awareness programs. Organizations should make them mandatory and recurring, so employees acquire the necessary behavioral skills. It is a good idea to take the help of cybersecurity partners to tailor the awareness sessions to the organization’s needs. Gamification of cybersecurity awareness is quite popular and effective in increasing awareness levels. Many think humans are the weakest link in the cybersecurity chain. But with proper awareness and training, they can easily be turned into our first and best line of defense. 

Process

Every organization must have a cybersecurity policy, spanning various aspects that could impact its overall cybersecurity posture. At a macro level, these could be related to general security policies (clean desk policy, acceptable social media usage guidelines, password policies, etc.), and technology-related (application security, network security, data security, device encryption, patching, etc.,). Adhering to these policies will enforce the needed controls and ensure there are no misses either due to complacency or ignorance. However, striking the right balance between having too few and too many policies is critical to the success of cybersecurity. Every team with cybersecurity champions responsible for ensuring compliance to the process can successfully avert threats.

We should execute penetration testing of all key applications and systems on a scheduled basis and whenever there is a change to the threat landscape. Organizations should take a proactive approach by leveraging threat intelligence to actively detect the origin of attacks, trace the behavior, patterns, and feed them back into their cybersecurity policies. 

Engaging with cybersecurity partners who can monitor on our behalf, especially the deep and dark webs, to detect and alert on compromised credentials, false campaigns, any information, or IP leak will go a long way in preventing cyber threats. Cybersecurity assessments by external partners provide a holistic and unbiased view of the cyber-posture and we are sure organizations will benefit from such collaborations. 

Technology

Is technology a boon or a curse for cybersecurity? The answer lies in our efficacy of leveraging it!!! 

Quite often there is an overreliance on inbuilt security features within the technologies used. IT teams tend to assume that this will address their cybersecurity needs. While this is partially true, it is not complete. It is the orchestration of events that quite often exposes the vulnerabilities in a workflow. Carefully crafted payloads or malicious code can exploit these vulnerabilities and impersonate, privilege-escalate, and do the damage. Further, our unsafe cyber hygiene practices make it even easier.

AI and ML powered solutions are a must to win contemporary cyber battles. While traditional rule-based systems help, they cannot keep up to pace with hundreds of thousands of malware created every day. We need intelligent systems that continually self-learn to detect yet-to-be-identified malware mutations. We can use such systems to proactively detect and cure malware traces. Another novel concept that very few companies have attempted is monitoring real-time endpoints and detecting potential malicious activities. This will drastically reduce the meantime to identify and resolve them faster. AI, with ML powered automated remediation, can make a world-class cybersecurity ecosystem capable of self-learning and self-healing. 

And to conclude… 

Cyber-attacks are on the rise. There is a 50% rise in ‘reported’ cyber-attacks in 2020 and this is only going to increase every year. Organizations should realize that attacks are imminent, and one day they could also be attacked. Do they have a safe and clear path to restore business operations and minimize the impact?

Cybersecurity is a continual journey, and we should build it into organizational DNA. Organizations should drive the culture that, everyone is responsible for cybersecurity and should enforce necessary policies and processes to enable it. Cybersecurity is a niche area and organizations will benefit from having a trusted and capable partner to take care of these needs. 

A wise man once said…

We should stop treating Cybersecurity as a cost center, rather make it a profit center.

Write to us if you want to know more about how to accomplish this.