By Nicholas Ismail, Global Head of Brand Journalism, HCL Technologies Ltd.
With the mass movements of workloads online and the increasing reliance on software and digital technology, remote workforce, organizations – across public and private sectors – have become vulnerable to cyber attack.
This type of virtual corporate espionage or state-sponsored hacking is now the new normal, with an ever-expanding attack surface area that hackers can exploit. The attack surface area includes the rise of IoT devices, cloud applications and digital supply chains.
The situation is challenging and only getting worse.
In the last month alone, hundreds of companies have potentially been put at risk by a hack on Okta, Russia has been accused of hacking Ukrainian satellite communications, Ukraine’s internet provider has been targeted by a cyber-attack and in the UK, seven teenagers have been arrested in relation to their involvement with the cyber-gang, Lapsus$. This is just what’s been reported.
Taking advantage of the accelerated shift to remote and hybrid work, hackers are using ransomware attacks and phishing campaigns, among many others, to undermine the CISO’s ability to protect the enterprise. It’s also clear that in conflicts, such as the current war in Ukraine, cyber-attacks are now part of modern warfare.
From a business perspective the problem is, as organizations expand their digital ecosystems and rely on third parties to maintain that ecosystem, new threats can get introduced which makes it even more difficult to defend.
“Cyber Resilience is a constantly moving target as businesses can get exposed to new threats and risks every second, every hour and every day while exploiting the benefits from their Digital transformation journey,” said Amit Jain, Executive Vice President, Cybersecurity & GRC Services, HCL Technologies.
Proactive cyber security
To effectively mitigate the regulatory, financial and reputational damage caused by a successful hack, or cyber-attack, organizations must move from a reactive to proactive state of cyber security.
What does proactive cyber security look like? To start with, an intelligence-driven approach is required. An example is to use real-time threat feeds in identifying and stopping malicious bot activity.
” A Dynamic Cybersecurity approach is the need of the hour, which not only looks at policies, process and technology but also considers people and culture as a key ingredient to building a resilient posture,” said Renju Varghese, Fellow & Chief Architect, Cybersecurity & GRC Services, HCL Technologies.
By using machine learning and data mining tools, threat analysts can identify hacks or breaches before the attack has had time to cause significant damage.
To gather and examine this intelligence effectively, these tools need to be able to analyze data from a variety of sources, including software, hardware, endpoints and IoT devices – basically, any medium that could be exploited as an attack vector.
With the scale, speed and variety of threats, proactive cyber security should also be tied into an automated solution that can analyze and identify any potential threats, and take the required actions to mitigate them, without the need for extensive human intervention.
Vendor and security product consolidation
To further embed a culture of proactive cyber security, security leaders should consolidate their security controls into a more unified platform as opposed to several best of the breed disparate products. This will lower the costs involved and improve operational efficiencies, leading to a stronger security posture as a result of lower complexity.
It’s a trend organizations are embracing, with Gartner predicting that by 2024, ‘30% of enterprises will adopt cloud-delivered secure web gateway (SWG), cloud access security broker (CASB), zero trust network access (ZTNA) and branch office firewall as a service (FWaaS) capabilities from the same vendor’.
This consolidation applies to security products, which need to share consistent security policies that seamlessly exchange data without impacting workflows.
“Top cyber security trends don’t exist in isolation; they build on and reinforce one another,” said Peter Firstbrook, research vice president at Gartner. “Taken together, they will help CISOs evolve their roles to meet future security and risk management challenges and continue elevating their standing within organizations.”
Mr Jain added that preparation is key. “Cyber attacks can’t be avoided but preparedness and agility, along with lower complexity would allow organizations to truly be able to respond to cyber threats quickly and create a sustainable dynamic Cyber Resilience.”