As new data protection regulations come into effect on 25th May (GDPR), the onus is on firms to protect customer data. There are serious penalties for a breach of that custodial trust, up to €20 million or 4% of the company’s global annual turnover of the previous financial year, whichever is higher, and therefore a good reason to comply with the regulation. But, research shows that few UK organisations have a good understanding of the risks associated with cybercrime. Fewer still, realise that their reliance on cyberspace and its vulnerabilities may soon affect not just their business processes, but continuity, too.
Scale of the Problem
It is estimated that every day the world generates roughly 2.5 quadrillion bits of data. The emerging cyber risks reveal a world that is not only obsessed with data but is riddled with complexity. As we become ever more dependent on technology to manage our lives, hacking, malware, phishing and other data security issues are now commonplace. The digital economy has created a world of unlimited access and alerted us to the real dangers that we face, where anybody can be compromised, at any time, from any source.
There are many threat vectors. As cybercriminals hiding behind fake identities and data breaches become increasingly common, their impact echoes across industries. Consider the most significant data breaches of the recent past; eBay, Yahoo, Anthem Blue Cross, Equifax and other recent case studies, which have exposed the seriousness of the issue.
And, it is bound to get worse as the cost of personal and corporate privacy escalates. In 2017, US state government servers were hijacked using “sophisticated mechanisms designed to be extremely invasive and hard to research.” The message is now clear that all facets of our corporate and personal life are vulnerable to cyber-risk. Today’s attackers are adept at finding weaknesses in traditional security products and creating new ways to exploit them. And, with a rising shortage of skilled personnel, the risk to organisations is more daunting.
Changing Landscape of Threats
From data exfiltration to system hacks, the environmental landscape has shifted from one-dimensional to multi-layered attacks that have become the most damaging and least likely to be detected. A hyper-connected digital world creates opportunity as well as anonymity and criminal activity. Increased accessibility without the right security tools designed to help defend against the new threats will make us vulnerable. But, proactive innovation could create better opportunities for effective threat detection and response.
Understandably, the emphasis on a traditional approach to information security is based on the principle of keeping threats out. However, in a fast-evolving threat environment, the limitations of legacy security tools cannot be overstated, as the knowledge of yesterday’s attacks is no guarantee of protection against those of tomorrow. Several new solutions can be effective in a firm’s security strategy; from endpoint devices and applications such as anti-virus software that looks for malware, to border controls, sandboxes, data loss prevention and log tools, which collectively monitor real-time network activity to seek out and isolate risky files.
Innovation to meet cybersecurity challenges
The dynamic nature of the internet ensures that threat intelligence becomes redundant quite quickly if it is not supported by innovation. As many firms brave the threat of cyber-attacks, information-sharing offers a silver lining, to build a common base of knowledge and best practice in the face of ever-growing complexity of cyberspace. Awareness should be the starting point to adopting new technologies. For example, in the event of an attack, firms must immediately declare the incident and report the ensuing response.
An emerging perspective is that innovation ought to form part of broader governance, risk and compliance puzzle, and would help to rethink the current approaches to cybersecurity. So too would the assessment and implementation of new security technologies that offer a global change management opportunity, as the evidence shows. Traditional detection-based security approaches have not been effective. They are reactive and will only protect firms from already known, but not unknown, risks.
Cyber threats that are highly evasive employ tricks to infiltrate and extract information. Protecting against such actors requires a different strategy, and one that hunts for signs of hidden risks, automates defensive responses and extracts rich forensic insights for future protection measures. It is especially challenging to discern what is good or bad web traffic. But, recent developments have identified more effective ways to combat new and unrecognised attacks. For instance, “isolation-based” security is useful in preventing all web code from ever reaching a user’s computer. It only allows the user to interact virtually with web content without the potential risk of compromising the endpoints.
The future of cyber security must be more vigilant in assessing suspicious activities and sharing intelligence on threats and recovery processes. Not that it will stop threats entirely, but it could go a long way to provide insights, pre-emptively protect against the most sophisticated attacks, and future-proof critical business infrastructure.