DUBAI: In its successful pursuit of digitisation — the mass adoption of connected digital technology and applications by consumers, enterprises and governments have opened themselves up to a host of cyber attacks simply by virtue of expanding its threat landscape.
These attacks have the potential to derail the progress made by digitisation, and negate the many benefits delivered by it, including the steps taken towards smart city initiatives.
According to research, the regional average for cyber attacks on businesses stands at 85 per cent, compared to a global average of 79 per cent.
Recent attacks against institutions mean critical information infrastructures could be at risk. If such attacks have taught us anything, it’s that the ramifications of a successful breach are far-reaching, including severe losses to profitability and productivity, as well as the permanent loss of data and credibility.
LogRhythm, Inc. is an American security intelligence company that unifies Security Information and Event Management, log management, network and endpoint monitoring and forensics, and security analytics.
Historic data dumps
Data dumps of historical personal data was a common occurrence this year. From LinkedIn and MySpace to Dropbox and Yahoo, it’s worrying how many large-scale breaches have come to light years after the data was initially stolen.
What’s more, the repercussions are already being felt, with Deliveroo – a British online food delivery company with operations spread across eighty-four cities in the UK, the Netherlands, France, Germany, Belgium, Ireland, Spain, Italy, Australia, Singapore, and Hong Kong – only recently revealing that hackers were able to access its customers’ online accounts after obtaining email addresses and passwords from previous data breaches.
With users reusing the same passwords, hackers don’t have to work hard or look far to get their hands on one set of log-in details that can open the door to many online accounts.
While we know about these particular breaches, there will be many more companies still unaware they have been compromised or those who have not done enough to encourage customers to change their log-in details after they have been breached. Because of this, I expect to see this trend continuing.
Over the past three years, ransomware has become an increasingly prevalent cyber threat. Until recently, most ransomware attacks were simply opportunistic and affected individual users’ or small businesses’ computers.
The ransom demands have commonly been the equivalent of just a few hundred pounds for an individual PC. However, cybercriminals are increasingly setting their sights on larger organisations that have more important files and computer systems, files that are critical to their daily operations and as such, are able to warrant bigger ransom demands.
Next year, ransomware attacks will ramp up and organisations will need to increase their level of preparation, back up their work and implement more sophisticated tools that can detect, shut down and contain suspicious activity from the offset.
Traditionally, organisations have concentrated their breach mitigation efforts on catching and preventing external threats – however, many of today’s data breaches highlight the growing threat posed by insiders.
What’s becoming clearer, however, is that the insider threat doesn’t just refer to employees stealing or leaking information consciously and maliciously. There are also those that become unwitting helpers for an outside threat.
The spectrum of the insider threat is therefore much wider than many organisations are aware of – in fact, the accidental insider threat can pose a much bigger problem for organisations because there are so many of them.
In 2017, this will become an even bigger challenge for businesses who will subsequently channel more resources into educating employees and contractors, and investing in tools that identify malicious activity should an individual unwittingly click on a dangerous link.
Critical national infrastructure has long been a target for cyber criminals, however, this has become a much more prominent problem over the last year. Power grids, airports, healthcare and financial organisations are all now prime targets, with a successful hack potentially leading to a much more dangerous outcome than simply leaking emails or dates of birth.
Indeed, this year we have seen the financial industry take quite a hit with attacks on the SWIFT banking system and Tesco Bank indicating just how much damage can be caused and money lost should hackers navigate their way past traditional security defences.
In 2017, hackers will use these successes as motivation to focus their energy on other industries that form the backbone of our society, including energy, healthcare and manufacturing.
Governments are focusing more on cyber security, releasing cyber security frameworks and mandating country-specific regulatory policies.
These policies emphasise the need to have efficient monitoring and detection in place, and will therefore push businesses to tighten up their security in 2017. New, stricter rules will act as one of the biggest motivators to take cyber security that much more seriously in the boardroom.
The role of CISO
There will be a growing number of dedicated Chief Information Security Officers (CISOs) appointed in 2017.
Cyber security has subsequently become a major – if not the top – concern, and Chief Information Security Officers can only do so much.
Cyber security is just one part of their job role; what organisations need now is a dedicated CISO who provides greater leadership and ensures their organisation has the tools, processes, staff and mind-set to manage modern-day cyber-attacks.
Today’s hackers are becoming increasingly persistent in their approach and using extremely sophisticated tactics to exploit existing vulnerabilities. Sticking with basic security solutions may have worked in the years before cyber-attacks became one of the biggest threats to corporate security, but this is no longer sufficient. If hackers are finding new, innovative ways to get into IT systems, then logic would dictate that companies need to find new, innovative ways of protecting their IT systems.
In 2017, businesses will increasingly invest in security intelligence to complement traditional tools. This involves the implementation of continuous monitoring so that a breach or compromise can be identified and mitigated as soon as it happens.
A few years ago, Gartner , a Stamford, Connecticut-based American research and advisory firm providing information technology related insight for IT and other business leaders located across the world, stated that prevention has become futile and that by 2020 security strategies would need to include the sharing of security intelligence. This will ramp up next year as businesses finally take heed of this advice and begin preparing for General Data Protection Regulation (GDPR) requirements.
Subscribe to our monthly newsletter
Keep a pulse on the latest business news in the Middle East. Subscribe now.