The fourth industrial revolution is upon us, a time when technology is becoming characteristically biological, machines blending seamlessly with the natural world, processes, and our inherent way of life.
Is it exciting? Hell yeah, it is! Is it scary? You bet! But not in some Skynet Terminator crazy futuristic scenario. Schwarzenegger isn’t going to save us from some terrifying singularity crisis. Hey, he couldn’t even save California from debt.
What is scary is the level of security that is necessary going forward to enable current and new systems to be able to do their jobs correctly, and without compromise.
While the average guy on the street is concerned about the cyber threat of getting a virus from downloading a dodgy copy of Photoshop on Pirate Bay (as he should be), those with a more holistic view of tech systems have bigger fish to fry.
Not only does each component in a system need to be secure, impenetrable, and always up to date, we also need to worry about storage security (both physical and digital access), user access and permissions (think Snowden’s free reign on NSA systems), network security over the wire, and more. It’s no wonder there is such a strong emphasis on cybersecurity both at home and overseas.
Whether you’re a beginner or expert, cybersecurity can be complicated to understand as it keeps advancing every day. We asked industry experts, Richard Watson, Lead Partner APAC Cyber Security Risk Management at EY, and Vicky Bond, Consultant at Text100 their thoughts on cybersecurity and threats to watch out for this year.
Threats in business for cybersecurity
“Following the large global cyber incidents caused by Wannacry and Petya (Ransomware attacks), there was a shift (from Fear of Data Breach), and the principles of availability and integrity of systems and data came to the fore. I think the coming year will see an increased focus on cyber resilience and how the availability and integrity of systems and data underpin the digital organisation’s many institutions have become.” – Richard
Having all your systems locked up and inoperable is every business’s nightmare. While paying a ransom to cyber crims seems like giving in and encouraging them, what exactly is the other option against cyber threats? As Richard mentions, being able to be operational through any major incident, like a data breach, is now at the forefront of people’s minds. Like a billion backups to the cloud, servers all over the world, plus a set of tapes in your mum’s friend’s basement.
“Another area we are seeing lots of demand in is Third Party Cyber Risk. How do you secure your supply chain? How do you know that counterparties you send data to, or rely upon to run key systems are cyber secure?” – Richard
The reality of this situation is: you can’t. The key to ensuring security against a cyber threat with 3rd party providers is either mandating they use a security suite/provider/etc. that you trust, not providing data you don’t trust them with, or developing trusted solutions together to alleviate the risk. There’s no one size fits all solution.
Cyber risk and the law
The General Data Protection Regulation (GDPR) is now in effect, and already we’re seeing data breaches hit the news, like the newly announced 10 million customers in a breach from Dixon’s Carphones. Firms have just 72 hours to let people know of breaches. Fines can be steep. And this is just the tip of the iceberg.
As Vicky says, “With Data Breach Notification legislation effective in Australia from late February, there will not only be an increase in the number of breaches reported, but also an increase in the opportunities for individuals to upskill and embrace a new role in cybersecurity.”
Data protection laws (or lack thereof) vary from country to country. The internet means that everyone is by default global, whether we like it or not.
How is it possible to legislate, enforce, and investigate globally disparate systems against a data breach? Well, it’s not. However, we have to learn how to protect against cyber threats. Why we are still trying to build physical and digital walls? This remains the million dollar question to argue about over a pint.
IoT devices have changed the game
“(IoT) devices that have little or no inbuilt security are connected to the internet and are increasingly being connected to corporate IT systems. This creates a relatively easy access path for any would-be attacker. What’s more, these systems often control industrial processes where health and safety is a genuine concern. So any cybersecurity failings in the IoT systems might not just be embarrassing, they could be fatal.” – Richard
IoT devices need to be thoroughly assessed before being brought onto a network. It’s no good installing an office temperature monitor and realising it’s downloaded something that’s now beaming your data to god knows where. Australia’s even blocked Huawei from the new 5G network because of it.
How artificial intelligence is impacting the future of cybersecurity
“AI is now also being used to perform cybersecurity tasks. For example, some of the latest threat detection approaches are using AI and robotics to automate the identification of unusual activity on computer networks. This is then leading to the collapse of the traditional tiers of security operations. Levels 1, 2 and 3 are all merging into an automated threat detection capability, enabled by big data, robotics and artificial intelligence.” – Richard
Using AI for cybersecurity tasks is not only clever, but it’s also going to be a necessity moving forward. It’s the level of trust that you can place in the AI that needs to be established (and maintained) to ensure security.
The biggest threat to cybersecurity
The biggest cyber threat to cybersecurity is your employees, trusted insiders, and supply chain. And it’s usually an accident, too.
This could be:
- Emailing confidential documents to the wrong person
- Accidentally wiping backup systems
- Selling old computers without digitally shredding them
What can you do to combat this?
- Education & heightened security processes
- Enhanced identity and data management
- Implementing more advanced monitoring
- Incident handling procedures
Evaluating IDS, NIDS and HIDS
The sophistication of today’s data intrusions necessitates the implementation of a multi-tiered network security approach to protect against a myriad of cyber attacks. The most common elements are firewalls, to control incoming and outgoing traffic from untrusted networks, and Intrusion Detection Systems (IDS). IDS’ are devices or software that monitor networks for cyber threats, malicious activity or data breaches, detecting for suspicious activity and take action to block cyber threats.
The most common IDS are Host-based Intrusion Detection Systems (HIDS) and Network Intrusion Detection Systems (NIDS). HIDS are installed on every computer to monitor and analyse traffic to and from different nodes in the network, including what applications are being used or what files are being accessed.
HIDS cannot look at the intricate patterns of network traffic and communications but are great at detecting specific malicious activities and stopping them in their tracks. NIDS analyse the flow of information and detect for specific suspicious activity before a data breach has occurred. They provide a broader examination of a network to detect attacks with scans and probes that analyse data-patterns.
Essentially, they can detect hackers even before they have acted maliciously in the network, whereas HIDS won’t know until the hacker has breached the system.
Upskill to be ready for the future of cybersecurity
Richard sees two main areas of concentration for the future: “Cyber risk management (like traditional risk management) as the ability to understand, test and categorise business activities according to the likelihood and impact of downside risk to the organisation. (Then technical cybersecurity), similar to mainstream IT or OT – a good understanding of networks, applications and data, but with a lens of “what could go wrong?”, or “where are the vulnerabilities?”, increasingly underpinned by big data technologies, an understanding of analytics and the ability to enable automation of key cybersecurity processes.”
There has never been a better time to start your career in cybersecurity. The field is mature, progressive, and constantly changing, making for an exciting future. Become a white hat hacker, a cyber risk analyst, a social engineer… the opportunities are boundless. As Vicky puts it, “Companies will be looking to secure individuals with excellent communication skills, who can translate complex processes and information into trainings and updates for the broader businesses.”