Everything around us today is about digital, connectivity, cloud, social and finally claiming the centre-stage, security. Cyberthreats continue to affect enterprises and service providers while end-users remain prime targets of phishing, fraud, identity theft and ransomware. With multiple points of entry and a variety of vulnerabilities available to attackers, what remains to be answered is if organizations improve their security posture just by addressing basic security and risk related hygiene processes, and what needs to be done differently next year. As the year rounds-up, security experts share how they foresee security to evolve and thereby shape the decisions in the coming year.
A majority of organizations in the region have already embarked on their journey towards digital transformation or are planning to in the near future. According to IDC, many organisations are already using innovative technologies such as virtual and augmented reality, robotics and Internet of Things to streamline their operations and improve customer experience. Combined with third platform solutions like cloud, mobile, social and big data, these new technologies are introducing a series of IT security challenges as well.
However, organizations taking advantage of digital transformation technologies can quickly backfire if they do not account for a variety of new and evolving cybersecurity risks, especially in the cloud. “Cloud security needs to be a priority as more organizations move their data to the cloud,” says Stuart Davis, Director – Global Services & Intelligence EMEA, FireEye. “Lower costs and ease of use will continue to encourage cloud adoption causing attackers to follow that data into the cloud, regardless of what the data is.”
This past year was something of a turning point for public cloud adoption in the Middle East – not just with regard to traditional public cloud providers such as Amazon and Azure, but also with software as a service. So, another technology that is expected to be increasingly targeted is the cloud.
Roland Daccache, Senior Regional Sales Engineer MENA, Fidelis Cybersecurity adds, “I also wouldn’t be surprised to see new very advanced attacks against public cloud environments, in the form of data theft and compromise, as enterprises still tend to have more relaxed security enforcement over the cloud than on premise.”
A large number of hacks and breaches set new records for data invasion this year. From WannaCry to Petya to BadRabbit to MoneyTaker, this never-ending list of sophisticated and far-reaching breaches grows almost daily. Such attacks confirm that one of the biggest cybersecurity threats is ransomware that encrypts data on a system or network until a ransom is paid.
Tarek Abbas, Systems Engineering , Director – Emerging Markets, Palo Alto Networks says that attackers will further refine their ransomware delivery techniques in 2018 and this could potentially lead to more attacks if the right preventive measures are not put in place.
What enables such attacks is the rising number of connected devices that act as backdoors into the corporate network for hackers to exploit newly identified vulnerabilities. For instance, something as innocuous as Wi-Fi enabled thermostats connecting over the corporate network may be being used to secretly syphon information out of a business.
Enrique Duvos, Director Product Marketing EMEA, Akamai Technologies says, “Businesses need to be prepared for DDoS on a scale that they may not have seen before.”
While it is impossible to accurately predict what will happen in 2018, it is a fair bet that Android and Windows will continue to be heavily targeted with ransomware and other malware.
According to Harish Chib, Vice President MEA, Sophos a number of trends that stood out this year are also likely to dominate 2018. Here, Chib cites the example of ‘do-it-yourself exploit kits’ on Windows platform that make it easy to target Microsoft Office vulnerabilities and says that such threats are only expected to rise in 2018.
Artificial intelligence is also expected to affect cyber-security but the frightening part is that while AI can play a crucial role in managing threats, it can also be used introduce attacks that can morph much faster. However, one must not expect AI to miraculously rid us of all threat vectors.
“The ultimate goal must be to leverage automation and AI to help combat attackers by allowing machines to learn faster than our attackers can invent,” explains Scott Manson, Cybersecurity Lead MEA, Cisco.
So, will automation offer some respite to the growing concerns around security?
“We know that 2018 is expected to witness increase in the number of attack vectors leading to massive increase in the volume of data being processed by cybersecurity teams. Companies with the tools and culture to embrace automation, and put technology to work for real business enablement, will perform better than those that don’t,” states Brendan O’Connor, Security CTO, ServiceNow.
Agreeing to this assessment, Morey Haber, VP Technology, BeyondTrust adds, “Automation of responses will become imperative in cybersecurity tools to allow cyber teams to focus both on the high-risk threats identified and in planning effectively for improvements in defences.”
Rather than simply looking at security, Brandon Bekker, Managing Director, Mimecast MEA stresses that businesses also need to have a comprehensive cyber-resilience strategy in place.
“Such a strategy requires solutions that defend against threats such as ransomware, allows continuous access to critical applications and information during an attack, and provides the ability to recover data to the last known workable state, after a threat is neutralised,” adds Bekker.
Mike Lloyd, Chief Technology Officer, RedSeal highlights that since it is simply not possible to stop all attacks from happening, the affected parties need to respond and recover in a timely fashion once the breaches occur.
“The industry is now shifting over to a resilience mind-set, not one based on perfect protection and everyone needs to be in a state of readiness in terms of both processes and technology,” adds Lloyd.
Stressing on the importance of response time, Amit Roy, Executive Vice President and Regional Head EMEA, Paladion explains that Dwell Time will become an important factor in days to come.
“On average it takes more than 100 days to detect an active advanced threat by enterprises in the region. This delay can be reduced by collecting exhaustive data about their networks, users and applications to deploy intelligent systems to sift through this enormous data,” explains Roy.
As the New Year stands at our threshold, there is no end to the predictions that security experts are making. In 2018, some predict serverless security to become mainstream and blockchain technologies to rise while other expect more high-profile organizations to be breached, cyber-extortion tools to evolve or ‘Gaming deleteware’ infections and biometric hacking to rise. Whatever may be the modus-operandi, what is clear is that getting breached or attacked is inevitable. While we cannot ever expect 100% security, we can make it harder for the threat actors to penetrate, be better prepared and respond fast after an incident.