Opinion: Dominik Samociuk, IT Security Expert at Future Processing, helps the C-Suite navigate security threats, giving insight into what they are and how to defend against them.
Next generation security is a concept that’s been much discussed and much debated in recent times. What it really means, and whether we’ll be able to cope with the influx of new technologies and new threats, has been cause for some concern and considerable speculation in security circles. Ultimately, whether it’s evolution of convergence, age of awareness or hardened security management, we as the C-suite must prepare our companies for the worst. Here’s what to look out for, and how to protect against it in 2016.
Innovation at risk from APT attacks
APT (Advanced Persistent Threats) are complex, long-term and multi-stage actions targeted against specific individuals, organizations or businesses. The innovative design of new technologies or business strategies are desirable commodities in an increasingly competitive market, so it’s little surprise that companies and government institutions are so prone to these kinds of cyber-attacks, and can face difficulties in detecting and tracing them.
APTs are most often carried out by attackers who gather information about the employees of an organization over a number of months, before proceeding with a planned attack. Any company or organization that operates in a particularly competitive environment is potentially at risk from an ATP attack, but those providing modern technology involved in research and development and rotating confidential data might find themselves particularly targeted.
As APTs often target unknown vulnerabilities, implementing redundancy in security is crucial. A tactic designed for security systems that may be implemented to mitigate such attacks, is defense-in-depth. It involves the introduction of multiple, independent layers of security. Such redundancy significantly increases the level of protection by limiting the effects of errors and attacks.
Countering Cyber-espionage and Cyber-terrorism
Cyber-attacks have become a very convenient and effective tool for foreign infiltration of defense systems and theft of military secrets, mainly due to the relative ease of execution (compared to traditional methods of espionage), and low risk of disclosure of the source and beneficiary of the attack. Cyber-espionage is continuing to evolve, becoming more frequent and more effective as it remains unchallenged by management teams only able to allocate the minimum budget to reducing potential risks.
Management, then, is the link that needs to be checked more often and more thoroughly than the rest of the chain – in fact, it’s usually targeted first due to the access it offers to a wide range of valuable data. Vital to protecting your business against cyber-espionage or cyber-terrorism is the thorough assessment of potential risks, including the identification of information that could be stolen. Also essential is a review of the organizational structure of teams dealing with the protection of information, and its reconstruction, if necessary.
Big Data vs personal data
The world of analytics has brought a new concept and a new direction to cyber security -"big data". Put simply, big data allows us to seek and use the business value lying dormant in the available growing volumes of data. This data comes from countless sources, often outside the organization, with areas previously completely disregarded as a source of information becoming vital to making the right business decisions.
But with the creation of such huge databases, new risks are also introduced. The most common attack is to take over someone’s identity. External attackers, via malware, take over the authentication parameters of an employee and logs on to corporate resources, then proceeding to steal information available inside the company.
Fortunately, each attack leaves behind a trace, and tools that can detect events likely to point to it are available. The key to solving the problem is to analyze deviations from behaviors that are normal for users, taking into account differences in access time, place or device, as well as the data used by user applications.
Mobile security as a consequence of BYOD
BYOD (Bring Your Own Device) is a relatively new arrival to the workplace. Intel was the first to introduce BYOD in 2009, and despite the short lifespan of the policy so far, it has gained many supporters; in countries with fast-growing markets, such as Brazil and Russia, BYOD solutions occur in about 75% of companies. According to representatives of companies that have introduced the system, it results mainly in increased productivity.
Alongside its many advantages, however, the use of BYOD policy is also associated with an increased risk of data leakage. According to statistics, almost half of the companies (47%) using this solution have met with loss of data. Forecasts predict that hacker attacks on mobile devices in 2016 will bring more than half the companies implementing the solution losses exceeding $500k; the total losses caused by such attacks on Polish companies alone amounts to 100 million zl so far.
The best way to defend against such risks are to build a sealed and coherent security system, and draw up a settlement of license between BYOD and employer devices. Proper device management is fundamental, and implementing a security policy for BYOD in which all workers are trained should be a priority.
IoT as a flywheel for identity theft
The Internet of Things is a vision of all sorts of devices plugged into the network, and communicating among each other and with existing infrastructure. More and more often we hear about smart homes and cities, or autonomous cars, with each "smart" part of the puzzle able to connect to the Internet in the Internet of Things. Just like the global network, it has its dangers.
Loss of privacy or leakage of personal information is one of the possible ways security might be degraded; OWASP presented its list of the 10 greatest threats to the IoT in 2014.
Risks from cloud-based solutions
The rapid development and growing popularity of cloud solutions raises questions about the security of the data stored in them. The revelations of the Edward Snowden affair offer further grist for this mill, and it’s an issue that’s affecting a growing number of private and corporate users.
The main advantage of the cloud is its simple and fast access to data via a browser, and the capacity to store data on a professional company’s servers, minimizing the possibility of losing files and information in case of error or hardware failure. Of course, this still carries some risk, just like the usage of electronic banking or purchasing on the net.
An unauthorized person can get a login and password, and use them to access files and information. Threats could also arise from dishonest administrators who have access to data, due to the nature of their work, and each cloud can be targeted by cybercriminals.
We should also be aware that the data is stored on servers that are physically located in other countries, and issues related to user files are therefore governed by the law of the country in which the devices are placed. But are these risks are real enough to give up the comforts offered by the cloud?
Can security cope?
We live in a time where the next generation of security mechanisms must defend us against a wide variety of threats, from APT attacks and cybercrime to identity theft and privacy in the new ‘smart’ world. Will it be too much for the next generation of security to manage? Only time will tell.