Eliminating Cyber Threats in 2020: Why Enterprises Need to Rethink Cyber security
By Amal Murali
In 2018, a security issue at Facebook affected a whopping 50 million users. In 2017, 412 million user accounts was stolen from Friendfinder’s sites and 147.9 million customers were affected by the Equifax data breach. Just one year earlier, 3 billion Yahoo accounts were hacked while hackers managed to steal the data of over 57 million riders and drivers from Uber.The fact that some of the biggest tech companies across the world have suffered such massive security failures gives us an insight into how big a problem cybersecurity really is. And just in case you thought that these breaches are few and far between, the average number of recorded breaches per country in 2017 alone was 24,089.
Interestingly enough, India was the nation with the most number of annual breaches (over 33,000 files) while the US had 28,500. It’s also important to remember that these are the reported figures and that the actual numbers could be several times higher.
1 – Cyber-attacks have gone from being standard-issue, easily manageable threats to complex attacks.
Cyber-attacks have gone from being standard-issue, easily manageable threats to complex attacks that leverage cutting-edge technologies and sophisticated algorithms. Given the highly varied nature of modern attacks and the sheer amount of information needed to fully document an attack, it’s no longer possible for cybersecurity teams to process everything within a reasonable timeframe. Improving detection and response times for cyber threats and enabling human cybersecurity teams to focus on the more strategic threats is the need of the hour.
2 – Companies across the world are now looking at adopting AI-powered cybersecurity solutions.
Automation in cybersecurity is not a new concept and has been widely used over the years. However, with the rising attack surface, the number of alerts being generated by security automation products is usually overwhelming. The high severity threats get buried within a spew of irrelevant alerts, and organizations have to either spend a lot on cybersecurity teams to manually filter through those alerts or deploy customized automated security solutions that are also prohibitively expensive. This is where AI-powered technologies come into the picture. These technologies are a cost-effective way for companies to identify the most critical threats, thereby increasing detection and response times. In fact, 61% of enterprises today say they cannot do without AI technologies when it comes to detecting breach attempts, and another 48% say that their budget for AI in cybersecurity will increase by an average of 29% in 2020.
3 – Applications today have become increasingly diverse.
They reside on multiple platforms (mobile devices, web servers, application servers, etc) and proliferate from a number of sources— whether that’s in-house, third-party, or Commercial Off-the-Shelf (COTS). And while enterprises have so far been fairly effective at protecting the network layer and endpoints of the cybersecurity surface, the application layer itself remains highly vulnerable. This means enterprises have to make it as difficult as possible for a malicious actor to hurt the organisation or its digital assets.
4 – A poorly-written piece of code can affect more than just itself.
A poorly-written piece of code can affect more than just itself. The components it interacts with are also at risk. Even a minor flaw can be exploited, damaging, or leading to damage of critical parts of a company’s infrastructure.
5 – Bugs
Bugs are commonly introduced due to development team time constraints, legacy code that has since become vulnerable, carelessness or a misunderstanding of bug classes that an attacker will exploit. No matter the automation or rules you have in place, one mistake can take down the organization.
A large amount of information gets leaked online through innocent mistakes. In February of 2018, for instance, our crawler found details of over 10,000 credit as well as debit cards of the customers of a prominent Indian bank, that were available for sale on the dark web, for $4-5 per card.
Given this context, security can no longer be just another layer over the business application but should be inherently built into it—a part of the development workflow itself. Things like malicious code, application backdoors and lack of security functionality need to be addressed during development itself; and for existing projects, via a comprehensive assessment.
At the end of the day, cyber attacks have become more sophisticated and complex than ever before, and the defensive methods that worked even a few years ago are now limited in their efficacy. Luckily, there are a number of advanced cybersecurity solutions providers out there and they’re leveraging cutting-edge technologies to build faster detection and response times. Most of these cloud providers have highly sophisticated systems to secure your infrastructure better. Although those systems have a steep learning curve, investing time in setting up proper access controls and defense mechanisms can go a long way in securing your organisation.