It always seems that the hacker is ahead of the organization being attacked. Every week we hear about a new ransomware, malware, DDoS, or other attack that has put organizations – or their customers – at risk. In fact, we write about these attacks every week in our “Who Got Hacked” series.
There is an eternal struggle between hackers and cybersecurity experts. In the digital arms race, technology is invented to prevent the latest attacks, and new attacks are invented to thwart that technology. It takes a special combination of the right tech, the right policies, and the right education to get ahead of threat actors.
There are a number of issues in play when you consider the prevalence of cyberattacks in the digital age.
“Threat actors are becoming more and more sophisticated in their methods and how they’re looking to attack and target a number of organizations,” says Jeremy Samide, CEO of Stealthcare.
We’ve seen a shift from financial services to healthcare organizations to law firms because of the type of information that they have. However, as IT continues to change, a lot of these threat actors are targeting these organizations in order to exploit vulnerabilities based on application error, human error in design and architecture, and in other software and security vendors. This gives them an advantage.
An Ongoing Battle of Cybersecurity
It’s almost a situation of there being too many holes to plug.
“When you look at large organizations, you look at the attack surface,” says Samide. “As the organization gets larger, there’s more information, data pockets, entrance and egress points in the organization that need to be covered.”
In organizations with multiple offices and facilities, the attack surface gets larger. Any time an organization brings a new application online, or opens a new office, they are more connected, and there is more opportunity for hackers to look for vulnerabilities.
You can’t tell a company to stop growing, of course, but there are steps to be taken.
“It’s really a combination of the people, the process, and the technology,” says Samide. “They’re all connected. You can’t just throw technology at a solution. It doesn’t work. You have to build security through the process and culture, along with technology.”
Cybersecurity is a mindset. It’s a design that needs to be focused in the development of an organization – to implement security and then enforce security so that there is still reasonable access to the application.
The Cybersecurity Technology Factor
In the hyper-connected world, we have to look at implementing new technology from two standpoints – the functionality for the business from a requirement standpoint, and a security standpoint.
That’s likely different stakeholders from different departments getting involved. In fact, the different stakeholders need to get involved. They need to come together to look at the functional requirements along with the technical requirements to determine the proper solution for the organization.
Take the case of the Internet of Things, for example a manufacturing facility. Putting sensors that measure different variables during the manufacturing process can be a great thing. It can alert the organization to different problems that may arise in real time. It can also provide layers of data and analysis that inform the business – called Business Intelligence – and provide a better yield in following manufacturing cycles. However, these devices are connected to the network, and open up new avenues by which threat actors can enter the network to steal data.
The game here isn’t to find the balance as much as it is to weight the pros and cons.
“They need to design something that works for the business – that can create that intelligence to them to create that advantage,” says Samide, “But they also need to design the security architecture around that to mitigate the risks involved in adding that new type of technology to their systems.”
Once you introduce a new technology you need to do a risk assessment, look at the exposures, and then design something that can mitigate the risk while still providing the business with what they need.
The Future of Cybersecurity
“I think we’re still in the infancy stages of it,” says Samide, “I do believe that it’s going to get worse before it gets better.”
State sponsored cyberattacks are growing. Virtually all nations, all sovereign governments, and some hacker collective groups and terror organizations are starting to step up their game as they see cybersecurity as a major weapon. It’s becoming more sophisticated and targeted. In our hyper-connected world this is where the warfare will be played.
It’s all about intelligence, data, and connecting dots. You need to create a 360-degree picture of an organization, and having that information is power. The theft of information, therefore, is power as well. Hackers are looking to sell your information to competitors, or sell the financial information of your clients to the highest bidder. That’s what every organization, large or small, is up against.
“I think it’s going to be an ongoing battle,” says Samide. “Technology will be perfected on the defensive side, and part of that is the approach we’ve taken with our platform – the proactive approach. Threat intelligence, understanding what the threat actors are doing.”
Things like machine learning and artificial intelligence will be game changers, as will the advent of quantum computing (from an encryption standpoint). However, as those technologies grow on the security side, threat actors will start to use them as well. So it may always be a game of cat and mouse – a cyber arms race with each side battling forever.