Interconnected Risks : Cybersecurity challenges in the age of smart devices

Praveen Jaiswal, Co-founder and Director, Vehere

With the increasing internet penetration, the cyberthreat landscape has evolved significantly over the years. There is visible change in the methods, motivations, and scope of cyberattacks. As the technology continues to evolve, modern-day cybercriminals use the latest techniques to bypass the existing cybersecurity infrastructure, which involves multiple layers of protection across hardware, networks, programs and data. The work-from-home routine induced by the pandemic has added to existing security challenges.

With technology becoming affordable and accessible to all, individuals are spending more time on their smart devices. Moreover, enterprises of all sizes are increasingly leveraging the internet and advanced technologies to improve their user experience and operational efficiency.

Today, cybersecurity is a priority for every organisation, and specialised teams are being deployed to keep the networks secure. Besides the traditional security infrastructure, organisations today invest in advanced firewalls, network intelligence solutions, and early detection and response mechanisms to ensure adequate safeguards against any external threat.

Emerging trends

• Integrated solutions and insights-based decision-making: Moving away from point solutions, most organisations are looking at an integrated strategy that could improve decision-making by amalgamating information from endpoints, networks and different data devices. The aim is to detect suspicious activities and connect the dots to identify the risks.
• Moving beyond recognised boundaries: Network perimeters have diminished with the increased use of external devices and the introduction of mobile applications and cloud-based access. Besides, the idea of a trusted user is no longer valid in today’s context, with companies adhering to zero-trust networking and securing access to protect their networks. From the edge to the corporate firewall, businesses are putting up additional safeguards against any unauthorised access with a mix of on-premise and off-premise security infrastructure.
• Privacy and confidentiality measures: With the growing concerns around privacy and confidentiality, organisations are increasingly recognising the need to review their current approach to data collection, storage and data safety. Moreover, with the evolution of security technologies, how the cybersecurity policy affects privacy will also be closely examined, which will determine the direction for the development of new technologies.
• Enforcing skill-based threat hunting: Newer technologies such as artificial intelligence (AI) and machine learning (ML) have provided scope for adding new security capabilities. Still, recognising that criminal minds have access to the same technologies, the focus of organisations will increasingly shift towards buil-ding a skill-driven threat hunting and response mechanism. Besides, security leaders are increasingly adopting data modelling techniques to create strategies to strengthen the security posture of organisations.
• Emergence of specialised service modules for small businesses: With growing awareness regarding the impact of cybersecurity and the significant surge in the frequency of attacks, managed service providers are increasingly finding salience among small and medium businesses. The evolving cybersecurity ecosystem will see newer players and encourage managed service providers to innovate and extend specialised service offerings that meet the needs and requirements of small and medium businesses. From the adoption of smart devices to building smart cities, India has made significant progress towards achieving the Digital India vision. Furthermore, the growing use of internet of things (IoT) devices across enterprise verticals, including manufacturing, healthcare, automobiles, energy and even finance, has ushered in a new era of industrial connectivity. As more and more devices become part of the industrial network, the surface area for possible attacks from adversaries is undoubtedly increasing. To add to the challenges, the differences in the makes, origins, operating systems and security protocols make it even more difficult to set any standard approach for managing and securing these devices. By identifying a weak point in these devices, cybercriminals can get unsecured access to the whole network.

In this new era, the traditional legacy cybersecurity solutions, including anti-virus and intrusion detection software solutions, fall short of the needs of enterprises given the diverse set of devices and the growing scope of operations. With the ever-increasing influence of technology, disruptive technologies such as cloud computing, AI, ML and IoT will continue to drive the adoption of cybersecurity solutions across verticals and shape the industry’s future.

It is important for enterprises to equip their security teams with the right set of resources that provide them with complete visibility and enhanced control of various assets that are a part of the network. The security standards and protocols will need to be reviewed frequently to identify the risks and fix the vulnerabilities in time. In this way, enterprises will always be one step ahead of their adversaries.