Businesses around the globe are being transformed by next-generation digital technologies. Today, most companies are adopting automation, internet of things (IoT), 5G, dynamic virtualisation and artificial intelligence (AI), and moving their data to cloud environments. The arrival of these technologies is encouraging organisations, big and small, to reimagine traditional business models, leverage data and innovate for business growth.
While digital transformation is creating multiple opportunities for businesses, it is also exposing them to a new set of challenges. One of the key issues that companies are facing is their inability to deal with evolving security needs owing to digital expansion.
Earlier, the cybersecurity concept focused on protecting people and organisations from traditional threats such as malware, social engineering attacks, website defacing and hacktivism. However, in the past few years, the globe has witnessed sophisticated and intense cyberattacks tailored for financial crime, industrial espionage and crippling, targeting governments and critical infrastructure.
Even digitally transformed and automated companies are constantly evolving with the changing threat landscape. For example, the sophisticated Nyetya attack affected automated systems of global shipping and logistics companies, ports, oil majors, global advertising firms, and even food and beverage companies.
Companies today are hyper connected with smart devices and networks, and thus have become attractive targets for cyber criminals. Unsecured entry points in networks and devices have given way to frequent distributed denial-of-service attacks, crypto-jacking and other cyberattacks on critical infrastructure and strategic industrial sectors. They have not only disrupted the functioning of society, but have had a crippling effect on the morale and psyche of victim countries.
Further, there is a high possibility of security breaches in life-saving devices in hospitals, autonomous vehicles, automated power/water grids and even IoT-powered home appliances. According to an EY Assocham report, internet-connect things will outnumber humans by a ratio of 4:1. If a few of these devices are unsecured, cyber criminals can have easy access to the entire IoT network and disrupt services. Similarly, AI or automated services can be affected by data manipulation, disruption of training data and unmasking of personally identifiable information.
The question is no longer whether your organisation will be attacked, but when, where and how it will happen. It is therefore critical to have a threat management strategy in place, along with cybersecurity experts who are capable of handling known and unknown cyberthreats. This expertise needs to be coupled with proven processes to detect, analyse and remediate attacks, as well as proven security tools that can provide intelligence, intrusion detection, data analysis and event correlation.
To mitigate threats, organisations should undertake risk assessment to understand the nature of their data. They should adopt an aggressive strategy for anticipating threats by combining people, processes and technology, and regularly running reviews that can help identify significant events and incidents. Companies need to create a comprehensive incident response plan that is specific to the organisation, outlining steps for detection, investigation, containment, eradication and recovery, and share threat intelligence. Lastly, surveillance and monitoring of the deep, dark and clear web is an important exercise for protecting the organisation’s brand from website fraud, phishing attacks and rogue apps, among others.
Chief information officers need to initiate company-wide activities, namely, detecting new and mutating threats to stop or limit the impact of a breach; reacting rapidly to intrusions for effective incident response; and applying accurate threat intelligence to spot potential security vulnerabilities and prevent threat. According to a McKinsey report, rather than continuing with a passive stance, organisations must adopt an “active defence” model. Active defence will allow them to deflect attackers in real time by combining threat intelligence and analytics resources within the IT function.
In an automated era, cybersecurity must form an integral part of an organisation’s culture and strategy. An industry report draws an interesting analogy between cybersecurity and transportation. The report states that security cannot be guaranteed, but cars and highways have been designed with safety in mind. Similarly, the industry needs to design safe devices and networks, and ensure secure interactions between organisations to reduce the chance of an attack.