In Part 1 of The Future of Cyber Security article, we took a look back at the landscape of cyber threats and how they have changed, grown and evolved over time.
We discussed the changes in:
- Email viruses
- Access to porn
- The evolution of the threat - then vs. now
- The growing maturity and sophistication of cyber criminals
- Cyber security training
- The state of overwhelm and fatigue
We concluded that there has been, and will continue to be a tremendous pace of change and sophistication in the area of cyber security. And, that cyber security will continue to be a fundamental imperative for organisations large and small to address and manage as part of their day-to-day business operations.
Strategies for Today and Tomorrow
As we look to the future of ensuring cyber security, we need to examine a variety of strategies and practices that will all add up to creating a business imperative for the future that includes better and stronger cyber safety and the creation of cyber safety resilience.
These strategies and practices include:
- Pentesting and then some
- Threat hunting
- Governance risk and compliance
- Controlling data
- Ongoing awareness and understanding of the security issues
- The power of a quick decision
Pentesting and Then Some
Pentesting alone is no longer enough even though it is a great example of going on the attack and actually finding where you’re vulnerable. So, it’s definitely a viable exercise.
However, you can go further from the defensive side. When a breach occurs, the Incident Resonse team gets focused on stopping that breach as quickly and effectively as they can. And, they then a do a little bit of monitoring just to ensure that there isn't any residual form of malicious content or virus remaining within the environment. This incident response processs can be simulated with a penetration test.
Most businesses of the future will need to continually exercise both their attack and defense strategies to keep their environments secure.
The term, ‘threat hunting’, refers to proactively going on the attack and actually investigating your own data and trying to discover and understand different threat anomalies that could be occurring. Through that discovery phase, you are very likely to uncover some hidden threats, hopefully before they result in breaches.
When you combine ‘threat hunting’ with your compliance and control tools that are at work stopping the other ongoing threats, you’re pretty well covered.
If you want to enable business stability or facilitate secure growth within your business, this combination of ongoing security needs to be fairly seamless and ubiquitous.
Governance Risk & Compliance
We help companies achieve and maintain governance, risk and compliance. This ensures that they've got the policies and controls in place that will enable them to seamlessly move into a growth phase as well as protect their ongoing state.
The globally recognised ISO standards outline 14 controls that companies need to adhere to, to reach maturity of compliance. We look at those and take customers on the journey so they've got some strength around the controls they've got in place and are able to identify their ongoing priorities.
This approach helps as change occurs within the business, ensuring they are following compliant processes during change.
Change is a huge area of threat because that's where the exposure occurs. When you leave a new ‘window’ open, attackers find it. They only need a small opportunity ‘window’ to get into your environment and you’re at risk again.
Digital transformation really just means digital change. The pace of change today is fierce so you have to be acutely aware that there are lots of ‘windows’ you're going to be opening so you need to ensure they’re secure.
Cyber criminals are a very creative bunch. The type of attacks used keep changing. So fundamentally, the business needs to understand where its strengths are, where it is safe and where it is vulnerable.
And it always comes down to the data and how well you control that data.
Key data considerations include:
- The types of data held within the system
- The sources of the data
- Who has access to that data
- How people are using that data and for what
- Data intersections points
- What controls have you put around that data
Cyber criminals are not only creative, but they are also persistent. They will find ways to try and get into your environment. So you must protect this precious asset.
Data protection is an imperative.
You have to really understand which assets need protecting from the start.
Cyber security has evolved from managing how people use the web and managing the spam that's coming through email to now having to be both defensive and offensive in their protection strategies.
This journey won't stop anytime soon. As our interconnectivity grows so does our vulnerability.
Ongoing Awareness and Understanding of The Security Issues
Our job is to continually help the customer increase their overall awareness of security risks and issues and to examine how they are using their current tools. And finally, we must now encourage customers to initiate and embrace an offensive attack strategy to both reduce the incidence of breaches and the time it takes to discover, fix and prevent them.
For us, it's always been about helping the customer improve their business through security. We always have to be on the front foot on behalf of everybody else. And then we've got to try and educate our customers. There’s always something to learn in this space.
Cyber security of today and tomorrow will include both a defence and attack strategy. Businesses have to get their cyber footprint right. They've got to do both, really well.
The Power of a Quick Decision
When we look at moving forward we need to embrace the attack and defense approach. We've got to get that right as businesses and as the people who are charged with cyber security responsibilities.
If you're thinking about making a decision in response to your cyber attack, it’s suggested that you make a quick one, because time is of the essence.
The environment is different week in, week out so you're going to have to pay a lot closer attention to your environment and become better and faster at anticipating the change because nothing is static. It's changing. It's evolving. And it’s doing both faster than ever.
Your business need to keep pace. You need to always be doing things better. You have to commit to constant and never ending improvements to keep up. And, you have to make quick decisions.
We're there to teach our clients good habits, improve their awareness and their ability to defend their organisations, and we equip them with the tools required to retailiate and go ‘on the attack’.
When awareness, defense and attack are all working together, organisations should be well prepared for a cyber secure future.
Predictions for the Future
- Cyber threats will continue to grow in both number and complexity
- Cyber threats will be exaggerated with further movement to the cloud
- Cyber security can no longer be solely the responsibility of IT department. It is the responsibility of everyone in the organisation.
- IT processes and policies need to be applied right across the business.
- More and more organisations will require ongoing cyber safety support and education.
As organisations become more cyber savvy and embrace the defense and attack strategies, they can also optimise their current systems so that they can find the threats already at work affecting their network. And, they’ll be better equipped to detect and manage the threats of the future.
Cyber security and threat awareness needs to be on the mind and radar of every staff member, every manager, every IT associate, and and every board member.
When it comes to the future of cyber security and safety, every one will be responsible for ensuring its success!
This article was written after an interview with Daniel Crnkovic. Listen to the full interview on our podcast: