The ever-changing cybersecurity strategy - how to get it right?
By Nilesh Jain, Vice President of SEA and India, Trend Micro
The cybersecurity landscape is closely interwoven with the ever-changing tech landscape. Advancements in technology must be equally reflected in cybersecurity. With increased adoption of cloud technologies, IoT, and connected systems, just to name a few, it is critical that enterprises and governments have a strong cybersecurity strategy in place. Not only do security breaches disrupt lives, they are also an expensive affair. According to Ponemon Institute, the average cost of a data breach was US$3.86 million globally in 2018, up from US$3.62 million last year.
At this year’s CLOUDSEC security event held by Trend Micro in Singapore, industry experts got together and discussed the security challenges that keep them up at night – and how to mitigate them. We summarized three key takeaways:
Point solutions are being replaced by integrated solutions
Best-of-breed point solutions are no longer relevant today, especially when these security programmes are unable to talk to each other. According to a survey conducted by Morgan Stanley, Chief Information Officers (CIOs) had bought or intended to purchase more than 15 different security technologies. While the interest and increased spending in cybersecurity are encouraging for the industry, a suite of point solutions can create a humongous and bloated security portfolio with little integration between security controls.
"Creating a strong balance by incorporating an innovative digital layer into the proven elements of a system can certainly give disaster recovery a major boost"
This bloat can add unnecessary friction to the security operations and may create blind spots that hackers are able to exploit. Today, integration capabilities are necessary when choosing a security vendor. Providing a level of consistency and collaboration, these connected solutions can detect, respond promptly, mitigate threats and give full visibility across all security layers.
DevSecOps is getting more popular
Discussed extensively during CLOUDSEC was the DevOps movement, which is now widespread in Singapore with seven out of ten enterprises adopting the practice, according to CA Technologies. Despite its swift adoption, many security and compliance monitoring tools have yet to keep up with its fast deployment, leading to security becoming the biggest missing piece.
The DevSecOps workflow emerged to provide security early in the development cycle, or “move the security to the left”, as we say in the industry. But DevSecOps is constantly changing too. For example, the rise of containers is making DevSecOps more challenging; as many developers tend to grab containers from registries without checking vulnerabilities.
To counteract this, we have recently added the capability of continuously scanning container images into our software, to ensure that security issues – such as malware or vulnerabilities – can be resolved in the development cycle as opposed to after the application is released.
OT and IT environments are merging
Back in 2011, Gartner predicted a merge of operational technology (OT) and information technology (IT). Moreover, due to the increased adoption of IoT devices, connected systems, and human-machine interfaces used for manufacturing and production, this merge has become a reality today. Over the course of years, IT had achieved a certain degree of cyber security maturity; however, the same cannot be said for OT, as it’s still relatively new.
Organisations need to be aware of the cyber risks that will be a direct result of this increased convergence of OT and IT, and need to be more proactive in strengthening their cyber security. And as OT and IoT open new avenues for attacks, security for OT must be addressed more urgently as any attack on OT impact your entire network and connected devices.
A joint report by Ponemon Institute and the Shared Assessments Programme revealed that over 81 percent of professionals in corporate governance felt that a serious breach would likely occur in the next two years, due to an unsecured IoT device.
While we usually associate IoT in business with the industry and manufacturing environment, we also need to consider the cybersecurity aspects of consumer IoT. So far, maturity levels in this area are still low, despite an ever-increasing awareness of potential threats. Companies need to take the right steps to arm themselves against IoT cyberattacks.
The future of security: a never-ending journey
As the modern threat landscape continues to evolve, so should one’s cybersecurity approach and strategy. With more interconnected devices and interactions over insecure networks, companies need to have a simplified but strong approach to security. The below four-point security lifecycle approach is designed to specially address security overview of today’s organisations:
• Detect: Identity potential vulnerabilities attempting to exploit the database
• Prevent: Stop threats from breaching the system, and protect precious user data
• Respond: Provide the appropriate response to the threat
• Analyze: Assess the potential risks surrounding the security environment
There is no one-size-fits-all strategy for cybersecurity, it is an endless process of trying to get ahead of the next threat or exploit. As John Kelmens, the Technical Director of Telos Corp. once said:”There’s no perfect security, and security isn’t an endpoint – it’s a never-ending journey.”