Your One-Stop Guide to Cyber Security Trends and Challenges
In the previous blog “Know Thy Enemy – Most Common Types of Malware & Password Attacks”, we talked about the different types of malware and password Attacks that can target your business. In this blog, we will delve further into the issue and discuss the emerging trends and challenges in cyber security.
The growing role of artificial intelligence (AI)
In the last decade, a bunch of evolving and emerging technologies have come together to revolutionize the way communication and networking works and paved the path for industry 4.0. Each of these technologies have opened up vistas of new business and social value opportunities, but I’ve also contributed to making security issues a lot more challenging to address. With our lives quite literally run by data and digital tools, these security threats pose a much greater danger than most of us even realize. As our technical prowess has improved, the tools and techniques of cybercrime have evolved as well. Criminals can now target any system in any part of the world sitting in their home and virtually any system connected to the Internet can become a victim. With rising success rates, criminals now have the audacity to target even the most secure corporations, financial institutions, private and public organizations, including attacks targeting entire governments and essential utilities. In order to stem the barrage of identity theft, financial loss, data breaches and more, companies and governments have come together to make a concerted attempt at developing AI tools and machine learning defense techniques capable of self-learning and evolution. These can help enterprises stay ahead of threats through timely prevention and/ or mitigation.
Applications of AI in cybersecurity:
Phishing Detection, Prevention and Mitigation
Phishing attacks have become the most common delivery mechanism for the range of devastating cyber-attacks targeting individuals and organizations. Recent data suggests that one in every 99 emails contain a phishing attack. As a response, organizations are increasingly employing AI and ML to identify and track more than 10,000 active phishing sources and respond to threats faster than human intervention. As the tools learn and evolve, AI and ML will be able to comprehend the different types of phishing campaigns and respond faster to prevent and mitigate attacks before they have a chance to put a dent in your organization’s defense posture.
Password authentication continues to be widely popular despite the vulnerabilities arising from poor password hygiene and data breaches. Even innovations like biometric authentication are vulnerable and can be hacked. Developers are now concentrating on AI tools and techniques that make biometric authentication (body measurements and other physical human characteristics) more secure and accurate. Apple’s ‘Face ID’ is a prominent example of this kind of technology. It makes use of infra-red sensors and neural engines that develop sophisticated models of the user’s face and is capable of recognizing the user in different lighting and even physical changes, such as a different hairstyle or wearing a mask or a hat.
Determining the right security policy for your enterprise network and mapping the organization’s network topography are time-consuming processes that are central to network security. AI tools are capable of significantly improving the speed of these processes through the observation and study of network traffic patterns and recommending relevant policies. This also plays a major role in freeing up the valuable time of security personnel who can then focus on other technological developments.
Traditionally, security systems have been designed to react to security threats. Unfortunately, with evolving cybercrime techniques, the reactive process is just too slow to keep up with the threats. Security systems that make use of AI and ML proactively monitor all possible vulnerabilities in an organization’s network and are able to detect and prevent threats before they can touch the defenses. Cloud Security Solution can also go a long way in addressing vulnerability management.
Machine learning can leverage data gathered over time to create highly accurate user behavior patterns. If the user deviates from routine activities, the AI algorithm can kick in to flag and closely monitor suspicious activities. These can include anything from large purchases or financial transactions, a flurry of document downloads, accessing archives or other sensitive information, and even a sudden change in typing speed. The mechanism is advanced enough that it can even cut off the user from the network, if required.
The cyber security skills gap continues to grow
While the evolution of a range of technologies capable of defending organizations better from cyber-attacks is definitely something to be celebrated, the process continues to suffer from a striking cyber security skills gap. This has now become so entrenched that Forbes says that companies are being hindered from exploiting new opportunities. Data gathered over the last four years indicates that on average 70% of cybersecurity professionals agree that their organization is being significantly impeded by the cybersecurity skills shortage. Only 7% of cybersecurity professionals claim that their organization has improved its position relative to the cybersecurity skills shortage over the past few years with 45% claiming that things may have gotten worse while 48% believe in the status quo.
Rising cost of breaches
The skills shortage is adding to the vulnerabilities created by the remote work environments companies have been forced to adopt for the last year or so. These are traditionally more prone to breaches and in a recent report, IBM found that the shift to remote work led to more expensive data breaches that cost over $1 million more on average.
Unsurprisingly, data breaches in health care were the most expensive at $9.23 million, with the financial sector ($5.72 million) and pharmaceuticals ($5.04 million) following closely behind. Sectors like retail, media, hospitality, and the public sector also witnessed significantly higher costs compared to the previous year.
IBM agreed that security approaches empowered by AI, security analytics, and encryption significantly lowered costs with average savings for large companies ranging from $1.25 million to $1.49 million. Data breach costs were also reduced with hybrid cloud ($3.61 million) compared with cloud ($4.80 million) and private cloud ($4.55 million). Companies that employed zero trust strategies had, on average, reduced their costs by as much as $1.76 million compared to peers.
Key steps to improving cyber security posture for businesses:
Offer on-the-job training
Employees are the core complement of any security strategy. You need to empower them with the tools necessary for building needed security skill sets. Pay close attention to training processes and continuously evaluate and evolve to stay in sync with evolving threats and changing work environments.
Have a practice lab
Entry-level employees are often only trained for defensive cyber security. In order to improve their skill sets in offensive cybersecurity, you need to provide an environment (a practice lab) where they can focus on both breaking and fixing systems.
Connect with local universities
The skill gap is not going to disappear without active involvement from the industry. This means companies proactively looking for opportunities to share feedback on cybersecurity curriculum or holding positions on school boards. Organizations need to be involved at the grassroots in order to shape school curriculums that are actually capable of meeting industry skill demands.
Creating a culture of curiosity that fosters employee growth can go a long way in empowering employees to understand the industry better and even improve retention rates.
Vehicle hacking and Internet of Things (IoT) threats
Data from Fortune Business Insights shows that connected technologies and vehicles are on a healthy growth trajectory, with the connected car market predicted to grow to $48.77 billion by 2027. But cyber security risks remain rampant. According to a recent report by Cyber Survey, 37% of respondents were somewhat or very concerned about the cybersecurity and safety of connected cars. Another survey by Kelley Blue Book showed that 62% of U.S. consumers think connected cars will be hacked, even though interest in connected cars remained strong with 42% of respondents saying they want cars to be more connected (including 60% millennials).
Connected car technologies made the most use of Bluetooth (53%) followed by navigation systems (42%) and vehicle safety sensors (39%). Strikingly, another survey revealed that 51% of respondents either didn’t know or were unsure of what personal data is stored in their auto’s entertainment systems.
While advancements in the automotive industry have been laser focused on smart vehicles, feature-rich OS have also acted to drastically expand the attack surface and platform-specific vulnerabilities are on the rise. User behaviors like customizing existing systems in order to install additional functionality has also served to make specific vehicular systems more vulnerable. Other threats include:
Vehicle hacks that are not limited to on-the-road vulnerabilities
Security vulnerabilities of smart vehicles are not limited to what is onboard. There are various other ways to collect data. Telematics businesses are a relevant example for this. These combine GPS technologies with advanced sensors to track multiple parameters such as speed, idling time, breaking and turning habits and more. As dynamic billing captures fixed expenditures, such as a device, and usage – telematics businesses can make a business opportunity out of changing invoices regularly. However, billing platforms are often targeted by hackers for sensitive information such as customer and financial data. In order to stay safe businesses should look for recurring billing platforms that are PCI Level 1 compliant.
Challenges in mobile device management and security
Use of personal devices to access corporate data
At most organizations, especially with the culture of remote work, it is common practice for employees to regularly use their personal devices to access corporate data hosted on cloud systems such as Cloud Direct Connect. Unfortunately, most employees fail to observe the same kind of stringent security practices on personal devices as they do on office systems. This leads to very high security vulnerabilities and cybersecurity challenges. These devices can serve as an entry point for malware and viruses trying to gain illicit access to corporate networks. Also once a system is affected, it becomes easy for it to infect other systems on the network.
Using public or other insecure Wi-Fi to access business networks
Your employees may not even realize the dangers that come from accessing business networks through public ‘free’ Wi-Fi such as those found in coffee shops or public libraries. This leaves business networks open to attacks from hackers using an insecure Wi-Fi connection to exploit vulnerabilities, gain access to the network and commit data or credentials theft.
Unsafe operating systems
A huge number of mobile devices are not updated regularly with operating system releases. This leads to vulnerabilities in mobile device security. These devices become vulnerable to security threats that are patched in the later versions.
With devices increasing in numbers and decreasing in size, portable devices can be easily lost or stolen. Unfortunately, physical misplacement of mobile devices also leads to complete loss of control of the data stored on that device or accessed using it. This is why it’s critical for organizations to have the ability to encrypt corporate data, and remotely lock and wipe employee devices.
Lack of monitoring
Monitoring and management of mobile devices is inherently challenging. The large number of mobile devices used to connect to corporate networks also makes this more difficult. Hackers always try to cover their tracks, and spotting anomalies in such a complicated environment isn’t easy. This is why it’s imperative for organizations to invest in the right mobile device management solutions.