 |
| Lakhani. |
Fortinet's Global Security Strategist Aamir Lakhani says the days of vendors using malware signatures to identify malware are over as attackers morph malware into new forms quicker than the technology can keep up. The new breed of ransomware such as Petya and Wannacry are cases in point, Lakhani said at the RSA Conference 2017 Asia Pacific & Japan, as they are more 'ransomworms' - ransomware exhibiting worm-like behaviour to spread quickly.
"These days (Fortinet) is more of a data science and artificial intelligence (AI) company than a security company," he observed. The key differentiator between cybersecurity companies using AI will come down to the quality and quantity of the datasets used to train the AI, and Fortinet is well placed to compete, he said.
"We have information from the last 20 years. We have one of the largest threat databases, so we can always continously make sure our systems are learning all the time... because we get so much more malware, we know how it affects the power, consumption, the CPU," he said.
The Asia Pacific region is at particular risk for malware because of the big push towards digital transformation. Digital transformation has increased the attack surface tremendously for threat actors, added Fortinet's Chief Security Strategist for Asia Pacific, Alvin Rodrigues. "Asian companies looking at digital transformation or reformation of their businesses need to keep in mind the need for security. Some proceed with their business venture first and security second. The two need to be in step and aligned with business changes," he said.
Network-based attacks are also more common
in Asia compared to other parts of the world, which see more
sophisticated app and web-based attacks, Lakhani noted. The many open
hot spots in Asia are open to both man-in-the middle and
encryption-based attacks.
"You need to have processes in place to make the attack difficult."
What's common across all networks, is that email is the No. 1 way of attacking a network, Lakhani said, while another commonly seen attack method is to disconnect people from VPNs by overwhelming them with traffic. Most people will naturally just connect to the network directly to get their work done instead, leading to malware taking root, Lakhani explained. "You could be doing WhatsApp and the attacker is just getting your banking information," he said.
Lakhani observed that people tend to let their guard down with new technology, such as around Blockchain which has seen a lot of interest in Asia. "People don't think about all the attacks you can do against Blockchain.
They think about this app, they think it's very cool and say 'we want to do Blockchain'. Sometimes you have to build something before you understand how it will work but you have to think about attackers."
Fortinet advocates organisations adopt cyberresiliency as a strategy in a four-phase cycle: prepare, protect, respond, and learn. "The organisation needs to do a deep-down assessment on what is their value creation process and set up the necessary protection for that against this sort of attack," Rodrigues said.
"You need sufficient protection around your crown jewels to slow down the attack so you can defend yourself."
Fortinet's argument is a simple weighing of pros and cons. If it costs attackers less money than it would to reap returns they will continue to do it, whereas if it costs them more than the projected returns they are unlikely to proceed.
"What is really important is to hunker down and do the due diligence, penetration tests, ask if the boardroom is doing the neccessary," Rodrigues said. "Look at technology that's suitable and aligned to the business; protect the right crown jewels; and ensure that people are part of the entire defense chain."
Rodrigues also spoke of working with business analysts as part of the security strategy, as the analyst is the person who can easily predict the impact of a particular server being compromised. "Depending on what applications are on the server, they can look at mitigating
service disruptions to minimise customer (inconvenience)," he said.
Fortinet advocates organisations adopt cyberresiliency as a strategy in a four-phase cycle: prepare, protect, respond, and learn. "The organisation needs to do a deep-down assessment on what is their value creation process and set up the necessary protection for that against this sort of attack," Rodrigues said.
"You need sufficient protection around your crown jewels to slow down the attack so you can defend yourself."
Fortinet's argument is a simple weighing of pros and cons. If it costs attackers less money than it would to reap returns they will continue to do it, whereas if it costs them more than the projected returns they are unlikely to proceed.
"What is really important is to hunker down and do the due diligence, penetration tests, ask if the boardroom is doing the neccessary," Rodrigues said. "Look at technology that's suitable and aligned to the business; protect the right crown jewels; and ensure that people are part of the entire defense chain."
In the future, Rodrigues predicts that brands which demonstrate commitment to protecting customer data are the ones which customers will prefer to support. "We know about ransomware because it's
high-publicity, but people tend to keep advanced persistent threat (APT) attacks quiet as they don't want to shake
the confidence of customers. Now there are regulations about needing to report attacks. In time to come,
(customers will ask) 'did you do due diligence to protect my asset that I've entrusted to you?'. That's a compelling advantage on why they should want to do business with you."
Though the security landscape continues to be volatile and unpredictable, Lakhani said it is a more hopeful time than ever before as people begin to realise the importance of cybersecurity. "We're
having this conversation and we've never had this before. (There's) light at the end of the tunnel," he said.
No comments:
Post a Comment