 |
| Concept art on cybersecurity generated by dream by WOMBO. |
"Businesses have been struggling to fend off cyberattacks as they grow in intensity and sophistication over the past few years. This year, the discipline and the rigour of cybersecurity need to be tightened up. Businesses will need to approach cybersecurity with more specific strategies and can no longer look at cybersecurity as just a checklist," noted Alvin Rodrigues, Field Chief Security Officer, Asia Pacific, Infoblox.
Said Candid Wüest, Acronis VP of Cyber Protection Research: “Organisations must prioritise all-encompassing solutions when looking to mitigate phishing and other hacking attempts in the new year. Attackers are constantly evolving their methods, now using common security tools against us – like multifactor authentication (MFA) that many companies rely on to protect their employees and businesses.”
"If there’s anything that can be learnt from the past couple of years, it is that cyberthreats will not go away. In fact, threats will continue to evolve and become more sophisticated. With the current developments in quantum and nanocomputing, it is only a matter of time before cyberthreat actors tap on newer, more advanced technologies to launch even more sophisticated attacks," said Daniel Tan of Commvault.
"Organisations should start planning how they can mitigate new attack methods now, they will require tools (such as anomaly detection, immutable backups, air gaps, zero-trust principles, and data isolation support) to protect and measure their recovery readiness state continually. For a data secured future, organisations need a layered approach encompassing multiple security tools, resources, controls, best practices, and strategies. Businesses will also be looking to improved technologies in cyber deception, artificial intelligence (AI) and machine learning (ML) to better predict and mitigate threat attackers’ next moves."
Some of the cyberdefences we have include:
Going proactive
According to Commvault's Tan, organisations must take a more proactive approach towards cybersecurity. "Data protection starts before your data is compromised, reducing an organization’s surface attack with zero-day threats and new technology before data leakage, encryption and exfiltration will become a business priority in 2023," he said.
"Cyber deception for instance provides an early warning with the deployment of decoys to proactively bait bad actors into engaging fake resources, spot threats in production environments, and arm businesses with tools to keep data safe."
Identity and access management (IAM)
Digital identities such as Internet of Things (IoT) devices, robotic process automation devices, and more are expected to fuel growth of the digital economy in the Asia Pacific region (APAC), but their growth will also pose an increased threat that makes AI-driven identity management a priority, said Chern-Yue Boey, Senior VP, Asia Pacific, SailPoint.
"With the number of digital identities only set to increase, it will simply prove too risky for organisations to offer access to employees without first bolstering each access point with clear identity security controls. This will require businesses to sunset manual processes and move towards automation-led identity security solutions that provide 360-degree visibility, detection, and remediation, so they can stay ahead of the threat curve with confidence," he said.
"The demands of a hyper-digital APAC landscape will thus see businesses recalibrate their identity security strategies to adopt AI and ML-based identity tools. However, it will also require businesses to ensure that these tools are employed while having undergirding centralised identity security that extends across the IT infrastructure in a holistic manner. The inverse – piecemeal adoption of IAM tools – would simply unlock gangways for attackers to compromise systems.
"Additionally, with recession worries looming over businesses, AI/ML identity solutions will prove business-essential on the cost front. By automating the discovery and remediation of anomalous identities and high-risk access permissions, businesses can look forward to cutting operational costs for IAM by up to 30%; reducing data breach costs by up to 80%; and enhancing overall user productivity with savings of up to 11,000 hours, and more. Ultimately, looking beyond adopting AI-based identity solutions for compliance, an AI-driven identity security approach can be a vital business enabler."
Boey also said that identity solutions need to be adopted in the cloud. "As reliance on cloud-based services and applications grow, businesses will increasingly need to ensure identity security solutions are integrated even in cloud environments. This will be a crucial step forward for business in APAC, especially since only 14% of businesses have been revealed to have mature identity programmes that includes identity security integration across environments. With that, we will see businesses look towards software-as-a-service (SaaS) identity security solutions for both the effective deployment and scaling of their identity governance programmes.
"Such solutions will not only provide organisations with the necessary flexibility, enhanced security, and automation, but also reduce workforce disruption, provide cost savings, and drive value within a shorter time. More importantly, a cloud-based SaaS solution empowers businesses with the agility to innovate quickly to plug any apparent gaps which will be critical in mitigating digital threats."
Outsourcing
Garcia highlighted that leaner workforces can have security implications. "Inflation and economic uncertainty have led to layoffs of staff and cutbacks in budgets. The resulting decrease in institutional knowledge will have delayed onset impacts on security, and it will be challenging to identify where capacities are lacking before systems break down or the need for migrations arises," he said.
"This may give rise to new operating service models. Companies that have decided to divest in certain areas may choose to adopt a more flexible service model, and organisations that used to employ three to four database administrators may move to a managed service model."
Managed services are an option when there is a shortage of cybersecurity skills as well. "According to the (ISC)² 2022 Cybersecurity Workforce Study, there’s a global cybersecurity workforce gap of 3.4 million people. As a result, organisations will look to MSSPs and GSIs to fill this gap. The benefit for organisations leveraging MSSPs is that they provide 24 x 7 x 365 expert monitoring without the need for additional staffing. As for GSIs, they can help organisations manage the complexity inherent with cybersecurity and solve business challenges through implementation services," said Michael Rogers, VP, global business development, channel and alliances, CrowdStrike.
MSSP stands for managed security service provider, and GSI for global system integrator.
Rashish Pandey, VP of Marketing and Communications, Fortinet Asia, also suggested outsourcing. "To effectively defend against (cyberattacks), organisations need to understand cybercriminals better, what motivates them, their tools and tactics, and how they act. However given the cyber skills talent shortage, organisations can consider adopting managed services to support the integration of security into the network, and deploying automated response tools in addition to having a cybersecurity mesh platform," he suggested.
Fortiguard Labs echoed Sailpoint's Boey in saying that security solutions should be enhanced with AI/ML to detect attack patterns and stop threats in real time. "However, a collection of point security solutions is not effective in today’s landscape. A broad, integrated, and automated cybersecurity mesh platform is essential for reducing complexity and increasing security resiliency. It can enable tighter integration, improved visibility, and more rapid, coordinated, and effective response to threats across the network," the organisation said.
Automation
Another way to manage a skills shortage is to go for automation, said Rodrigues. "Businesses are expected to turn to technologies like AI to strengthen their threat intelligence. More automation will be applied to areas like network or system monitoring to pick out unusual behaviours so that security professionals can be freed up to attend to issues that require their experience and expertise," he said.
"This can go a long way to minimising fatigue amongst cybersecurity workers. Automation also helps to avoid the adverse scenario whereby cybersecurity workers lower the bar, be less stringent and reduce the number of security alerts from their systems."
Businesses will also be looking for cybersecurity automation that can be integrated into the entire network or IT infrastructure, Rodrigues added, such as systems that can feed threat intelligence information back into the security stack and automatically trigger necessary security actions. "For instance, an automated system can be set to quarantine compromised devices and alert security teams to check into the problem when it detects unusual behaviours," he said.
The IBM Institute for Business Value touched on the use of AI as well as automation as a focus for 2023. "The combination of AI and automation can improve incident discovery and response times," the organisation said in a report titled 5 trends for 2023.
Working together more closely
"Partners (of all types) will work closer than ever to accelerate data normalisation to help organisations defend against adversaries. In 2022, we saw new technology partner alliances come together to achieve this outcome. In 2023, more partners will join these initiatives to make it even simpler and less burdensome for organisations to use and exchange security data in the global fight against cybercrime," said Rogers from CrowdStrike.
Weighing the risks
"The so-called vigilante approach to cyber geopolitics is on the rise. As it gets harder to name the enemy, organisations and governments should move towards ensuring operational stability based on a bespoke understanding of their unique risk profile, rather than a one-size-fits-all approach to cybersecurity," said Tony Jarvis, Director of Enterprise Security, Darktrace, Asia Pacific & Japan.
Integrated network security
Nirav Shah, VP, Products at Fortinet said: "The acceleration of digital transformation, including the transition to the cloud, the rapid adoption of the Internet of Things (IoT) and applications, is replacing the traditional network. The corporate network must keep up with these remote connectivity demands and maintain consistent security everywhere. To do that, businesses must tightly integrate their network infrastructure and security architecture, enabling the network to scale and change without compromising security. This next-generation approach is essential for effectively defending today's highly dynamic environments, providing consistent enforcement across today's highly flexible perimeters, and weaving security deep into the network."
Digital risk protection
Looking for clues about future attack methods will be more important than ever, said FortiGuard Labs, Fortinet's global threat intelligence and research arm. "Digital risk protection (DRP) services are critical for external threat surface assessments, to find and remediate security issues, and to help gain contextual insights on current and imminent threats before an attack takes place," the organisation commented.
Transparent Data Encryption (TDE)
"As data security concerns rise amongst large businesses that have accelerated their cloud journey, especially those in financial services, data encryption will become a best practice," forecast Garcia.
"This feature greatly enhances data security by encrypting data at the database level, giving full control to the database administrators but preventing unauthorised access to customer data. It can aid in safeguarding confidential data and other cloud data assets from accidental exposure and unauthorised access by threat actors lacking the necessary decryption keys. Overall, this helps organisations create a security architecture that mitigates a number of threats that would contribute to a security breach."
Go holistic
"Security organisations will seek to consolidate their tooling and approaches to provide holistic end-to-end perspectives on security and risk. The last few years have been focused on infrastructure as code, shift left, automated integration and deployment, and security orchestration. Vendors have taken up niche footholds in the various areas of these tectonic shifts. The changes to the economic climate, where businesses need to closely evaluate their spending, a slowdown in free-money economics leading to overvalued startups, and decreases in staffing levels, means that the remaining solutions will consolidate," predicted Nick Vigier, CISO, Talend. He echoed Fortiguard Labs' conclusion that point solutions are no longer enough.
He said: "The winners will be the ones that can tell the start-to-end story around platform and product security to enable teams and executives to move quickly and with context. Gone are the days of individual point solutions with practitioners left to put the pieces of the puzzle together. Businesses will need to consolidate their storyline but will ultimately be left with a more consistent understanding of their risks and can then focus on how they make decisions – which will in turn greatly benefit the organisation."
"There is a growing conversation on the benefits of a platform-based approach that integrates a cybersecurity vendor's own offerings with third-party tools. This not only streamlines the user experience but provides defenders with enterprise-wide visibility and telemetry across their growing IT infrastructure, which they will need to map out their attack surface. Organisations that are quick to adopt a platform-based approach will not only see the benefits consolidating their tools but will also be able to catch up to advancing threat groups. Hence, investing in such platforms will put businesses ahead of today’s and tomorrow’s threats," said David Ng, Country Manager, Singapore, Trend Micro.
Build trust
“Digital trust programmes will be one of the highest priorities of business leaders in Asia Pacific. Enterprise businesses must continue to build trust across their digital ecosystems. That means maintaining the integrity and security of all transactions and data, being transparent about data privacy, and complying with regulations," suggested Amitabh Sarkar, Vice President & Head of Asia Pacific and Japan – Enterprise at Tata Communications. "However, achieving this remains a challenge in the face of constantly evolving threats, lack of security skills and stringent data privacy requirements. Furthermore, managing and reducing risk will become even more complicated with remote working and the adoption of 5G and IoT. This evolving landscape requires businesses to deploy an average of over 45 cybersecurity-related tools, increasing the complexity of their security and reducing its effectiveness. CIOs need a partner who can help them manage risks, simplify operational complexity, and ensure all customer data and interactions are secure and handled with trust."
Explore Security in 2023:
Mitigation
No comments:
Post a Comment