For many businesses, the exposure to threats and risks related to cyber security is getting bigger day by day. Data is sacrosanct for every organization. The traditional cybersecurity measures are not evolving fast enough to cope with the onslaught of new age cyber threats and cyber attacks. Organizations must look beyond the traditionally available IT security approach and look for ways to incorporate intelligent analytics such as Big data and others into their cyber security and information security strategy.
Many companies view cybers ecurity from a technical point of view rather a business point of view. As a result, more often than not, these companies get the wrong idea about how to construct a cybersecurity model. According to a study, “nearly 80% of top-level executives surveyed report that their organizations can’t keep up with the attackers increasing population”. The study also shows that only 5% of the surveyed organizations have some form of a mature cybersecurity infrastructure in place.
According to Symantec’s latest Internet Security Threat Report (ISTR24 dated 19 Feb, 2019), the situation is far from over. Their key findings include the following:
- Formjacking attacks over 4800 unique websites every month.
- Powershell scripts has increased by 1000%!! Supply chain attacks have grown by 78%.
- Modern IoT devices have become favorites where they can destroy a device, steal credentials, and interrupt communications.
- 1/3rd of top ten targeted attack groups now use malware to disrupt and destroy business ops. This has increased by 25% since 2017.
- Attackers today use tested tactics including spear-phising, hijacking legitimate tools, and malicious e-mail attachments.
- Enterprise ransomware has jumped by 12% since 2017.
- Cloud resources have become easy targets. Over 70 million records have been stolen or leaked.
- Attackers today show interest in compromising operational and industrial control systems with the objective of sabotaging operations.
This overwhelming situation demands a new perspective on how we view security. Mckinsey came up with a model called Digital Resilience. As per the model, the companies should design custom applications and build business processes and technology architectures keeping cybersecurity as the nucleus. In other words, traditional methods of viewing security in silos are now obsolete. The focus should now be on how these individual processes like intrusion detection, I&AM, data protection, incident response, and the like combine to protect important information.
As shown in the model, cyber security will become more prominent with the passage of time.
Can Analytics Help?
Now let’s look at ways on how analytics can help you build a strong cybersecurity model. Today, companies have a large amount of data, be it operational or historical. To deal with huge databases, Big Data comes into play.
According to Cloud Times contributor, Saroj Kar, “Big data analytics will play a crucial role in detecting crime and security infractions. Big data analytics enables enterprises to combine and correlate external and internal information to see a bigger picture of threats against their enterprises.”
Kar said information needed to uncover security events loses value over time, and timely intelligent data analysis is critical as criminals move much more quickly to commit their crimes. For example, a year or two ago, hackers would look around, conduct extensive cyber espionage on their targets, and then go in for the kill — whether it was for money or information. Now, hackers — aware of more-effective security and fraud prevention measures erected by their target victim enterprises — simply go directly to the theft without a drawn-out reconnaissance phase.
Maturity level of companies’s overall Cyber Risk management on a scale of 1:4, with 4 being strongest.
The Digital Resilience Model
The 2018 CyberSecurity Risk In Picture
Click on the image below to get a quick idea of the risks and its growth between 2017 and 2018. The Infographic is courtesy of Symantec Corporation and is owned by them.
Big Data & Changing Scenario
Going forward, big data will have an impact that will change most of the product categories in the field of computer security. In an article titled, ‘Network Security in Big Data: Tools and Techniques’, Pushpak Verma, Tej Bahadur Chandra, and A.K. Dwivedi include ‘solutions, network monitoring, authentication and authorization of users, identity management fraud detection, and systems of governance, risk and compliance’ in the categories. Moving on, they said, “Big data will also change the nature of the security controls as conventional firewalls, anti-malware and data loss prevention. In the coming years, the tools of data analysis will evolve further to enable a number of advanced predictive capabilities and automated controls in real time.”
Gartner feels organizations should align the security capabilities in a holistic cyber security strategy tailored to the threats and the risks specific to the demands of the organization. Big data requires the collection of information from various sources and in different formats. A logical target is to have a single architecture to collect, index, normalize, analyze and share all the information. Organization should look to profile accounts, users, or, other entities, and look for anomalous transactions against those profiles.
The Way Forward
Organizations have to make continued investments in computer security and data security products that are flexible, dynamic and heuristic. Static signature-based tools just do not have the bandwidth to deal with new threats.
Though security solutions seem to well prepared, internal teams within organizations are still lethargic. They have not updated their knowledge on either modern computing techniques, the tools, nor the enormity of something like Big Data and Block Chain. Data scientists with specialization in security are rare and in high demand.
As a result, it is likely that many organizations will turn to external partners to compensate for the lack of internal skills.
Sosaley Technologies is a growing company leading in the development of firmware, embedded systems, and other automation hardware and software. Sosaley is led by industry veterans who have pioneered software development in India, and have worked with companies such as Juniper Networks, Citibank, and many other Fortune 500 companies.
Sosaley is working with leading companies in India and elsewhere in multiple domains. Click here to read more about Sosaley Technologies.