In today’s world of acute hyperconnectivity, the presence of unprecedented threats and attacks on surface areas often appears unavoidable. However, there are best practices that businesses and consumers can adopt to navigate this digital now and what security measures need to be developed?
To understand more, Digital Journal spoke with Myla Pilao, Director, Technical Marketing at Trend Micro.
Digital Journal: What are the main cyber-risks in today’s connected world?
Myla Pilao: As enterprises continue on their journey toward digital transformation, cyber-risks can form in the gaps of their security measures. This can occur because they were not designed for these ever evolving cyberattacks. Security should be considered as an essential building block as we aim to create more digitally agile enterprises, otherwise businesses would be ill-equipped to handle evolving cyber-risks. Some of the key risks include:
Data Convergence – with volume of different devices and technology that will be connected and communicating will present both opportunities and risks. Consider the massive amount of data exchanges, traffic that will exist, this can present data security risks such data management inventory of what is internal / external, storage ensure proper management, archive and transfer. Compliance and regulations adoptable for managing smart cities/ critical infrastructures. The data feeds when mismanaged can potentially be a room for threat actors to exploit and conduct fraudulent activities such data theft, sabotage.
Expanded Attack Surface – The expansion of a broader attack surfaces come with the potential of expanding the threat vectors across the organization and its infrastructure. Threat actors will take advantage of this combined with the rise of vulnerabilities that might leverage new technologies being implemented and security devices integrated. The combination of new and legacy systems interacting to one another and co existing can also present which can result into integration issues, inconsistency on security policies and standards to follow.
DJ: What are the most common form of cyber-attacks?
Pilao: Vulnerability exploits, data breaches, and ransomware are among the most common and constant forms of cyberattacks. Cybercriminals are experts at pinpointing opportunities and high impact targets, as demonstrated by these three forms of attack. Attacks designed to fly below the radar are an especially challenging part of today’s threat landscape, with cybercriminals utilizing legitimate tools and features for malicious means as seen in the reality of fileless malware.
DJ: Will there be additional vulnerabilities as smart cities develop?
Pilao: Scale multiplies the consequences of vulnerabilities that exist in any one of the thousands of devices and industrial systems that are connected within a smart city. In addition, the myriad of different possible interactions of these devices are based on an intricate web of code and rules, where unforeseen weaknesses could also stem from.
DJ: What types of technologies can be adopted?
Pilao: The hyperconnectivity of today’s world creates both a new space for innovation and an expanded attack surface. Technology that will allow enterprises to broaden visibility over their infrastructure and ability to see what’s happening and the potential threats into their network / system is key. The combination of expert threat intelligence system that can help protect their key assets and help understand the correlation of the attacks across their security layers and be able to determine high priority alerts attack / vector is essential given the volume of alerts.
DJ: What are the key elements for a security strategy for the typical business?
Pilao: These are, first, overall security strategy that aims to provide a comprehensive defense-in-depth framework that can identify, prevent, detect, respond to, recover from and predict the threats of today and tomorrow across the organization and corresponding cyber environment.
Second, security solutions that are purpose-built to their new ecosystem that has the ability to manage all security platforms / devices. Third, rigorous and agile quality inspection and penetration testing to determine security issues from the tools/technologies being integrated
Fourth, threat Intelligence uncover and identify threats, accurate analyze and correlate them using behavioral analysis, heuristic, machine learning and AI; and, fifth, investment on Security Education Awareness and overall elevating the security knowledge and competency of their team.