This major gap in the cybersecurity skills problem lies in the disconnect between the perception and reality of security preparedness. While many Chief Information Security Officers believe their security, processes are optimized – and their security tools are effective – we believe that their security readiness likely needs improvement. This disconnect, along with rapidly evolving regulatory requirements and networking technology, further widens the cybersecurity skills gap. Matters don’t get easier if you throw Internet of Things into the mix. As the IoT gains more traction, the lack of basic security standards in IoT devices will exacerbate the security skills gap.
Human error is a major cause of concern especially in the workplace. A UAE workplace security research conducted by Cisco and GBM showed employee behavior is a genuine weak link in cyber security and becoming an increasing source of risk – more through complacency and ignorance than malice – because companies have so insulated employees from the scale of daily threats that people expect the company’s security settings to take care of everything for them.
The threat landscape is growing and changing quickly. As businesses transform into digital organizations, the threat landscape can change dramatically. For example, as companies gather, analyse and transmit massive amounts of IoT data, their risk exposure spreads across new devices, sensors, networks and other vectors. The technology is evolving so quickly that these devices can have multiple vulnerabilities. Likewise, the rapid integration of cloud computing and mobile computing solutions create new challenges as the valuable data and services depend on a broader ecosystem of providers, devices and technology.
In this new digital era, data is one of the most critical assets that any organization has, and we need to start thinking of it relative to its importance to our future. As technology connects everything, the amount of data generated is growing exponentially – and it’s only going to increase. With the growth of digitization, professional attackers are also seeing the monetary opportunity to exploit the digital expansion.
Cyberattacks are becoming more sophisticated and targeted. If you look at recent data breaches, one thing that stands out is the layout of those networks. To keep up with business demand, most companies with large networks overlook most aspects of security, at times rendering their networks virtually flat. Additionally, most organizations have limited traffic visibility and lack properly defined segmentation policies. These data breaches demonstrate that once malicious actors have penetrated your perimeter defenses, they can roam freely in your network. As part of their reconnaissance activity, they try to determine ways to access critical resources and data. If a network is flat and users are able to access any resource with only limited security controls in place, such as authentication or IP-based access-control lists, then there is very little work an attacker needs to do to exploit those gaps.
As more devices are connected to the Internet, the attack surface is larger, with more points of peril. Securing the entire ecosystem of devices, applications, users, and systems will be critically important to ensuring that only authorized data is being exchanged among different entities. Before devices can interact with each other or with humans, identifying them, building trust between devices, and creating a session context will be at the core of any secure architecture.
There is an increasing complexity of the security landscape – a typical enterprise has 30 to 40 different security vendor products in its network. Additionally, there is the changing nature of cyber-attacks. Attacks are being generated not just by individual hackers, but by well-funded organizations. The commercialization of hacking is resulting in exploits that are more frequent, better financed, more sophisticated and more damaging. While IoT has created a wealth of new opportunities, with more and new device types connecting to the extended network, it’s also given cyber criminals new and unforeseen ways to gain access to systems and information. There is also a need to protect all aspects of IT – not just addressing how we engineer the network infrastructure, but also being able to monitor, identify, isolate and proactively mitigate threats.
The very networks and technological advances that organizations depend on for their businesses to run efficiently expose them to attacks. That is why organizations need to start exploring a shift from merely focusing on cybersecurity controls—which protect computers, networks, programs and data—to cyber resilient architectures to protect their organizations and products. If an attack penetrates a cyber-resilient system within an organization, that system is able to continue to conduct mission-critical processing in a manner that preserves the confidentiality, integrity and availability of the data.