printer friendly version

Cyberattacks will not go away

It is an inescapable fact that in today’s digital economy, with digital record storage, every enterprise faces some form of cybercrime threat. So it is no longer a matter of ‘if’ it happens, it is a matter of ‘when’.

Andrea Lodolo.

What we have learnt from the past is that hacking is becoming a lucrative business and we can only expect this phenomenon to continue to grow with cybercriminals looking for more new and innovative ways to attack companies.

So what can businesses do to protect themselves and their data, especially in the face of increasingly stringent governance regulations coming into force? Internal policies and procedures can only take you so far, and simply cannot be enforced without the appropriate technology. We keep hearing about frictionless security where security technologies are enforced, but at the same time trying to minimise the impact on users, be they internal or external.

I believe that companies have to take security more seriously and implement technology more effectively and stringently. The corporate practice of permitting unlimited access to technical people needs to be curtailed. As we have also seen, more hacks are taking place through development environments which are typically less secure than production. Here too, corporates need to implement technology on a wider scale to close all the potential gaps in their environments.

I also think we may see some pull back from the rush we have witnessed of seeing companies moving to the cloud. With so many high profile companies being breached, including cloud providers, corporates may be a little more wary to move sensitive data to the cloud.

Another trend gaining momentum in the industry is with companies creating code for applications and having a requirement to create secure code. It is becoming paramount to ensure that code is tested for potential breaches before it goes into production, and companies like Veracode are spearheading these efforts. They scan code to identify areas of potential security weakness.

Finally, I also think that blockchain will start to become a major player. It is not in itself a security solution, but the principles of how it is used and implemented may mean it could be less susceptible to the amount of traditional security measures required in systems we use today, especially in financial implementations. Many companies are scrambling to build blockchain-based systems due to the fact that it can potentially increase security across three areas, namely: reduction in identity theft, prevention of data tampering, and negating ‘denial of service’ attacks.

Although these won’t be mainstream for the next couple of years, the trend towards blockchain is accelerating rapidly and many believe this will be the next technology wave, and could well have a bigger influence than the Internet itself.

Share this article:

Further reading: