The best way to polish up the old crystal ball and see into the future is to use the exact science of hindsight – especially when it comes to cybersecurity and risk predictions. However, looking backwards and then pronouncing what should have happened is far easier than getting predictions for 2020’s cyber risks right.
Having said that, trends of recent years do have a pattern. One thing is for certain, threats are more sophisticated by the day and increasing in intensity.
Utilities will continue to be a target
In July of this year City Power, owned by the City of Johannesburg, announced a major ransomware attack* that shut down its IT systems, encrypted its databases, applications and network, leaving an estimated quarter of a million people affected.
One global example of an attack on a utility is that of the cyberattack reported on the US grid that created blind spots at a grid control centre and several small power generation sites in the western United States**. It is worthy of note because a report posted by the North American Electric Reliability Corporation (NERC) advised: “Have as few Internet facing devices as possible.” This is no mean feat in the age of IoT.
It should be noted that in many cases, critical power and water distribution infrastructure use older technologies that are vulnerable to remote exploitation because upgrading them can mean service interruptions and downtime. SA utilities will need to look at radically strengthening cyber defences around critical infrastructure.
IoT; exponential data volumes
The US NERC warning might not seem possible to heed in the midst of technology advances and the attractions of Internet facing devices, but the fact of the matter is that the more IoT devices there are, the greater the risks.
As 5G networks roll out, the use of connected IoT devices will accelerate dramatically and will massively increase networks’ vulnerability to large-scale, multi-vector Gen V cyberattacks. IoT devices and their connections to networks and clouds are still a weak link in security. It’s hard to get visibility of devices, and they have complex security requirements.
We need a more holistic approach to IoT security, with a combination of traditional and new controls to protect these ever-growing networks across all industry and business sectors. The new generation of security will be based on nano security agents such as micro-plugins that can work with any device or operating system in any environment, controlling all data that flows to and from the device, and delivering always-on security.
The bandwidth that 5 G enables will drive an explosion in the numbers of connected devices and sensors. eHealth applications will collect data about users’ wellbeing, connected car services will monitor users’ movements, and smart city applications will collect information about how users live their lives. This ever-growing volume of personal data will need to be protected against breaches and theft.
Artificial intelligence (AI)
AI will accelerate security responses – most security solutions are based on detection engines built on human logic, but keeping this up to date against the latest threats and across new technologies and devices is impossible to do manually. AI dramatically accelerates identification of new threats and responses to them, helping to block attacks before they can spread widely. However, cybercriminals are also starting to take advantage of the same techniques to help them probe networks, find vulnerabilities and develop ever more evasive malware.
Security at the speed of DevOps
The commercial world is already running the majority of its workloads in the cloud, but the level of understanding about securing the cloud remains low, and security is often an afterthought with cloud deployments because traditional security measures can inhibit business agility. Security solutions need to evolve to a new paradigm of flexible, cloud-based, resilient architectures that deliver scalable security services at the speed of DevOps (DevOps is a set of practices that combines software development (Dev) and information-technology operations (Ops) which aims to shorten the systems development life cycle and provide continuous delivery with high software quality – Wikipedia.).
A rethink on cloud is required
Enterprises need to rethink the approach to cloud. Increasing reliance on public cloud infrastructure increases exposure to the risk of outages, such as the Google Cloud outage in March this year. This will drive companies to look at their existing data centre and cloud deployments and consider hybrid environments comprising both private and public clouds.
Today’s hyper-connected world creates growing opportunities for both businesses and cyber criminals, and every IT environment is a potential target: on-premise networks, cloud, mobile, and IoT devices. However, forewarned is forearmed: using advanced threat intelligence to power unified security architectures, businesses of all sizes can do much to protect themselves.
© Technews Publishing (Pty) Ltd | All Rights Reserved