Cyberattacks have increased in the EMEA region until 2021, with ransomware attacks becoming more prevalent. According to the Unit 42 Threat Report, 1H 2021 Update, the average ransom demand jumped by 518 percent from 2020 to 2021, while the average ransom paid increased by 82 percent.
As communities such as nomoreransom.org have pushed back, we are seeing nations lean in even more to shut down groups and their activities, as well as look at how they may block or intercept the money flow.
One side effect of this evolution is that the term “ransomware” now has an almost amorphous meaning; discussions become muddled as to whether one sees it as traditional ransomware compromising a local device or user, or structural elements and infrastructure being compromised before it even reaches our internal landscapes.
As a result, CISOs must educate and teach their leaders and peers across the organisation about the various sorts of attacks, why they are significant, the various business impacts, and how to strategically design specialised ways to effectively identify and respond.
According to Gartner, by 2022, 90% of mid-sized businesses and 60% of global businesses would use passwordless authentication techniques. Every organisation is currently grappling with an increase in the number of different sets of credentials that each user has, and with these new credentials comes a new level of danger. We will see attacks focusing in two areas as collaboration, SaaS, and cloud adoptions increase due to new flexible methods of working.
To begin with, the obvious targeting of these new credential systems, which could be due to poor user management or the usage of weak passwords. Is the password the same as before? Second, the backend systems will be prioritised. While many people have been using AD, Radius, and other authentication systems for years, many new SaaS tools have their own credential management systems, which are more vulnerable to exploitation because they are new.
Password authentication will gradually be phased out in the future, as businesses seek to reduce their reliance on passwords. It all started with the iPhone, and now we’re witnessing a major rise in the number of consumers and businesses utilizing passwordless authentication solutions like Windows Hello.
Working-from-home enterprise employees are increasingly adopting a greater range of IOT devices – both corporate and personal devices – to access enterprise apps from wherever they are working, indicating that hybrid working is here to stay.
As a result, it’s only natural for cybercriminals to target our home networks. This is especially true because home network controls are often weaker than those on corporate networks. Businesses that have previously restricted laptops, USB ports, personal printers, and a variety of other items would normally be barred. Users increasingly require these capabilities to perform in the hybrid workplace, thus security measures have had to be eased. This bridges the gap between personal and shared family gadgets.
Even if it is switched off for a short time, the business device poses a threat to all other systems connected to the same network; many have likely never been patched, and most are still using their default admin passwords, if they have one at all!
The good news is that, as highlighted in our 2021 IoT Security Report “The Connected Enterprise,” awareness of this topic is growing across the EMEA region, with leaders feeling more confident than ever about having full visibility of IoT devices on their organization’s business network, with 70% completely confident in 2021 versus 58 percent in 2020.
As we become a more connected society, we must consider ways to ensure that cyber education has a longer shelf life in today’s fast-paced digital world. This implies moving away from the “don’t click on this” and “don’t open that” risks of the moment and toward what will be fundamentally sound design and usage principles.
How many people currently work from home, for example? What happens if you allow someone else to use your work device for a little period of time? What if you need to conduct some job but don’t have access to your work device?
As a result, the distinctions between personal and professional life are getting increasingly blurred and complicated, and we are all becoming integration points in our own worlds. We need to start thinking of everyone as a digital innovation point, from the grass roots to the late technological adopters. Let us consider the following questions: What are the fundamental principles of effective information sharing in both our personal and professional lives?
The majority of today’s education concentrates on what should and shouldn’t be done, such as clicking on a dubious link, opening phishing emails, and revealing your password. These are teachings that are now 10-15 years old, and while they are valuable, they do not correlate with current ways of functioning.
So much has changed in business IT in such a short period of time. The pace of change is accelerating, and inconsistencies in security capabilities, particularly in Cloud and SaaS, are posing a challenge to firms where everyone is a CIO.
While DevSecOps is still in its infancy and lacking industry standards, there is no industry “best practise,” CISOs must shift from a tactical to a strategic mindset (the big picture) or risk getting themselves into serious problems by the time the standards do arrive. Getting senior and key stakeholder buy-in on a good cybersecurity strategy for the company is a critical aspect of this strategic mindset shift.
As policies and regulations take shape, businesses must start from the ground up by creating a solid foundation.
The digital world has evolved so much in recent years, and the expectations from cyber security teams have never been greater. More threats and more business processes to secure, go hand in hand with more cyber security capabilities. The challenge – typically businesses are less tolerant to downtime and outages, as their dependencies on digital systems grow. This is the cyber time paradox – more with less.
As the world of cyber security advances, it’s time to embrace that phrase in a new light. We can only do more if we leave a smaller legacy. The security team should look to renounce two capabilities for every new capability required. The problem is that, as humans, we develop emotional attachments to things that have a material influence on our lives. “This capacity saved my bacon,” most security professionals can attest. The issue is that our world is rapidly changing! As a result, we must constantly evaluate the usefulness of old security controls and be willing to let go of what has previously “saved our bacon” and has been supplanted by wiser, better capabilities.
It’s becoming increasingly critical for businesses to guarantee that their assets and traffic to those assets are safe as they transition to support new, digitally enabled working patterns to meet changing work environments.
The principle of “never trust, always verify” underpins the Zero Trust Enterprise approach to risk mitigation. It encompasses all aspects of the business, including users, apps, and infrastructure. Applying necessary identity, device/workload access, or transactional controls to verify and minimise the risks to the business is what Zero Trust is all about. Using fragmented point solutions, on the other hand, will just add to the complexity and security holes. It will be critical for businesses to select an interoperable ecosystem of security providers that are aligned with their security objectives.
While many companies will get Zero Trust wrong, those who adopt a Zero Trust Enterprise Ecosystem will get it right. We live in an age of fast gratification, thus we may anticipate some people to hunt for a quick fix Zero Trust solution, proving that many people simply don’t understand that Zero Trust is a strategy, not a product or project.
Haider Pasha, Chief Security Officer at Palo Alto Networks, Middle East and Africa (MEA) said: “In the Middle East, organisations need to remove the safety blanket and educate employees on cybersecurity whether junior or most senior. The shared responsibility model for cybersecurity has become really critical, especially as we start further adopting cloud platforms. Organisations must prioritise awareness campaigns and be more creative with cybersecurity education, especially as employees shift to home and hybrid workplaces. In addition, in today’s time, CISOs, CIOs and IT heads must partner with cybersecurity experts and understand all functions within security, risks and DevOps.”
“In addition, as the digitisation of Operational Technologies (OT) accelerates, mostly bound by legacy OT systems and IoT, finding and stopping shadow IT will continue to be a challenge. The energy industry is expanding the usage of IoT sensors and the identification, classification, and protection will take precedence albeit using concepts like Zero Trust to reduce the risk of breaches or sabotage. SOCs are merging between IT, OT and IIoT. Some did this a few years ago, but as more Energy/Utilities deploy IoT, IIoT and OT than ever, many more will need to consider, post COVID-19, merging their SOCs,” Pasha added.
