What are the cybersecurity trends in conscientious organizations?
Continuing to protect businesses will require new cyber defense strategies and tactics and better threat intelligence. But what are the threats? And how can we protect companies? Find out here.
We can see that businesses continue to be confronted with new and innovative cyber threats. By analyzing the entire cybernetic context that involves the business world, we can identify four trends that influence cybersecurity that require extra attention by all managers and other stakeholders.
- The “Zero Trust” concept
All network points, including remote computers, smartphones, tablets, IoT sensors, containers, virtual systems, and cloud resources, are susceptible to attacks. Traditional defenses make no sense in an environment where the traditional network perimeter changes and dissipates. The question is not only whether assets will ever be compromised, but when these assets will be compromised. At this point, the only relatively safe answer is that we should not trust any networked device and assume that the entire environment is compromised.
The premise of Zero Trust management is that to be minimally secure, organizations must continuously verify and authenticate access. Machine Learning (ML) can be used, for example, to help record user behavior and detect anomalies in that behavior pattern. If the user usually enters the system from Lisbon, but this time he entered from Shanghai, the system recognizes the anomalous behavior and can immediately block access and send alerts to initiate an investigation.
Zero Trust approaches will therefore become an integral part of every organization's business behavior. These are tools that will allow companies to defend their assets.
In this field, DXC offers digital identity services that allow people, applications, and machines to verify their digital identities and securely access corporate data and services. DXC's value proposition is supported by a full range of security capabilities, including multi-factor authentication, identity governance, and privileged account management to guarantee the customers' security.
- Remote work as a relevant threat vector
During the current pandemic context, remote work has grown faster than anticipated. Approximately 40% of the global workforce is now working from home or other remote locations. Furthermore, the transition happened practically overnight, and it is expected that the trend will continue. Traditional security strategies, developed for people who work in the office within the same corporate network, are insufficient. In many cases, home routers and networks are not secure, and family members' computing devices can be easily compromised, potentially compromising the entire local network.
Therefore, a new approach to working securely from remote locations is needed. But such an approach will immediately impose changes in behavior, such as keeping access to corporate data from a home network to a minimum. Organizations must verify access to corporate data and its assets using multiple authentication factors and leverage new technologies, such as remote browsing or the use of mobile devices capable of restricting the transmission of corporate data.
DXC's Secure Infrastructure Services helps protect the customers' applications, cloud, hybrid infrastructures, and network devices. DXC's Security area designs, installs, and integrates perimeter, network, and device solutions, with advanced protection from threats, so that its customers can carry out their activities safely and in compliance.
- The amazing ransomware
Ransomware dominated the headlines in 2021, and cybersecurity experts have been developing new tactics to respond to these threats. However, cybercriminals always seem to be one step ahead. Security specialists managed to deduce the decryption keys in some attacks (and avoid paying the ransom to obtain the decryption key), but cybercriminals are fighting back and are developing encrypted ransomware at the level of the code itself. It means that cybersecurity teams will have to wait for the code to run before it can be studied, which considerably delays the development of countermeasures.
Attackers are also rewriting ransomware code to infect the firmware of computing devices and ensure a perpetual presence in the victim's computing environment. Code running at the firmware level cannot be detected, stopped, or removed by anti-malware software. This malware is not replaceable. Once a device is infected, the hardware will need to be replaced or shipped back to the factory to reinstall the firmware.
Through cyber defense services, DXC has helped protect its customers by bringing them visibility into the threats and vulnerabilities of their critical assets. DXC's security team manages security operations and applies intelligent automation to protect its customers against breaches, detecting threats and ensuring a quick response to security incidents.
- Analytics in security decisions
Operational data can provide insights into potential growth and opportunities, as well as it can optimize business processes. Aware of this fact, many organizations now use data to improve business decisions. As a result, security operations are taking advantage of operational data to understand how business processes link to security events. Organizations can use cyber analytics and Artificial Intelligence (AI) to predict when and where attacks are most likely to occur and focus their investments on achieving more protection.
AI systems should target aspects of operations not security-related, but that can, somehow, correlate with past security events. For example, an AI system might determine that most attacks occur in the week of the public presentation of the quarterly financial results. With this information, organizations can proactively tighten security controls.
This preventive knowledge will help organizations plan for their future. However, to be successful, organizations must analyze all the data about operations and the business environment.
Cyber threats show no tendency to slow down, and new threats are expected, increasingly assertive and intelligent. DXC's security risk management services enable its customers to gain visibility into people, processes, and IT security risks so they can make better business decisions. The DXC security team helps organizations define and implement a risk management framework that supports business objectives and risk tolerance.
Continuing to protect businesses will require new cyber defense strategies and tactics and better threat intelligence. In this context, DXC will continue to work with its customers to prepare them for quick detection and response to cyber risks, consequently leveraging their maturity, posture, and cyber security culture.
Offering Lead, Cybersecurity Portugal at EMEA DXC Technology