Rethinking Cybersecurity in the Digital Transformation Age
During the last couple of years, most enterprises have been accelerating the pace of their digital transformation based on the adoption of leading-edge ICT technologies like cloud/edge computing, Big Data and the Internet of Things (IoT). At the same time, organizations are still suffering from security attacks, which are among the most important barriers in the implementation of their digital transformation agendas. Earlier this year, the famous “Wannacry” ransomware attack affected major organizations all around the globe, such as UK’s NHS (National Health Service). Another example was a fraudulent cyber attack against the SWIFT international transactions system that took place in February 2016 and resulted in the theft of $81 million from the Bangladesh Central Bank. These attacks highlight the vulnerabilities of modern cyberinfrastructures, as well as the importance of cybersecurity as an integral element of an organization’s digital transformation strategy. It is important to understand the main drivers and trends in future cybersecurity solutions to make the most of security investments.
Drivers of Future Cyber Security
The expanding scope and sophistication of cybersecurity systems are based on the following:
Enterprise IT infrastructures are gradually growing in size and complexity, as a result of the introduction of new technologies like cyber-physical systems (CPS) and the IoT. These paradigms are typically based on systems and devices that bridge the physical and digital worlds, such as sensors, smart machines, connected cars, robots, and more. While these systems provide opportunities for enhanced productivity and improved decision-making, they also broaden the scope of potential vulnerabilities. For example, a recent large-scale Distributed Denial of Service (DDoS) attack that exploited vulnerabilities of IoT devices affected major Internet sites like Amazon, Twitter, and Spotify.
Nowadays several organizations operate in complex regulatory environments, which impose a need for compliance with many security regulations and standards. For instance, U.S financial organizations must adhere to regulations associated with the Payment Card Industry Data Security Standard (PCI DSS), the Sarbanes-Oxley Act of 2002 (SOX, P.L. 107-204), the Gramm-Leach-Bliley Act, the Financial Services Modernization Act of 1999 and more. Cybersecurity systems are evolving in order to support organizations in their alignment to the required regulations and standards.
Sophistication of Attacks
Over the years, cybersecurity attacks are increasing in sophistication through becoming asymmetric and less predictable. For example, ransomware attacks have been added to the list of phishing, DDoS and social engineering attacks, while the methods used by cybercriminals are constantly evolving based on the use of advanced sniffing and encryption techniques.
Many businesses lack the resources, expertise, and equity capital needed in order to cope with modern cybercrime. This is particularly the case with SMB (Small Medium Businesses) typically on the hunt for cost-effective solutions.
Emerging Cyber Security Solutions and Services
Driven by the above factors, emerging cybersecurity solutions feature the following characteristics:
Security Automation and Intelligence
The automation of cybersecurity solutions is key to coping with the growing number and sophistication of cybersecurity threats. This gives rise to the implementation of machine learning systems, which are able to detect attack patterns in a fully or semi-automated fashion. There is also a trend towards employing deep learning and artificial intelligence technologies to identify indicators of complex attacks, which are hardly identifiable based on conventional machine learning.
Cyber Security Datasets and Data-Driven Approaches
The collection of security-related datasets is becoming very important for the development of future cybersecurity systems. These datasets are a key prerequisite for training and validating data-driven systems, including machine learning and AI algorithms. Without large amounts of data about the operation of the cyber assets and the attack incidents against them, the deployment of security automation and intelligence isn’t possible.
Standards development organizations tend to incorporate the latest technologies and best practices in their work. So standards-based solutions are usually more effective in increasing the cyber resilience of modern organizations. The latter need to adopt and implement not only conventional and well-established standards (e.g., the popular ISO27001), but also emerging ones such as the Industrial Internet Consortium Security Framework (IISF). The latter provides a blueprint for securing CPS systems in the era of Industry 4.0.
Integrated Policies for Cyber and Physical Security
As part of the integration of IoT and CPS systems, there is a close interaction between cyber and physical systems, including an inter-play between their security mechanisms. For example, electronic access gates and digital video surveillance systems are increasingly used as primary physical security technologies. This close interplay is gradually leading to an integration of physical and cybersecurity measures and related policies. Sectors that operate both cyber and physical infrastructures (e.g., energy, transport, buildings) have the leading role in this integration.
Following many years of collecting information and knowledge about cyber threats, the cybersecurity community has established a range of vulnerability databases, which are used to maintain and disseminate information about known security vulnerabilities. NIST’s National Vulnerability Database is one of the most popular databases of this category, which provides developers and deployers of cybersecurity systems with the means to automatically access up-to-date information about cyber threats. This is important because of the need to support the collection and processing of large amounts of data towards security automation and intelligence.
Managed Security and Security as a Service
There is a surge of security solutions that are offered based on the Security-as-a-Service paradigm or as a pay-as-you-go option. Typical examples are popular Managed Services, which are a primary choice for SMBs and other organizations that operate based on constrained budgets. Solutions for small organizations come with easy web-based interfaces for their configuration, which makes them appealing to employees with low-security expertise.
Decentralization and Blockchains
The advent of the BitCoin cryptocurrency has revealed the capabilities of the distributed ledger technology towards decentralizing and securing transactions across IT systems and devices. Distributed ledger technology is currently exploited as a secure, privacy-preserving, and anti-tempering infrastructure in a wide range of applications beyond financial transactions and it’s therefore likely to become mainstream in the years to come.
Equipment vendors and integrators of future ICT solutions should closely monitor these trends and integrate them into their products and services. Security should no longer be seen as a defensive investment with limited ROI, but rather as an indispensable and integral element of any cyberinfrastructure. As such, it should be placed at the very top of the digital transformation agenda.