internet-connection-data

The cybersecurity landscape and digitalisation hangover

Estimated reading time: 6 minutes

Malaysia was one of the first stops for Fortinet’s Accelerate Asia 2022 roadshow, in early June. The highly anticipated customer panel, had an illustrious lineup of  well-seasoned cybersecurity professionals and an IDC analyst.  The session was moderated by Rashish Pandey, VP of marketing and communications for Fortinet Asia.

Needless to say, a few in the lineup had views to share with regards to widely held views in the industry.

Especially Dr. Suresh Ramasamy and Rodney Lee, were very vocal for example when it came to a few ideas pervading the industry.

The customer panel moderated by Rashish Pandey

To set the stage, Rashish asked panellists their view about how the threat landscape has changed in the past few years.

How has the threat landscape changed?

For Kelvin Chua, Fortinet’s Director of regional systems engineering at SEA and HK, that phishing remains a very effective attack.

Traditional phishing is taking a backseat however as the bad guys use more technologies like artificial intelligence. “Essentially, they use this because they can do it in much bigger volume and also more quickly.

“I can literally take a stolen email, put it into open source AI, and then using open source AI also, create a legitimate looking email communication.”

The point is that AI will learn and recognise the arrangement of words and phrases, and craft an email that seems authentic.

Firmus’ subject matter expert, Rodney Lee, decided to take a more holistic and nostalgic approach to Rashish’s question, citing the early days of analogue before one-click-to send emails came and replaced letter writing.

He also talked about multi-mode attacks, one of which is the very notorious ransomware method.

It has evolved in the past one year to using a double extortion monetisation strategy whereby an organisation’s information is not only encrypted and held at ransom; confidential data is also exfiltrated and under threat of being exposed.

Firmus’ subject matter expert, Rodney Lee, decided to take a more holistic and nostalgic approach to Rashish’s question, citing the early days of analogue before one-click-to send emails came and replaced letter writing.

“One of the things that I see about the landscape is that we are all getting lazy.”

Technology was created to automate the mundane tasks we have been doing for the past century, and Rodney opined that the cybersecurity industry  has been pushed by the desire of people to do more, in less time.

Perhaps, this has led the industry to where it is today – if before cybersecurity monitoring was about monitoring firewalls and IPS, today it has gotten to the extent where endpoints are also being monitored.

IDC’s senior research manager Dharmaraj Sivalingam, described the current landscape as a ‘multiverse of madness’. “Today we have organised groups and organised attacks which can really impact an enterprise wholesale.”

The entire landscape has become a lot more complex to operate and this has necessitated the need for cybersecurity to become faster.

“This requires understanding the various threat mechanisms available and what you need to set up to mitigate that, becomes very imperative.”

What has changed in your approach towards cybersecurity?

This question was directed towards the end users, and Dr. Suresh, chief research officer and CISO at Center for Advanced Computing and Telecommunications (CACT) took the opportunity to highlight two gaps that he observed.

“Cybersecurity isn’t a problem that you throw money at… actually that’s the easy part, you could put the boxes (solutions) in, and lo behold, you assume that everything is secured,” he said.

Rhere is a lot more work that needs to be done to ensure that the solutions work, which is the not-easy part.

So, that’s the first gap that needs to be bridged, which Dr. Suresh described as a knowledge gap between solution vendors and the folks at the receiving end of attacks, who are often times their customers.

“For us to really more forward and be more secured, we have to bridge that gap.”

In essence, do vendors know what users’ pain points are, and are they creating solutions for those pain points?

The second gap he observed is between the bag guys and the good guys. “The bad guys are embracing tech faster.. what the bad guys do now, the cybersecurity industry may be adopting in five to ten years.”

These opinions were remarked upon by Rodney later, who shared that if one were to look at the entire service chain it actually ends with the end user. “The end user has to fight those bad guys, hut the problem is our entire market.”

In essence, do vendors know what users’ pain points are, and are they creating solutions for those pain points?

Shanker Karthikason, group head of cybersecurity at Averis, opined that cybercrime today is  billion organisations that operate like enterprises. Regardless of who has better technologies – the good guys or the bad guys – Shanker stated that cybersecurity is a programme that starts with sound processes.

Digitalisation hangover

Dr. Suresh likened the quick pace of digital technology adoption in recent times as having caused a hangover, of sorts.

“A lot of organisations spearheaded their own digital technology (transformation) because of the pandemic,” he said. Belatedly, these organisations also realised that the workforce they had to send home to work, were creating attack surfaces that they were not prepared to defend,

“And that’s why I say it’s a hangover – it was something we did out of an emergency rather than a well-thought out technology.”

He recommended organisations to have holistic thinking when it comes to implementing solutions, rather than implementing one spot solution at a time.                                                                                                                                                 

However with cars, it usually on requires a step on the brakes to slow down.

IDC’s Dharmaraj cautioned for a more balanced approach. “How do you want to balance the investments into your security solutions against the actual risk to your enterprise?”

Ultimately as an enterprise,there are difficult decisions to be made about security and technology investments so that they take into considerations factors like processes, and also  phenomenons like digitalisation hangovers or digital fatigue.

It brings to mind an apt analogy about cars and brakes;cybersecurity like brakes is supposed to enable organisations to go faster (use more technology) because there is assurance that security is there to defend, if a threat appears.

However with cars, it usually on requires a step on the brakes to slow down.

All that is well and good.

In cybersecurity, a whole myriad of different processes need to be orchestrated to first detect, and then mitigate, remediate, and maybe even contain the threat.

In cybersecurity, a whole myriad of different processes need to be orchestrated to first detect, and then mitigate, remediate, and maybe even contain the threat.

Later on Rodney also shared his view about cybersecurity, that it can become an enabler of those guys who are not cybersecurity-trained, to “fail safely.”