The Brave New World of Cybersecurity

Uploaded on 2015-06-11 in FREE TO VIEW

burning-chrome.jpg

'Burning Chrome' Cover Art

Author William Gibson coined the phrase cyberspace in his 1982 short story “Burning Chrome” that depicted hackers wantonly breaking into corporate security systems. Fast forward to 2015 and Gibson’s vision is reality as cyberattacks on vulnerable corporations, governments, and institutions have become commonplace. What strategies do global companies and governments need to protect themselves from cyberattacks? 

In the wake of much-publicized incidents on the likes of JP Morgan Chase, Target, Sony, and Anthem, the heightened threat posed by cyberattacks has become a high-priority for senior management and boards of directors around the globe. At no time has there been greater attention paid to cybersecurity and what it can offer to combat costly, malicious attacks.
Broad and expansive in its reach, cybersecurity encompasses tools, policies, security concepts, best practices, and technologies—all of which can be deployed in concert to protect both the virtual data and physical infrastructure forming an organization’s assets. Against a backdrop of persistent and unrelenting threats in cyberspace, cybersecurity’s mandate is to protect and secure an organization’s assets to ensure their continued availability, integrity, and confidentiality.

Yet many large corporations still do not have strategic cybersecurity plans in place even as more and more devices are interconnected and virtually anything of import is accessible from the Internet. Indeed, cybersecurity is becoming as critical as physical security precisely because of this ubiquitous interconnectivity through which cyberattacks can quickly spread.

True, the cybersecurity market remains small at present—just $589 million was spent on industrial cybersecurity systems worldwide in 2013. But the potential for growth is huge, especially as the world begins to craft coherent cybersecurity strategies to combat increasingly dangerous cyberattacks.

Global revenue for industrial cybersecurity will more than double between 2013 and 2019

Global revenue for industrial cybersecurity will more than double between 2013 and 2019 

But defense is only one side of the issue. As recently as March, Admiral Mike S. Rogers, head of the United States Cyber Command and the National Security Agency   admitted during a Senate committee hearing that the United States needed to boost its ability to stage cyberattacks. Rogers said the United States needs to create a deterrent against other countries seeking to attack the country, and that a defensive strategy alone would be inadequate.

To be sure, the US government is increasing its investments in advanced cybersecurity technologies, and special funds are also being set aside for small businesses to develop innovative solutions in cybersecurity. Moreover, the government requires large defense contractors to subcontract a certain percentage of their cybersecurity solutions development to small businesses. This way, a small business has multiple avenues for engaging in the federal cybersecurity market, either through direct contract with the government or by helping a large business meet its small business subcontractor quota.

Cyberthreats and emerging technologies

Cyberattacks are increasingly sophisticated as their destructive incursions seek new ways to breach security and inflict maximum damage. And in an age of increasingly porous digital borders, three areas pose grave challenges in the cybersecurity wars:
The all-things-connected phenomenon known as the Internet of Things
Cloud computing, or the online storage and repository of data
The continuous churn of enormous amounts of information being gathered and sifted for specific purposes, otherwise known as Big Data.
 

The Internet of Things 

In the coming years, billions of new devices—from cars to household appliances—will be fitted with computer chips that enable interconnectivity with the Internet. Experts estimate there will be nearly 50 billion connected devices by 2020, with an average of more than six connected devices per person. This is the vast universe making up the Internet of Things (IoT), and the interconnected nature of such a massive system significantly raises cybersecurity risk factors. Because IoT devices are designed for connectivity and not security, they are vulnerable to malware attacks. And each device is a potential portal through which a cyberattack can gain entry, and then proliferate throughout the chain.

There are three categories of cyber threats in the world of connected devices. On the lower end of the scale, denial of service is an immediate threat, potentially paralyzing all services offered by a network of smart devices. Higher up is the threat from botnets and malware-based attacks. Here, a malicious code could infect computers in order to gain control of a network of smart devices, or to compromise the software running them, with the objective of converting the connected devices for heinous purposes. Lastly, data breaches can exploit the aggregation of valuable information resulting from the daily actions of individuals, in order to access private communications or expose sensitive data on the cumulative behavior of population subsets.
The automotive industry highlights the promise and pitfalls of the Internet of Things. Few industries are as poised to reap the benefits of a dramatic expansion of connectivity as auto manufacturers, which can utilize hyper-connected devices to assist GPS navigation, augment safety instruments, and ensure an information-rich driving experience. 
But the risks are clear. Enhanced connectivity in cars could enable a remote takeover of a car’s driving or parking functions, creating genuine peril for the driver, passengers, and other vehicles. A second conceivable risk relates to the sensitive data accumulated from driving patterns, with the potential to hijack the information in order to publish or blackmail the driver.
In the IoT universe, cyberattacks can hit anywhere. Banks and other financial institutions; healthcare and the medical sector; industrial utilities including oil and gas, chemicals, and critical infrastructure; insurance and their carriers; retail and consumer data; telecommunications and satellites—no industry is exempt.

Cloud computing

Cloud computing enables convenient, on-demand access for individuals and businesses to a shared pool of computing resources including networks, servers, data storage, and other applications. But these very advantages represent an attractive target for cyberattacks. This is because an attack on a stand-alone system is ultimately less dangerous than an attack on a networked model like the cloud, which could result in a cascade of failures across the network.
The finance industry is especially vulnerable to the inherent threats of cloud computing. Trading brokerages, banks, and credit unions all highlight their 24/7 online availability for consumers to check their accounts, conduct transactions, and monitor financial activity as a key selling feature. Yet this type of ubiquitous access, heavily reliant on cloud computing, renders the paradigm susceptible to such risks.

Big Data

Big Data exploits the massive reams of data cascading over the Internet—driven in large part by the growth in social media apps and mobile devices—in order to identify underlying patterns and trends. From a corporate security perspective, Big Data allows companies to observe the larger threat picture against enterprises, incorporating internal and external threats alike. By pooling internal data and relevant outside information to correlate high-priority alerts across monitoring systems, companies can cut down on the white noise and false alerts endemic to existing monitoring tools. 
For these reasons, Big Data is not so much another vulnerability but a tantalizing new opportunity for corporate players to take proactive measures against cyberthreats. A Big Data paradigm can efficiently log information, events, and activities occurring within a preselected tracking environment; consolidate the data in a central location; and then use advanced analytics to help identify patterns that no individual monitor can do on its own, in the process creating a holistic picture to analyze and investigate security-related issues.
One potential concern, however, for the broader application of Big Data is the scarcity of data scientists specializing in security issues. In many cases, organizations will need to engage with third parties to compensate for the lack of in-house expertise.

Cyber warfare and the defense sector

As governments around the world awaken to the impact of cyberattacks, a primary focus remains the prevention of cyberattacks from being deployed as an instrument of warfare by both state and non-state adversaries. Indeed, a quick glance at national defense spending over the past decade bears out the growing investment by governments in cybersecurity. In the United States alone, spending on cybersecurity at civilian and military agencies will reach nearly $15 billion in the current fiscal year (FY), which includes $5.5 billion for the Pentagon to invest in cyberspace operations. These outlays represent increases over last year’s funding, in an environment that saw a general decline in federal spending.  

Overall, opportunities for the global cybersecurity market are brisk. The world market for cybersecurity alone is worth $81 billion, with 10% annual growth. None of this is lost on the business world: witness the growing number of mergers and acquisitions over the past few years, with larger and more established corporate players buying smaller IT firms, especially those with cybersecurity skills. Examples of such corporate deal making include the acquisition of Mandiant by FireEye; of Urgentis Digital Crisis Solutions by Deloitte; of Blackbird Technologies by Raytheon; and of SilverSky by BAE Systems.
Recent and well-publicized hacks into private sector and government systems will keep a focus on cybersecurity as an imperative. While these attacks are not new, what was interesting about 2014 was the openness by the US government and its military regarding the use of offensive cyberspace operations, previously shrouded in classified documentation.
The Obama administration has not only acknowledged the presence of offensively focused teams at the strategic and operational levels, but it has implied the use of such capabilities at the tactical level. Perhaps more significant, active training and military exercises in offensive operations have now become the norm, along with the creation of stand-alone cyberforce organizations, nurturing a new generation of digitally savvy cyber warriors. For instance, the US Army recently established a cyber branch for officers on the same level as traditional infantry or armor specialties. 

This growing embrace of holistic cyber capabilities, which integrates defensive attributes with offensive missions in a proactive fashion, is not the only new force shaping cyberspace operations in the defense sector. As national defense increasingly embraces the necessity of investments in cyber programs and personnel, other key trends include the following:   
Infrastructure. Protecting the security of industrial control systems for key elements of critical infrastructure will grow in importance. Also known as SCADA (Supervisory Control and Data Acquisition), these computer systems control activities over multiple sites. A successful attack against SCADA can shut down, destroy, or manipulate infrastructure activities. Imagine cyberattacks causing power grids to go offline, airplanes flying in the dark after the failure of air-traffic control systems, or the shutdown of a municipal water system. As the threat magnitude grows, so too will research and development into cyber-defense applications to produce more robust defenses.

Self-repair. A greater emphasis is anticipated on real-time continuous monitoring and mitigation to defend against persistent threats, which will gradually take the place of the traditional “react and patch” approach, enabling greater automation and self-awareness when it comes to cyber defense applications. Technological advances will usher in more prominent self-repair network attributes. These capabilities—monitoring, mitigating and self-repairing—will pave the way for a resilient network ecosystem which until now has been in the conceptual and research realms.

Compliance. From a tactical perspective, network cybersecurity needs will grow as the military becomes fully networked. These networks must be secured, and for the US military this means complying with information assurance accreditation and certification requirements. Cybersecurity opportunities will increase accordingly, as seen in the recent US information security contract awards for the Virginia-class submarine and F-35 fighter. 

Collaboration. The international cybersecurity market will experience significant growth. Rapid evolution is already occurring at the nation-state level, ranging from the routine establishment of national cyber emergency response teams, to the development of cyber forces with potential offensive capabilities. Bilateral and regional cooperation, both in the investment of resources and shared training, is beginning to accelerate. Industry is also joining in, with the establishment of overseas centers of excellence and growing mergers-and-acquisitions activity. 

The way forward

Cyberattacks have become a permanent and pervasive peril to governments and businesses alike and managing the risks must become a priority. But understanding the challenges and implementing appropriate strategies for the long term requires resources and expertise. The threats are evolving as are the tools and technologies. To manage the emerging risks successfully, it’s useful to keep three things in mind:

Cybersecurity is a corporate imperative. Every major entity, whether governmental or corporate, is a likely target. Complete security is impossible, but leaders must remain ever vigilant and employ all available means to defend against the threats. Consequently, cybersecurity is a C-suite, senior management issue, and must be incorporated into strategic planning with risk mitigation explicitly addressed as well as routinely reviewed and updated.

Government and industry must enhance their collaboration in identifying, assessing, and responding to cyberthreats. The time for siloed approaches to defense and deterrence has passed.  The Obama administration has been working with key members of Congress on legislation that would encourage greater information sharing on cyberthreats, in part by providing liability protection for firms that share sensitive information, which should form part of a multi-pronged response. Understandably, companies are hesitant to divulge or share information for fear of public exposure on the true extent of a cyberattack, so a means must be found to surmount this obstacle.  

Finally, cybersecurity is too important to be left to technology or security specialists alone. Because cyberattacks can go through any portal or user, everyone—from CEOs to front-line workers—should be mindful of appropriate cybersecurity best practices and recognize the danger from breaches. In particular, corporate leaders must understand that cybersecurity is just as important as product development, earnings reports, and future growth plans. The spate of data breaches against high-profile U.S. entities has shown the reputational damage that can be inflicted by a cyberattack. Indeed, a company’s ability to successfully manage myriad cybersecurity risks could determine how well it is able to navigate and succeed—or flounder and stumble badly—in this new, more dangerous age.

iHS: http://bit.ly/1FVe2o8

« Anderson Report: Review Of UK Anti-Terror Data Laws.
Second Hack of US Federal Records »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Link11 GmbH

Link11 GmbH

Link11 provides DDoS protection solutions to protect websites and complete server infrastructures from DDoS attacks.

Security Stronghold

Security Stronghold

Security Stronghold is focused on protecting computers from malicious programs like viruses, Trojans, spyware, adware, trackware, keyloggers and other kinds of online threats.

Trusted Knight

Trusted Knight

Trusted Knight is a leading provider of security software solutions focused on defeating newly developed malware and crimeware trojans.

RazorSecure

RazorSecure

RazorSecure offers products and services to enhance railway cyber security, by protecting and monitoring networks and key systems.

SynerLeap

SynerLeap

SynerLeap is ABB's innovation growth hub. Our aim is to help startups accelerate and expand across industries, ranging from industrial automation and robotics to grid technologies and smart cities.

Upper Peninsula Cybersecurity Institute - Northern Michigan University

Upper Peninsula Cybersecurity Institute - Northern Michigan University

Upper Peninsula Cybersecurity Institute at Northern Michigan University offers non-degree and industry credentials relevant to emerging careers in cybersecurity.

comforte AG

comforte AG

comforte AG is a leading provider of data-centric security technology. Organizations worldwide rely on our tokenization and format-preserving encryption capabilities to secure personal, sensitive data

Bugbank

Bugbank

Bugbank (aka Vulnerability Bank) is a leading SaaS platform for internet security services in China.

IgmGuru

IgmGuru

Igmguru offers certification online training courses for IT professionals and students. Get certified with high-in-demand job-oriented professional courses.

HLB Mann Judd (Fiji)

HLB Mann Judd (Fiji)

HLB Mann Judd (Fiji) (formerly known as HLB Crosbie & Associates) is a well-established firm of accountants and business advisers in Fiji.

Intelligent Technical Solutions (ITS)

Intelligent Technical Solutions (ITS)

We help businesses manage their technology. Intelligent Technical Solutions provide you with the right technical solution, so you can get back to running your business.

Beazley Security

Beazley Security

Beazley Security is a global cyber security firm committed to helping clients develop true cyber resilience: the ability to withstand and recover from any cyberattack.

SeQure

SeQure

SeQure is a novel cybersecurity and data observability company that offers Fortune 100 and Governments a zero-trust service to continuously monitor large network environments.

Instil Software

Instil Software

Instil helps technology brands transform, innovate and disrupt their markets with category-defining software products that challenge us to think, feel and act in new ways.

tmc3

tmc3

tmc3 is an award-winning, people-centric consultancy that is transforming cyber security from an overhead into an organisational enabler.

METCLOUD

METCLOUD

METCLOUD is driving a cloud evolution. A cloud that promises relentless cybersecurity, performance, resilience and sustainability.