Cyber security, slowly catching up with the digitalised world
Vaibhav Malik, Head of Cyber Security Advisory at Integrity360 shares his insights about cyber security in a digitalised world and what modern CISOs need to focus on to be "match-ready" in 2022.
Understanding the digital divide
As we stabilise in the post-pandemic world, the shift of the world of perimeters to a digital one has increased the cyber risks to people, technology and our local environments. There are many layers of asymmetry in the data-driven economy of today – between human and artificial intelligence, between organisations and applications, between trade and transactions, and between firms and nations, resulting in a digital divide at a global scale.
Applications on helium
As cloud technologies assists in navigating through this digital divide, drive business performance and provide agility, it’s clear that cloud adoption will continue to accelerate in 2022. Applications are being injected with helium to settle in the “cloud”. In other words, there will be an application for everything and anything, and most of these applications will be hosted on the cloud.
To go a little further, most cloud transformations will continue to be powered largely through SaaS and IaaS models, and the number of new interactions between applications in the enterprise will continue to expand. As organisations add more third-party SaaS and IaaS providers to their technology stack, having good third-party security posture will not just be a perquisite but will be a vital factor that dictates business.
For the cyber-attack surface, this means the impact of cyberattacks on centralised cloud services will have a broader impact. We will see threat actors take advantage of misconfigured APIs to exploit private data at an unprecedented scale. This could lead to core software code repositories becoming compromised and impacting thousands of organisations across the globe.
2022 will continue to see increasing enterprise adoption of containers for application development. We’ll also see growing recognition that the risk of inadequate container security needs to be considered mainstream. In particular, expect enterprises to increasingly implement container security automation. Due to their vast scale, complexity and dynamic nature, automated security responses offer the only feasible strategy to maintain secure and compliant cloud native container environments. Companies will look for enterprises to utilise automated scans of Kubernetes resources to identify and mitigate misconfigurations.
Therefore, a strong focus will be on securing applications that are hosted on cloud environments.
Zero-Trust model as a baseline
Due to the surge of digital technologies, the population of digital assets has grown tremendously. Securing these distributed assets and their communication will be critical for data security.
Identity access management has become an essential ingredient for delivering successful digital services. However, most organisations are neither monitoring to see which identities are actually being used nor ensuring the removal of the ones that aren’t. Even after spending thousands of euros and chasing new technologies, organisations are not getting the fundamentals of cybersecurity, like identity and authorisation, right.
To solve such problems, enterprises will be looking to implement zero-trust models using policy-as-code, blocking all unauthorised run-time network, process, and file activities as a default protection. Monitoring transaction level instances will be a critical capability to ensuring that least privileged (and consistently verified) access is a reality and not simply an assumption.
The CISO job: A Sisyphean task
2022 will ultimately return to basic cyber hygiene and cyber resilience. We will see greater regulation, security frameworks and national strategies focused on cyber security resilience, across the world.
COVID-19 forced organisations to transform their business models in a very short period of time. They deployed a significant number of new technologies in a sprint to sustain operations, and, in many cases, moved so quickly that they were unable to properly address security concerns. This has left CISOs (Chief information security officers) a long list of security gaps introduced by organisations’ rush to transform digitally.
Therefore, it’s important for CISOs to recalculate their understanding of their internal and external threat profile, evaluate cybersecurity risks, reshape their protection strategies, and develop (and retain) a core security team that can demonstrate a resilient response to cyber-attacks. CISOs will also be asked to ascertain value-based metrics that can show return on investment to the board. As the number of tasks assigned to the CISO go up, in order to establish a better governance balance, we will be seeing few changes in the CISO role to allow multiple or split responsibilities across technical security and GRC profiles.
Security practices and tooling are changing to more cloud-native, more automation and data-driven, in order to provide greater efficiency and efficacy for continuous cyber governance. However, automation won’t replace humans. Instead, the outlook will be to hire security talent with automation and security engineering skills that will supplement staff capabilities.
Vaibhav’s final thoughts
Keep it simple. Practice with persistence by testing your cyber defence capabilities with an “attack” mindset.
Be “match” ready.