Cyber goals for 2018
By David Masson
With 2017 now behind us, many CIOs are looking ahead. They’re grappling with big questions but the No. 1 priority should be cybersecurity.
By David Masson
The traditional approach to cyber security is outdated
With an advanced threat landscape that doesn’t discriminate hospitals from corporate giants, how can companies keep their networks safe? The first step is to realize that traditional approaches to cybersecurity are outdated. Most legacy tools are inherently retrospective, relying on past attacks to inform defence strategies about futures ones. As such, they are only able to stop known attacks under certain circumstances and miss out on important categories such as unknown threats, third-party vulnerabilities and insider threat. As more sophisticated and stealthy attacks emerge, security solutions must also evolve. Businesses can’t afford to let success hinge on outdated security protocols, but rather they need to embrace a more future-forward approach to cybersecurity in order to meet the threats of 2018 and beyond.
The introduction of genuine machine learning that learns from live data in complex networks is a crucial step forward. It represents a paradigm shift in cybersecurity by going beyond knowledge of past attacks, harnessing AI technology capable of detecting and neutralizing emerging cyber-threats, without relying on any prior knowledge. It’s a defence platform uniquely capable of helping organizations stay one step ahead of tomorrow’s attacker.
You can’t protect what you can’t see
Many CIOs and IT departments think they have a good handle on the number of devices that connect to their network. But with networks exploding in digital complexity no human security team can account for every device on the network. It is hardly surprising then that most times our technology deploys into a network, we find upwards of 30 per cent more devices than expected. Today’s networks include physical, virtualized, Cloud, non-traditional IT, and industrial control systems. This proliferation of inroads into the network opens up new opportunities for cyber criminals to strike through the weakest link. New forms of attack are inconspicuous, moving laterally in networks before sounding off any alarms. Subtle changes in the ‘normal’ pattern of life in a network are incredibly difficult to detect and yet they are the harbingers of the most sophisticated and lethal cyberattacks.
Attackers aren’t just stealing data — they’re manipulating it
Today’s subtle and sophisticated attacks strike at the heart of the digital economy: the integrity of data. Covert threat-actors are no longer motivated by financial gain alone. Instead, they also want to cause long-term, reputational damage to individuals or organizations through the erosion of trust in the accuracy of data itself.
This scenario is particularly worrying for industries that rely heavily on public confidence. While some high-profile breaches like 2016’s DNC attack and the alleged tampering of the U.S. presidential election may seem straight out of a movie, tomorrow’s cyber-attacks will make it harder than ever to parse fact from fiction.
Consumer devices will be held for ransom and this will impact your business
Ransomware has plagued companies around the world. The pernicious malware encrypts critical files at a speed that is virtually impossible for any human to keep up with and demands hefty fees from affected companies if they want to regain control of their information assets. Hospitals that have gone digital over the recent decade are prime targets. From life-saving medical equipment to critical patient records to diagnostic devices and staff computers, hospitals are exploding in digital complexity, while also lacking the resources to keep ahead of an intensifying cyber climate. In 2018, it’s incredibly likely that we will continue to see a new type of extortion on a micro level, as consumers are targeted across a range of connected objects. Imagine getting home and turning on your smart TV only to find that cyber criminals are running a ransomware attack on your device. Would you pay $50 to unlock it? And if this could happen in your home, imagine the implications for your business.
Artificial intelligence will be used as a weapon
Artificial intelligence is exciting for many reasons, but it’s not only in the hands of the good guys. In 2018, we are likely to see attackers using AI to wield highly sophisticated and persistent attacks that blend into the noise of busy networks.
We have already seen the first glimpses of attacks going in this direction with automated polymorphic and metamorphic malware. Polymorphic malware, which changes its attributes mid-attack to evade detection, has reinforced the obsoleteness of signature-based detection methods. It self-learns and understands its environment and network before choosing its next action. Automation has also been a major factor in the resurgence of ransomware. Based on this, we anticipate that artificial intelligence threats will be similar, with AI-powered malware sitting silently on a network, observing its surroundings and learning how to disguise itself.
David Masson is the Country Manager, Canada, for Darktrace.