The year 2018 saw the rise of vicious attacks on ATM machines that have affected large banks globally, prompting FBI to issue a warning to global banks about threats of imminent large-scale orchestrated frauds across the globe
As we move on in 2019, it is worthwhile to look back at security related events of the previous year. For many, 2018 has been a year of revelation witnessing events that will define how organizations shape strategies for years to come. The year saw the rise of vicious attacks on ATM machines that have affected large banks globally, prompting FBI to issue a warning to global banks about threats of imminent large-scale orchestrated frauds across the globe.
In this backdrop, the CISO is like a one-man army fighting with all odds stacked against it. Back against the wall, the office of the CISO has gained prominence like never before.
Let us look at some highlights of 2018 that will significantly impact information security strategy of organizations in 2019:
Size does not matter. A classic example being Facebook where 87 million records were compromised via an application, which allowed access to contact list. This I believe opened a new dimension as it exposed the limitation of threat protection tools which cannot detect ingressions and breach until too late. These incidents reiterate security cannot be achieved by implementing a set of tools but must be embedded within the organization, woven into the culture of the organization. Security must be designed from inception.
Organizations are vulnerable in the absence of documentation of existing data processes, storage and access policies. Most CISOs still do not have clear understanding of the sensitivity of data organization collects, stores, processes and how it interfaces with many applications in the digital ecosystem.
Cyber crimes are getting more sophisticated and increasingly escape traditional surveillance systems. Many recent attacks have demonstrated that criminals can remain undetected within the environment for months which show the high level of hacker sophistication to circumvent security tools.
The bottomline is if you have data in an environment connected to the Internet, there will always be a way to infiltrate and compromise that data.
Clearly CISOs and security professionals must brace themselves for a busy year ahead. It will help to shore up basic organizational hygiene to thwart attacks.
Awareness: This must be core to any information protection strategy. The organization must embed security as part of the culture and educate every employee accessing sensitive information about the business imperatives and the importance of participating to protect information.
Patch systems regularly: Most malware attacks that caused extensive damages did not have properly patched systems, despite media articles and guidelines emphasizing importance of patching, leaving organizational assets exposed to vulnerabilities.
RBAC: Restrict user access on principle of least privilege with periodic review of access to ensure only authorized users access sensitive information.
Most overlooked is the fact that CISOs pretty much performs the role of law enforcement agency. So organizations must invest in building capabilities and skills to deliver high performance. Instead organizations often move security professional to other roles when the perceived threats are low.
Security must be embedded as design principle when any service is deployed in the organization. CISOs must be involved from the initial stages of any new technology initiative to ensure robust security. Often CISOs are required to defend forts with inherently weak defence systems.
Here are my predictions for 2019:
- Cryptomining will continue to be a menace. Attackers have realized the long- term profitability of cryptomining compared to ransomware and likely to exploit this approach.
- Email will continue to be a challenge with Business Email Compromise still the most preferred channel to deliver malware.
- IoT exploits will continue to rise at exponential rate and move beyond DDoS attacks.
- More activity will be witnessed across globe as governments try and address security and privacy concerns of citizens.
- More and more organization will rely on AI to counter attack and identify vulnerability.
The author is CISO at FIS Global Business Services