Why You Need a New Defensive IT Security Strategy in 2020
It is a new decade, and companies are rethinking their digital strategies. They are looking for ways to give users more engaging experiences and even considering whether or not to invest in defensive protection and leverage solutions like Darktrace architecture or HPE Gen 10 Silicone Root of Trust. Why? Major cybersecurity vulnerabilities continue to grow in prevalence and risk. Consider this. According to Wired, in the first half of 2019, ransomware attacks, supply chain attacks, political server attacks, and other breaches became almost synonymous with the evening news. Society has grown accustomed to their risks and is just waiting for the next one. However, a new cybersecurity defensive strategy could put the hackers’ plans on hold and keep the data of billions secure. How? To answer that question, it is important to think about why cybersecurity risks continue to climb, what’s happening to the premise of data storage and system use in the cloud, and how to keep their risks from becoming the next big breach.
Cybersecurity Risks Continue to Increase, Is Your IT Security Evolving?
Consider the prevalence of devices connected to the internet, the internet of things (IOT), presents unique security challenges. More devices means more attack vectors. Individual ID badges, facilities management and control systems, healthcare infusion pumps, casino fish tanks, and yes, even refrigerators create new opportunities for a cyberattack. Unfortunately, it is impractical to track and manage each IoT-enabled device through traditional cybersecurity software.
Plenty of resources support this narrative. In fact, Target stands apart as perhaps the most iconic example of an unmonitored system that enabled a massive breach. Remember the Target hack that occurred at the height of peak shopping season in 2013? According to Info Security Magazine, the hack lead to the compromised data of 110 million in-store customers, and the malware was found on the central server.
That example revealed the data had been compromised by a third party with stolen credentials, and the scary part resides in how hackers gained access—via the HVAC control system, managed by Fazio Mechanical Services. This was the first example, of a now widespread trend. More recently, hackers have terrified homeowners and building occupants, using their own IoT-enabled cameras and voice-controlled systems to announce unwelcomed and even disturbing messages. Now, this might seem like a relatively small problem, but a single vulnerability into a person’s own devices could present vulnerabilities into the overarching company, such as Ring, Amazon, and more. Of course, these companies have taken additional steps to lower their risk, but something else is needed.
Data Is Moving Toward the Cloud, Security Must Evolve to Keep Up.
There was a time when cybersecurity simply meant installing a straightforward network firewall and plugging devices into it. Unfortunately, the world has evolved beyond the days of simple networks and servers. Everything is in the cloud, so cybersecurity measures must also reside within the cloud. Business owners and organizational leaders need a way to respond to threats in real time and improve the defensive security of their organizations, as well as their users. Meanwhile, threats continue to change, reflecting a growing capability to penetrate networks and steal treasure troves of data before anyone realizes what’s happening.
The volume of data available amplifies the problem. Data is so immense and users so spread apart that it is often difficult to detect a problem or attack until it is too late. Even internal threats can cause damage unwittingly, as exemplified by the years-old Target example. So, what can companies do to mitigate these risks?
How to Lower Cybersecurity Risks Despite the Unrest.
There will always be hackers, and the only real asset companies can manage is understanding when vulnerabilities arise and when risks begin to attain maturity. Companies need a new defensive IT strategy that considers the problems in IoT-enabled devices and measures for other technology such as known server vulnerabilities.
One trend we are seeing in the marketplace is implementing technology that can identify unusual behaviors such as the Darktrace IoT defensive mechanisms that automatically review and learn more about individual user behaviors, recognizing when actions are considered uncommon and flagging those before they create irreparable damage.
Technology teams are also starting to invest servers that have predefined security built into their boot process. A perfect example of this is the HPE Silicon Root of Trust available on their gen 10 servers that permits only trusted firmware to be loaded onto the server. How does this work? These servers have an anchor for the boot process that is housed in the hardware and cannot be updated or modified in any way. This is then combined with a cryptographically secured signature. With these two measures in place, when a hacker attempts to insert a virus or compromised code into the firmware, the configuration of the firmware is changed which creates a disparity from the digital fingerprint rooted in the silicon. If this fingerprint validation fails (which will happen with any disparity) the server will not be allowed to turn on protecting your business.
With the amount of data being generated in today’s businesses, we are also seeing a need for automation, such as the way Darktrace Architecture leverages machine learning and artificial intelligence (AI) to continuously monitor systems and devices for potential threats and mitigate them in real time.
Of course, these are only a few current trends that should be implemented as part of an overall security strategy—recognizing the value of such services and capabilities will continue to become more important for successful cybersecurity management.
Build a Cohesive Cybersecurity Strategy Now.
A cohesive cybersecurity strategy is the only way to fight back against the attacks of today. An offensive strategy is important, identifying the known threats, but it is useless if you lack the tools and resources to put the threat on ice. A defensive strategy allows you to highlight and remediate new threats you don’t even know about yet with AI and machine learning. That’s where the new solutions like Darktrace architecture and the HPE Silicone Root of Trust come in. Connections are continuously changing and evolving, so shouldn’t your cybersecurity strategy continuously work to prevent attacks and isolate problems before they come to fruition? Find out more about how to enact a better cybersecurity strategy by discussing your needs with our security experts today.
Author: Bill Flatley, Field CTO for Healthcare
Bill is responsible for technical strategies and recommendations for Comport’s Healthcare clients. His extensive experience includes four healthcare systems in leadership roles supporting Clinical Applications, Digital Health, and Office of the CIO as the primary liaison between IT and the business.
