EDITOR ’ S QUESTION
ISRAEL BARAK , CHIEF INFORMATION SECURITY OFFICER , CYBEREASON
Q + A + Q + A + Q + A + Q + A + Q + A + Q + A + Q + A +
Multi-stage ransomware attacks are rising significantly , with multiple attackers executing ransomware operations involving data theft , the stealing of user credentials and lateral movement across the victim ’ s network to compromise as many endpoints as possible . Cybereason is seeing ransomware capabilities deployed early in hacking operations but not immediately detonated . In these cases , the ransomware is detonated only after preliminary stages of the attack are finished across all compromised endpoints to achieve maximum impact on the victim .
Beyond ransomware , mobile phones are becoming a focal point for nation states and rogue hacking groups . Traditionally , attackers have been targeting mobile phones for taking data , performing surveillance on the users and its location services . Recently , we have seen the transition by attackers to using the mobile phone as the penetration vector into the organisational network . That being said , there hasn ’ t been an influx of new techniques introduced into the industry for penetration – we primarily see phishing emails at the top of most threat actors ’ lists .
Cybercrime actors continue to prey on victims using COVID-19 themed attacks . Recently , we ’ ve seen attackers use fake apps that claim to offer continuous monitoring of the infection rates in a city or country . Or in one instance , a scam was being run with employees at one company receiving text messages appearing to come from the company ’ s administrators with an update on what the company is doing in response to the pandemic .
The number one priority for almost every CIO is to accelerate the organisation ’ s pace of innovation . In practice , specifically , it means the ability to shift computing resources from on-prem to cloud , in order to be more agile . It ’ s about including autonomous technologies to reduce manual overhead and to allow the company to expand its innovation while spending less time on system tuning and maintenance .
This agility can ’ t come without a built-in security suite and program that is able to scale with the rest of the IT infrastructure . CIOs also need to take a close look at how their security program is architected . For example , can the security infrastructure scale without worrying about additional manual resources to support it ? Is the system architected in the right manner , whether it is on-prem or in the cloud ?
The second highest priority for most CIOs is how we can get smarter in how we use and analyse our data . The idea is to be able to expand the business without adding linear growth in the cost of operations , while at the same time becoming faster and smarter .
Common failures occur when security is bolted on top of a Digital Transformation programme as opposed to being built into it during the design and implementation phases . It is critical to ensure proper security checkpoints and gateways are passed as an integral part of the Digital Transformation processes and that tools are selected based on their support plans and expansion . As an example , will the security platform be able to expand to protect into containerised environments ? Will it be able to seamlessly transition from one cloud platform to another ? Will it be able to seamlessly integrate with the enterprise ’ s data analytics initiatives ? These are important questions a CIO needs to be able to answer .
With that in mind , it is important to point out that there is a widening of the gap between the supply and demand of skills in the cybersecurity industry . There are hundreds of thousands of job openings from level one to level three security analysts . To fill these shortages , the autonomous security operations centre ( SOC ) will up-level the game in security , improve efficiencies and democratise security . It won ’ t get easier to be a security person , but the skillsets required will simplify , the tools and become more intuitive and the path will become clearer . As with most forms of automation , however , the nature of the SOC analyst will change , but there is still going to be a strong demand for people .
28 INTELLIGENTCIO www . intelligentcio . com