Cybersecurity seems to be one of the biggest talking points of 2017, and the problem seems to be growing exponentially. With information security becoming a strategic agenda for many businesses and governments, will we finally see some long-awaited progress in this space? Chris Ankers digs deep…
It’s fair to say that 2017 has been a year of cybersecurity disasters! In just six months, the WannaCry ransomware attack, Petya ransomware attack and the French Presidential election hack have exposed the gaping holes that exist in the world’s cyber-defences. Telcos, hospitals, oil companies and even government agencies have all been caught out by these attacks. And as the US and Russia tinker with the idea of a joint cybersecurity unit, it begs the question – will 2017 end up being a landmark year for cybersecurity?
The number of cybersecurity breaches in the first half of 2017 has shown that the scale, size and impact of these threats are becoming greater by the day. According to a UK cybersecurity survey, almost half of businesses have been affected due to a cyber-attack in the past year. What’s even more alarming is the fact that most of these attacks weren’t the result of some big-ticket hacking; instead they were simple, fraudulent email attacks which contained attachments with viruses and malware. Clearly, lack of awareness coupled with the scale, frequency and sophistication of these attacks threaten many internet users across the globe.
In fact, there is a sense of paranoia that is gripping governments worldwide. The recent incident with Kaspersky in the US where the security software maker was alleged to have ties with Russian government intelligence showcased the growing anxiety about cybersecurity. In order to reassure the US government, the company’s CEO, Eugene Kaspersky, had to publicly announce his willingness to let the authorities review their source code.
The advance of the Internet of Things (IoT), where leading companies are testing concepts related to smart cars, smart cities and other smart devices, poses further cybersecurity challenges. If cyber attackers find vulnerabilities in IoT systems, they will be able to compromise much larger networks where the results could be catastrophic. Alarmingly enough, Gartner has predicted that by 2020 more than 25 percent of identified attacks on enterprises will involve IoT.
Clearly, as our lives get more interwoven with technology, these cybersecurity risks are only going to increase. Governments, enterprises and even individuals should come together to tackle this menace. The General Data Protection Regulation (GDPR) is a good step in this direction for businesses in the EU and Singapore has also proposed a cybersecurity bill for businesses based there.
However, on-going cybersecurity programmes are required to counter the continually advancing threat, and individual business owners need to make cybersecurity a key strategic objective. All incoming data should be monitored to tackle breaches before they cause harm and companies need to invest in advanced analytics systems that can detect anomalies and potential threats. In addition, businesses need to appoint a dedicated team of cybersecurity experts or educate their existing staff so that they can take appropriate risk mitigation measures.
Cybersecurity initiatives should rely on preventive measures rather than corrective action. More effort should be invested towards early identification of vulnerabilities and building fortified cyber systems, and businesses which implement third party systems should ensure that their vendors follow the best security practices.
This year’s cybersecurity disasters may just be a blessing in disguise and serve as a much-needed wake-up call for businesses to mend their lackadaisical attitude towards their cyber-defences. In that sense, 2017 may end up being a watershed moment in cybersecurity!