The 1849 Gold Rush in the United States is often looked back upon as a time of great prosperity and a sign of what the great frontier (what would become California) had to offer. While it’s true that the influx of gold invigorated both the domestic and other international economies, there were other, less desirable implications. Over 300,000 people flowed into the Western US, many with the intent to strike it rich – but few did. Some took to another, less desirable profession: robbing banks, many of which were housing the gold. After all, mining was just as easy as breaking open a safe with a hammer and pickaxe. This led to a kind of arms race between banks and vault manufacturers, which were demanding better security; and the robbers who were coming up with more sophisticated ways to crack them.
Now, 170 years later, another source of great prosperity is creating a similarly precarious situation. The internet age is moving forward in leaps and bounds. Two major factors are the rise of cloud computing, making remote server and storage space available immediately with no substantial infrastructure investment; and the IoT with more devices from cars to simple motion sensors collecting data and interacting with various sources. The result is connectivity on unprecedented levels. It’s estimated that by the end of 2020, there will be some 200 billion connected devices around the world. This connectivity is changing some industries to their core but, just like the Gold Rush in 1849, is precipitating a rise in crime. Last year, cybercrime cost over $1 trillion worldwide with both businesses and governments scrambling to build a better vault, so to speak, to protect their most important asset – data.
At SOSA, we are often approached by leading firms and officials who are looking for guidance on how to better protect themselves as the landscape of cyber threats continues to involve. The truth is that there is no such of a thing as being “fully protected” from a cyberattack. As soon as an organization realizes this, they have a better chance of staying clear of the “insurance protection gap” and are more prepared for new risks. Our experience at SOSA has shed light on some tactics and steps to improve security.
Understanding Vulnerabilities – Hackers will always try to seek out the easiest entry point in an organization. Threat detection has become part of almost every cyber security company’s core services and is mandatory for all IT systems on almost every scale. While every system has its own unique weaknesses, there are certain characteristics which seem to be across the board which needs to be taken into account such as the lack of awareness and training, especially that of non-IT staff. Between 90-95% of breaches are caused by human error. Therefore cyber security firms need to regularly provide all relevant employees with key insights on how to keep hackers out.
The Need for Orchestration Solutions – In many cases, organizations put together their cyber security services piece by piece using various providers. This patchwork method is now showing up as another potential Achilles heel as these services often are incompatible or even redundant. Companies like Cytegic and Demisto, which deal in cyber risk management, develop software which enables the culling of data on security threats and alerts from different sources and provide analyses on them. This allows for improved and often automated incident response.
Sufficient Security Preparations for New IT Initiatives – Often when companies decide to make changes in their IT infrastructure, they neglect to fully address security issues which might come into play. For example, cloud computing comes with its own set of threats which need to be recognized and prepared for as much as possible. Without ensuring the proper security, the organization can find itself vulnerable to impending threats from the start. SOSA has a very good relationship with a company called Luminate (recently acquired by Symantec) which deals exactly with these kinds of security challenges.
Monitoring Dark Net Activities – It shouldn’t come to anyone’s surprise that many cyber-attacks are organized in online forums. The problem is that these forums are mostly invisible and often encrypted. The Dark Net, otherwise known as the TOR network, is where people go for anonymity, especially those involved in illegal activities.
This is where Web Intelligence (WEBINT) technologies come in. Companies like SenseCy and KELA act as whistle blowers, scanning the Dark Net to uncover compromised information or schemes in the making against their clients. They use their technology to survey forums as to the use of an organization’s name – how many times they’ve been mentioned in Dark Net forums, what kind of information may already been acquired and more. With the help of AI, companies that deliver WEBINT services can also provide prediction analytics and pattern recognition to try and forecast potential threats.
The IoT Security Black Hole – Perhaps the biggest security gap is located in the latest online frontier. Dumb devices are quickly going smart, from the refrigerator to motion sensors; everyday gadgets are talking to each other and gathering data. Unfortunately, many of them were developed using relatively new combinations of communications protocols, coding language and IT infrastructures. As a result, many cyber security companies have yet to identify all of the loopholes created by these combinations. To make matters worse, IoT manufacturers are loosely monitored regarding even basic encryption for their devices. SOSA deals with firms like SecuriThings and Claroty who operate in this domain and work with large organizations who also have a serious problem with scale. They have so many interconnected devices and are getting lost even with basic statistics like serial numbers and locations as well as security.
These tips on how to get an edge in the cyber security arms race are just the tip of the iceberg. Governments and businesses alike are facing unprecedented challenges to keep their data and their entire operation protected. But unlike in 1849, when individual companies were developing new kinds of sophisticated locks and keys, online security will probably be advanced on an industry level by firms who can see the bigger picture. At SOSA we are proud to be an enabler of that process by connecting the various parties together.