Ready, Get Set, Go: Cybersecurity Trends in 2020 and Beyond

When the entire world is dreading about the pandemic, it’s an exciting time for hackers as there are more vulnerable opportunities to attack identity and access vectors.   

In this article, we will talk discuss the fundamentals of cybersecurity, the trends, challenges, and the numerous opportunities to leverage them.

There are two types of companies: those that have been hacked, and those who don’t yet know they have been hacked.”

- CISCO CEO John Champers

What Is Cybersecurity?

It’s not just about digital or just for Information Technology. It’s all about people, processes, and technology coming together to protect “systems” against “attacks” and ensuring Confidentiality, Integrity, and Availability

• In cybersecurity, it’s important to view the system holistically as a supply chain than focusing on individual components in silos. Systems include all components such as Networks, Infrastructure, Operating Systems, Applications/Programs, Containers, Devices, Organizations, Individuals, Data, and many more.
• Confidentiality defines rules that restrict access to data and information. It’s about maintaining privacy and protecting the system.
• Integrity is maintaining the accuracy and completeness of data and information throughout the life cycle of the system. The key here is to ensure the data is consistent and trustworthy over the period.
• Availability is assuring that the data and information are accessible whenever it’s required by authorized users.

While an ‘attack’ or ‘threat’ can impact either one or all three key elements in cybersecurity, it’s important to understand the active and passive attacks and how they differ from threats so that the mitigation plan can be implemented appropriately.

Attacks and Threats

An active attack such as brute force attack (this is one of the culprits why we are being asked to change password often that too with so much emphasis on complexity and uniqueness), email spoofing, phishing/smishing (current trend of sending fraudulent SMSes that trick us into clicking on malicious links), denial of service and viruses attempt to alter a system or accept operations that compromise integrity and availability.

A passive attack such as keystroke logging, computer/network surveillance attempts to gain access or make use of information from the system but does not affect system resources. This eventually compromises confidentiality.

While attacks are deliberate, threats such as interception, interruption, modification, and fabrication can be intentional or unintentional. To give an example, while building an application, a developer may unintentionally write a code segment that’s vulnerable to malware and other potential flaws.

Due to the nature of threats, it comparatively hard to detect than an attack. That’s one of the reason, threat analytics is booming with a lot of challenges and opportunities.

So, What’s Going to Be the Trend Going Forward?

Last few months, working from home is the new norm for IT organizations and in turn, endpoint security becomes topmost challenges among others:

• Endpoint security: Protecting remote access to a company’s network.
• Network Security: Protecting network from unwanted users, attacks & intrusions
• Cloud Security: Protecting from unauthorized party gaining access to an asset
• Mobile Security: Protection from fake & malicious apps
• Supply Chain Cyber Attacks: Protecting each component within the supply chain
• Data Security & Data Privacy Regulations: Securing Adhering to data and privacy standards
• Identity Management: Understanding the access every individual has in an organization
• Disaster recovery/business continuity planning: Effective plan for the business to continue in the event of a breach

A below recent analysis from Forbes summarizes the challenges which in turn becomes opportunities:

• Network, data, and endpoint security are the three leading use cases of A.I. in cybersecurity today, according to I.T. executives.
• Fraud detection, malware detection, intrusion detection, scoring risk in a network, and user/machine behavioral analysis are the five highest A.I. use cases for improving cybersecurity. (Source: Capgemini)
• There has been a 667% increase in spear-phishing e-mail attacks related to COVID-19 since the end of February alone.
• Over 42% of endpoints experience encryption failures, leaving entire networks at risk from a breach and 100% of all devices experiencing encryption failures within one year.
• 87% of enterprises are seeing mobile threats growing the fastest this year, outpacing other threat types, based on Verizon’s Mobile Security Index 2019.

Artificial Intelligence is the buzz word but what’s more important is to understand the domain, critical factors influencing the outcome before implementing the AI solution.

As per Statista, the top AI use cases for cybersecurity in organizations in selected countries as of 2019.

Of course, Endpoint security has taken higher precedence in the current situation owing to COVID-19.

Opportunities and Options to Be Prepared

According to Monster Inc., Banking/Finance/Insurance, Information Technology/Management, Government (Defense & Nondefense), Consulting/Professional Services are the top 5 industries for cybersecurity professionals.

The preferred skills include Incident handling and response, Audit and compliance, Firewall/Intrusion Detection System/Intrusion Prevention Systems skills, Intrusion detection, analytics and intelligence, Security Information And Event Management (SIEM), Access/identity management, Application security development, Advanced malware prevention, Cloud computing/virtualization

It’s overwhelming but according to me, below are some key options to hone the cybersecurity skills.

1. Domain Expertise

In an analytics solution, about 80% of work involves understanding the domain, parameters that influence the system, root cause of them, and optimizing them to get the maximum output.

Identity Access Management is the foundation and critical element of cybersecurity. Understanding the 5 pillars and building an effective solution is the key to excel.

• Authentication: Enabling users to prove they are who they claim to be.
• Authorization: Ensuring the authenticated users are tightly governed in what they can access and do.
• Administration: Managing the processes and policies of the Identity Access Management system. Ideally automating integrations with other enterprise functions.
• Analytics: Detecting instances of improper or faulty credential usage and triggering additional controls.
• Audit: Looking back across the identity lifecycle to review events & confirm that an identity access management system is being properly used.

One of my favorite book to understand the concepts and build an IAM solution is Identity Attack Vectors: Implementing an Effective Identity and Access Management Solution by Morey J. Haber, Darran Rolls

2. Available Solutions in The Market

There are plenty of cybersecurity solution to explore in the market. But to brainstorm, learn, and build an effective system, I have given below some of my personal favorites among many available options:

• Neo4J: Visual representation of the relationship among identities and their access helps in analyzing the complex environment, identifying loopholes and providing recommendations. 
• Elastic: Though this was built primarily for enterprise search, Elastic stack provides threat analytics towards Security Information and Event Management (SIEM) and Elastic Endpoint security

3. Build a Solution in Your Own Way

Yes, we have plenty of data available everywhere more than enough for us to learn, make sense out of it, and build a solution.

To give an example, all published vulnerabilities are available through Common Vulnerabilities and Exposures  and National Vulnerability Database. We can build a vulnerability management solution through our preferred technology leveraging this data.

4. Learn While Having Fun

Kaggle is my personal favorite world’s largest data science community. It provides interesting data science challenges along with data & tools to explore. Cybersecurity Analysis of National Vulnerability Database using k-means clustering  is one great data science problem to understand key elements of vulnerabilities.

5. You Can Be a Hacker Too… Well, an Ethical One!

As Jay Bavisi, CEO of EC-Council, says about ethical hacking, “Government agencies and business organizations today are in constant need of ethical hackers to combat the growing threat to IT security. A lot of government agencies, professionals, and corporations now understand that if you want to protect a system, you cannot do it by just locking your doors”, it continues to be one of the top opportunities for cybersecurity professionals.

In nutshell,

• Rising challenges create more demand and opportunities for cybersecurity professionals.
• Focus more towards the cybersecurity domain especially the foundation of Identity Access Management.  
• Develop the skill that passionate you. As we discussed above, cybersecurity provides a variety of challenges and hence a variety of tools & technologies available to solve those challenges.
• Learn the pattern, Implement the solution, Learn…. Repeat!

References

• https://www.upguard.com/blog/cyber-attack
• https://www.geeksforgeeks.org/active-and-passive-attacks-in-information-security/
• https://www.geeksforgeeks.org/difference-between-threat-and-attack/
• https://genesisdatabase.wordpress.com/2010/12/13/types-of-threats-interception-interruption-modification-fabrication/