Protecting With Pre-Cognizance

Hemal Patel, SVP IT & Operations, Sophos
Monday, December 28, 2015
Hemal Patel, SVP IT & Operations, Sophos
Headquartered in Abingdon, UK, Sophos develops data management, network security and threat management products to protect organizations against malwares and other cyber attacks.

From financial press to daily newspapers, headlines quoting cyber attacks and data-breach incidents have become a fact of life. Can we deny that? It's like a catch-22 situation, for we need to thrive in an increasingly digital world. But if we choose to do so, there are challenges or threats that are waiting to ambush us, bringing our information, trade secrets, sensitive personal and financial data in the cross-hairs of attackers. Such recurring incidents nudge us to inquire as to why cyber-threats and advanced attacks have become almost like an epidemic. Although I have spent almost two decades innovating network security, I would not find it a matter of surprise if someone argues for god's sake, we are living in 21st century; we have been to the moon and back; they are building colonies on Mars; they have invented cure for cancer and AIDS, what is this cyber risk taboo?. I think this kind of reaction should be seen as a very natural response to increasing dominance of cyber threat incidents on our daily lives. Having said that, we still need to show respect towards this inquiry or ambiguity as others see it, for those who are guardians and in the role of securing need to reflect on such contemplations with a strong sense of awareness, commitment and responsibility.

Built-In and Not Bolt-On
As Richard A. Clarke puts it, "Cyber war skips battlefield. Systems that people rely upon, from banks to air defense radars, are accessible from cyberspace and can be quickly taken over or knocked out without first defeating a country's traditional defense". This may sound too far-fetched to a na've person. However, it simply can't get any real than that. We need to evolve our thinking of how digital universe operates and how today's cyber adversaries think. Our private data is a part of those terabytes of information assets that lie across vast information network on the Internet. If we analyze security incidents that compromised data or exploited IT vulnerabilities, we see one commonality. And that is, security continues to be an afterthought. We are fighting an unknown and unforeseen adversary (it could be anyone from a rogue terrorist outfit like ISIS or a coordinated network of hackers that are after healthcare data, financial data, trade secrets or others) and security incidents continue to prove that these threats have managed to stay ahead of the curve.

Most security practitioners get it wrong; they grapple to find intelligence from obsolete security practices. The truth is, it's about making security intelligent, more coordinated and capable to allow us pre-cognizance into the build-up of threats, bringing us timely signs and capabilities to interpret network, user and device activities as potential risk indicators. While security challenges are becoming complex, time and again, same mistakes are repeated. Here's a listing of security recommendations which organizations can include as a must in their security checklist:

- Discard legacy systems. If you can't, then mend lose ends: It was revealed that some of the enterprise IT systems were reportedly over 20 years old and written in early generations of machine languages like COBOL, which were not designed to enable security but deliver processes. The battleground that hackers target extends to embedded computers in industrial control systems, as the Stuxnet virus showed us. We can learn from system hacks made to SCADA systems in the Middle East and other countries.

Share on Twitter
Share on LinkedIn
Share on facebook