Threat Management

2020 Vision: Cybersecurity through a business lens

Over the coming years organizations will experience growing disruption as threats from the digital world have an impact on the physical. Invasive technologies will be adopted across both industry and consumer markets, creating an increasingly turbulent and unpredictable security environment. The requirement for a flexible approach to security and increased resilience will be crucial as a hybrid threat environment emerges.

The impact of threats will be felt on an unprecedented scale as aging and neglected infrastructure is attacked and disrupted due to vulnerabilities in the underlying technology. Mismanagement of connected assets will provide attackers with opportunities to exploit organizations.

Businesses of all sizes must prepare for the unknown, so they have the flexibility to withstand unexpected and high impact security events. To take advantage of emerging trends in both technology and cyberspace, businesses need to manage risks in ways beyond those traditionally handled by the information security function, since new attacks will most certainly impact both shareholder value and business reputation.

After reviewing the current threat landscape, there are three dominant security threats that businesses need to prepare for in 2020. These include, but are not limited to:

  • The Race for Technology Dominance
  • Third Parties, Internet of Things (IoT) and the Cloud – The Emerging Threat Landscape
  • Cybercrime – Criminals, Nation States and the Insider

An overview for each of these areas can be found below:

The Race for Technology Dominance

Technology has changed the world in which we live.  Old norms are changing, and the next industrial revolution will be entirely technology driven and technology dependent.  In short, technology will enable innovative digital business models and society will be critically dependent on technology to function.  Intellectual property will be targeted as the battle for dominance rages. 

Evidence of fracturing geopolitical relationships started to emerge in 2018 demonstrated by the US and China trade war and the UK Brexit. In 2020, the US and China will increase restrictions and protectionist measures in pursuit of technology leadership leading to a heightened digital cold war in which data is the prize.  This race to develop strategically important next generation technology will drive an intense nation-state backed increase in espionage. The ensuing knee jerk reaction of a global retreat into protectionism, increased trade tariffs and embargos will dramatically reduce the opportunity to collaborate on the development of new technologies.  The UK’s exclusion from the EU Galileo satellite system, as a result of the anticipated Brexit, is one example.

New regulations and international agreements will not be able to fully address the issues powered by advances in technology and their impact on society.  Regulatory tit for tat battles will manifest across nation states and, rather than encourage innovation, is likely to stifle and constrain new developments, pushing up costs and increasing the complexity of trade for multinational businesses.

Third Parties, IoT and the Cloud – The Emerging Threat Landscape

A complex interconnection of digitally connected devices and superfast networks will prove to be a security concern as modern life becomes entirely dependent on technology. Highly sophisticated and extended supply chains present new risks to corporate data as it is necessarily shared with third party providers. IoT devices are often part of a wider implementation that is key to the overall functionality.

Few devices exist in isolation, and it is the internet component of the IoT that reflects that dependency. For a home or commercial office to be truly 'smart', multiple devices need to work in cooperation. For a factory to be 'smart', multiple devices need to operate and function as an intelligent whole. However, this interconnectivity presents several security challenges, not least in the overlap of consumer and operational/industrial technology.

Finally, since so much of our critical data is now held in the cloud, opening an opportunity for cyber criminals and nation states to sabotage the cloud, aiming to disrupt economies and take down critical infrastructure through physical attacks and operating vulnerabilities across the supply chain. 

Cybercrime – Criminals, Nation States and the Insider

Criminal organizations have a massive resource pool available to them and there is evidence that nation states are outsourcing as a means of establishing deniability. Nation states have fought for supremacy throughout history, and more recently, this has involved targeted espionage on nuclear, space, information and now smart technology. Industrial espionage is not new and commercial organizations developing strategically important technologies will be systematically targeted as national and commercial interests blur.  Targeted organizations should expect to see sustained and well-funded attacks involving a range of techniques such as zero-day exploits, DDoS attacks and advanced persistent threats.

Additionally, the insider threat is one of the greatest drivers of security risks that organizations face as a malicious insider utilizes credentials to gain access to a given organization’s critical assets. Many organizations are challenged to detect internal nefarious acts, often due to limited access controls and the ability to detect unusual activity once someone is already inside their network. 

The threat from malicious insider activity is an increasing concern, especially for financial institutions, and will continue to be so in 2020.

A Continued Need to Involve the Board

As the world’s businesses, governments, and economies grow more interdependent, knowing how to build resilient organizations and nimble incident response will be vital to more than cyber security. We no longer hide behind impenetrable walls. We operate as part of an interconnected whole. The strength to absorb the blows and forge ahead is essential to competitive advantage and growth, in cyberspace and beyond.  

As new technologies emerge, organizations need to adapt to the changing norms and values of society. Information security teams will need to consider the suitability of implementing evolving or poorly secured technology within the organization. Failure to protect against pervasive attacks will leave operations exposed to significant negative financial impacts and damage to brand reputation.

The requirement to maintain, improve and harden infrastructure to withstand the threats posed by people, technology and the elements will become an operational necessity. Abandoned, unsupported and forgotten assets will increasingly pose a hidden risk to organisations. While new architectural approaches may seem tempting, failure to maintain oversight of these new network ecosystems will prove disastrous.

Above all, organizations rely on trust – and in the digital world, innovative technologies can be misused to erode that trust and digitally naive employees can be exploited, endangering the relationships between organizations and their key stakeholders.

The executive team sitting at the top of an organization has the clearest, broadest view. A serious, shared commitment to common values and strategies is at the heart of a good working relationship between the C-suite and the board. Without sincere, ongoing collaboration, complex challenges like cyber security will be unmanageable. Covering all the bases—defense, risk management, prevention, detection, remediation, and incident response—is better achieved when leaders contribute from their expertise and use their unique vantage point to help set priorities and keep security efforts aligned with business objectives.

Today, the stakes are higher than ever before. High level corporate secrets and critical infrastructure are constantly under attack and organizations need to be aware of the emerging threats that have shifted in the past year, as well as those that they should prepare for in the coming year. Incidents will happen as it is impossible to avoid every breach. But you can commit to building a mature, realistic, broad-based, collaborative approach to cyber security and resilience. Maturing your organization’s ability to detect intrusions quickly and respond expeditiously will be of the highest importance.

When digital and physical worlds collide, only organizations that take decisive action will thrive.

About the AuthorSteve Durbin is Managing Director of the Information Security Forum (ISF).

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.