Separator

Cyber Security: Plummeting The Gravity Of Cyber Threats

Separator
Brian Trzupek, SVP - Product Emerging Markets, DigicertDigicert is one of the premier providers of high assurance digital certificates, providing trusted SSL, private and managed PKI deployments and device certificates for the emerging IoT market. Recently after adding Symantec's experience and talent to the legacy of innovation, Digicert is all set to lead the industry forward by building greater trust in identity and digital interactions.

Cyber crimes are increasing with each passing day as the cybercriminals are using advanced technologies to hack the valuable information via the internet. Starting from the individuals to the reputed MNCs, all are facing the threat of data breach or information leakage which might compel them to face adverse situations. We are massively dependent on the internet, starting from our daily chores to important business transactions and are ready to embrace the security measures to prevent our important data from malware and cyber attacks.

• What are your thoughts on the current state of cyber threat landscape brimming with ransomware, spyware, and crypto miners?
Cyber security is a constant battle. For every programming mistake that the developer makes, there is and always will be a security vulnerability that an adversary can and will exploit. What we have seen in recent years is the approach that adversaries are taking to compromise a system or an individual. In regards to systems, they are taking advantage of systems being outdated. When it comes to individuals, they usually utilize human intelligence or psychology, which is commonly known as social engineering (phishing attacks fall under this category). It's worth mentioning that adversaries' intentions have changed over time. Next-generation adversaries, including nation-states, are focused on using their targets as a means to achieve things such as crypto mining or applying DDOS attacks.

• What are the potential benefits of AI-based threat-detection when compared with signature-based threat detection? Also, what other detection methods do you suggest to companies today?
AI-based threat detections are an advantageous approach when it comes to IPS and IDS solutions, given they have been trained on proper and non-adversarial training data.

We haven't seen a massive adoption
of this approach, which is simply because the current AI-based IDS and IPS systems are providing the results with significant false negative or false positive. Additionally, approaches such as supervised machine learning, which is only one element of AI-based threat detection, are quite costly, which is yet another reason for organizations to question the adoption of AI threat detection. As far as other methods, this is very specific for each enterprise and mostly dependent on their environment. Some organizations might benefit from implementing intruder traps, while others will have the upper hand if they properly implement Deep Packet Inspection at every gateway.

• Brief us about your thoughts on the current cyber security industry as well as on the trends that can greatly impact and revolutionize its present state.
The current state of cybersecurity is where we meet innovative attacks and innovative defenses. Google recently announced its achievements regarding quantum supremacy. Though this is exciting news, it also poses a threat to our current encryption methods, which are the backbone of almost every secure communication channel. While quantum computers pose a significant threat, other researchers have come up with a number of different algorithms that do protect our future infrastructure against the threat caused by quantum computers. Cybersecurity enterprises are racing to innovate the next big thing, while adversaries are in a race to find the next zero-day attack. This `while loop' of building defenses and finding new vulnerabilities will stand as a standard for many decades to come.

Protecting the valuable and sensitive data from the cyber attack and data breach, cyber security is currently emerging as a need-of-the-hour technology


• How can companies effectively stay abreast of the various cyber threats, android malware, mobile banking Trojans, adware and fake apps? What suggestions do you have for them?
Preparation plays the biggest role when it comes to cybersecurity. Servers, endpoints, applications, kernels, and of course, individuals could all pose a security threat if they are not using the concept of security by design. One common problem across most of the categories mentioned above is the issue of proper authentication. We often see that enterprises don't use proper authentication methods such as TLS and would rather opt-in for `cheaper' and less secure methods, such as usernames and passwords. One method that can protect users and applications, in the long run, is the code-signing approach, which enables applications and updates to be cryptographically signed. This method significantly raises the security life-cycle management of applications in an open or closed environment.

• On a concluding note, based on your robust industry experience and knowledge, what message do you want to put across to the readers/investors/business partners/start-ups?
Do not take cybersecurity for granted: budgeting for defense is usually a better approach than having to pay the cost for recovery from a cyber-attack. The industry is moving fast, but attackers are moving faster, and that by itself is an indication of how developers are losing their focus when it comes to security. Every update, every bug fix, and every patch is a testament that security is an unsolved problem and will stay like that for a very long time.

We are massively dependent on the internet, starting from our daily chores to important business transactions and are ready to embrace the security measures to prevent our important data from malware and cyber attacks. Protecting the valuable and sensitive data from the cyber attack and data breach, cyber security is currently emerging as a need-of-the-hour technology.