The New Normal & the Cyber Crimes
1. What do you think is the major cause for this rising crime despite companies having IT experts? It is no secret that criminals always opt for the easiest way to make big money. Cybercrime is no different. The cyberspace does offer a great platform to people with malicious intent to cause harm. There are actually many reasons why there is such a meteoric rise. Firstly, every shocking incident (Tsunami/Twin towers/Earthquakes/COVID-19) makes it easier to intentionally or unintentionally fool people into clicking somewhere they shouldn’t. Today phishing attacks lure people to inadvertently download ransomware. Secondly, the ability of perpetrators who commit crimes continue to evolve.
Deepfakes are now much easier achieved than earlier, Phishing is an industry and ransomware is available as a service. And thirdly, the industry suffers from a huge shortage of cybersecurity skills, both on the consumer and the vendor side. With increased legal penalties (read GDPR/CCPA/PDPA) for lack of reasonable protection, many enterprises choose to use a ‘bandaid type’ solution to manage changes in computing environment. That does not address the problem holistically, and is finally evidenced with an attack. There are many more. We call this the Great Cybersecurity Conundrum!
2. What steps can companies undertake to caution their employees while going beyond just the firewalls to secure the infrastructure?
When it comes to the enterprise, the biggest threat to cybersecurity is actually change. When we plan for, deploy and begin our cybersecurity journey, every enterprise who is serious in its commitment to protect against cyber threats, does a very diligent analysis and procures the best of breed products that they can afford. The problem begins after that. Changes in business, geo-political environment, organizational structure, technology and disruptions lead to changes, which are usually dealt with in a fire fighting mode, leading to gaps in cybersecurity. The best way then is to use the Defensible Cybersecurity approach which will ensure enterprises are able to Protect, Detect and Respond to cybersecurity challenges across endpoints, the enterprise edge, compute, systems and data by having razor sharp focus on business risks, and the adaptive ability to handle change!
3. What new challenges will companies see post-COVID-19? How do prepare for them?
As we head into the future, more and more internal employees will use applications that are outside the firewall, and more and more employees will use unmanaged devices to access internal information. With vanishing perimeter it is thus imperative to consider the expanded enterprise as a single unit that shall include both on premises and on the cloud computing environment as a single unit when determining how to address cybersecurity. COVID19 has shown us that many activities can actually be performed online and enterprises will try to adopt this new security posture as the new normal. Post COVID19 we will see increased IT capabilities that would provision applications using virtual environments that will be suited for using any device while enforcing a Zero trust Approach. Cybersecurity controls will be now measured and operated to handle changes in computing environment and a Defensible Cybersecurity model shall prevail!
When it comes to the enterprise, the biggest threat to cybersecurity is actually change. When we plan for, deploy and begin our cybersecurity journey, every enterprise who is serious in its commitment to protect against cyber threats, does a very diligent analysis and procures the best of breed products that they can afford. The problem begins after that. Changes in business, geo-political environment, organizational structure, technology and disruptions lead to changes, which are usually dealt with in a fire fighting mode, leading to gaps in cybersecurity. The best way then is to use the Defensible Cybersecurity approach which will ensure enterprises are able to Protect, Detect and Respond to cybersecurity challenges across endpoints, the enterprise edge, compute, systems and data by having razor sharp focus on business risks, and the adaptive ability to handle change!
As we head into the future, more and more internal employees will use applications that are outside the firewall, and more and more employees will use unmanaged devices to access internal information
3. What new challenges will companies see post-COVID-19? How do prepare for them?
As we head into the future, more and more internal employees will use applications that are outside the firewall, and more and more employees will use unmanaged devices to access internal information. With vanishing perimeter it is thus imperative to consider the expanded enterprise as a single unit that shall include both on premises and on the cloud computing environment as a single unit when determining how to address cybersecurity. COVID19 has shown us that many activities can actually be performed online and enterprises will try to adopt this new security posture as the new normal. Post COVID19 we will see increased IT capabilities that would provision applications using virtual environments that will be suited for using any device while enforcing a Zero trust Approach. Cybersecurity controls will be now measured and operated to handle changes in computing environment and a Defensible Cybersecurity model shall prevail!
