Knowing what to keep an eye out for where cybersecurity is concerned, is always helpful. But matters tend to become complicated when a real virus is added to the virtual ones already in circulation. Compounding the matter is the sudden spike in the volume of people now working from home. Threats that could formerly be contained and speedily remedied within the confines of office systems, are now assailing organisations remotely from multiple points – making them that much harder to overcome. Cybersecurity threats have always been unpredictable at best but the pandemic has created an even more unsettled landscape.
Everything is a threat
Ironically, everything that was originally touted as a boon to business – automation, artificial intelligence (AI), the Internet of Things (IoT) – is now regarded as a possible means of its destruction. Where big data was hailed before as a necessity for firms that wanted to have the most up-to-date information, it has now become the proverbial millstone around the organisation’s neck as it proves awkward and unwieldy to manage, besides raising the twin issues of integrity and confidentiality. The more data you acquire, the more vulnerable you become to hacking, and not just by lone-wolf hackers; organised crime is doing it too.
Technology is evolving faster than most businesses can keep pace with. In some cases, just trying to keep up is slowing them down! Security is a major issue and will remain one in the foreseeable future. Obtaining, authenticating and accessing data that is critical to making decisions requires sophisticated systems but it means opening these same systems to cyberattacks that could impact negatively on operations. Data breaches are common and are set to continue. It is a rare company that hasn’t experienced one. The only differences in data breaches are their levels of intensity and the differing extent of damage caused.
Double-edged swords
In their efforts to tighten cybersecurity, many firms are looking at alternatives that put their valuable data beyond the reach of hackers – such as in secure, cloud-based locations, for instance. But moving infrastructure, processes and data storage to the cloud may lead to a myriad of complex situations that are more difficult to mitigate. Organisations may find themselves becoming collateral damage when other cloud-sharing businesses are targeted by hackers. Using cloud-based systems means having reduced visibility and control over your data, which again could lead to disruption and denial of service.
Technology has spurred the integration of electronic devices and essential services like banking and finance. It is now possible to transfer funds through mobile phones, remotely access bank accounts and even trade in cryptocurrency. But this kind of integration, as well as the growing connectivity between electronic gadgets that is being increasingly enabled by AI apps, may leave systems and networks exposed to data thieves and hackers. The greatest danger is that as more gadgets become connected to the IoT, the more vulnerable these enabling systems will become. More robust mobile security is definitely on the cards.
Information is the new currency
There is, in fact, a virtual war going on. Programs and applications are being subverted for ill-gotten gains almost as soon as they are launched. It isn’t just the competition stealing your new designs; governments are spying on each other using the same methods, and organised crime is laundering money, dealing drugs and financing terrorism with increasingly sophisticated technology. For instance, they have become adept at using AI’s ability to analyse large volumes of data to aid their efforts on the dark web, and camouflage their illegal activities such as human trafficking and trading in stolen weapons.
Personal data is at a premium; safeguarding it is critical. But as connectivity grows between gadgets and apps, there is more personal data out there than people realise. When you link this to information systems in vehicles using Bluetooth or Wi-Fi, for instance, or to databases of medical records, a complete picture emerges of background, health, mobility, finance and behaviour of individuals – often without their knowledge. Cybersecurity is going to focus increasingly on the protection of such data; many jurisdictions already have regulations that safeguard confidentiality. Even so, such data can be misused, subverted or abused.
Silver lining
Amid the growing threats and continuing disruption, it has become evident that mitigative efforts and appropriately-trained personnel are imperative to the cybersecurity battle. The cybersecurity industry is a nascent one but demand for cybersecurity professionals is another emerging cybersecurity trend. Training for cybersecurity awareness, especially now that so many employees are working from home, is necessary – particularly as not everyone may want to return to the office routine when conditions allow. Human error and operational risk will still be a cause for data breaches and system hacks, going into the future.
Employees need training and awareness of the challenges confronting them when working online. They need to recognise potential data breaches or hacks, particularly if they are working remotely with sensitive data or downloading material from multiple sources. But even with the appropriate training for employees, organisations will need full-time cybersecurity staff with the necessary skills for countering threats. There are very few points in an organisation which are not vulnerable to attack. Whole supply chains can be crippled if the connection between robotics, vehicles, logistics infrastructure and distribution is hacked or disrupted.
The list of cybersecurity trends – current or emerging – is endless. As long as businesses depend on technology to function, they will be vulnerable to the threats that are inherent in the systems, procedures and processes that they require in order to operate. Organisations need to be proactive about their cybersecurity. They also need to keep a finger on the pulse of developments in the industry, and be aware of latent or emerging threats in the course of their digital transformation. Above all, they will need a comprehensive understanding of their particular security issues, and commit to safeguarding themselves.