As Hemingway once wrote: “The world breaks everyone, and afterward many are stronger in the broken places.” This truism applies not just to people, but to businesses and the systems they operate on.
In this difficult year IDC has noted that many enterprises are allocating more IT expenditure on tech essentials such as cyber security and connectivity, helping them rebound stronger from the pandemic, and beat back the advanced persistent threats and phishing attacks that have tripled over the course of 2020.
We spoke to Johnny Kho, Director, Emerging Technologies of Trustwave, a Singtel company, to find out what organisations can do to stay resilient and build back stronger.
The Next Normal
It is a matter of sustainability in the world of COVID-19 for organisations to accelerate their digital efforts – from supporting remote workers to delivering new products – and this creates risks for those who are unprepared.
“IT and security operations are doing the best they can to adapt to this new normal while staying healthy, all the while cyber criminals are more aggressive than ever before,” Kho observes.
Phishing is a particular issue, with bad actors exploiting people’s desire for helpful information by distributing scams about COVID-19. One such instance was a fake map of COVID-19 outbreaks, Kho explains. And we have also seen far graver cyberthreats, such as the recent “wormable” bug in Windows 10, SMBGhost. It was estimated that this could cause tens of billions of dollars of losses if IT managers failed to patch it.
To battle these increasing threats, organisations must take a transformational approach towards digital resilience, Kho believes, which is made up of four key considerations.
Security by Design
Firstly, organisations should look to incorporate Security by Design approach as a default mindset. This means that organisations should build in security as a default to all of their systems, processes, and tools. Prevention is better than cure.
Trustwave first approaches this by assessing an organisation’s current state relative to industry benchmarks, Kho says. This helps the customer “identify their gaps in people, process and technology areas”.
Past this, there is consulting to help customers optimise their investments. In particular, they need to build up DevSecOps capabilities – where security is incorporated into their development and operations functions as a matter of course – to drive a cultural change from within and support their digital innovation initiatives.
Integrated Risk Incident & Crisis Management
Secondly, they need to take an integrated programmatic approach for their risk, incident and crisis management operations. This ensures a proactive stance of readiness to manage a crisis with clearly defined action plans.
Organisations should make sure that they build a “risk culture” through education and awareness programmes, Kho says. This improves the resilience of an organisation.
To further assess their resilience, organisations will engage Trustwave to run “red teaming” exercises. “The sole intent of red teaming is to make an organisation’s nightmare come true in a simulated attack,” Kho explains, “helping the organisation be prepared and ready to respond if it happens.”
On the onset, red teaming mimics how hackers will leverage intelligence gathering to first understand an organisation’s infrastructure. Then a red team member will typically conduct phishing attacks to assess the “human factor” of security, he explains. Attackers will look to “weaponize” trojans and even false online personas to exploit weak points. And they will even conduct social engineering tests to find other potential vulnerabilities.
Digital Threat Situational Awareness
Beyond the organisational boundaries, it is important to have good digital threat situational awareness leveraging cyber threat intelligence to improve one’s resilience in preparation for impending attacks.
The Trustwave SpiderLabs team is expertly positioned to help here. As home to over 250 specialised security experts, they research 9 million web application attacks annually and conduct over 2500 penetration tests per year. This provides expertise to help prepare and mitigate the dangers.
Digital Resilient Security Operations
Finally, an organisation must build digital resilient security operations, Kho advises. They should integrate automation, machine learning and analytics to increase the efficiency of their security threat detection capability, he advises.
The Trustwave Fusion Platform improves incident accuracy, response time and actions thanks to Security Orchestration, Automation and Response (SOAR) technology coupled with advanced analytics and machine learning, Kho notes.
The cloud-based platform consolidates Trustwave’s expert people, processes and technology into an intuitive application, delivering the remarkable ability to manage complex security programs from a computer, tablet or mobile phone. One less thing to worry about.
It is inevitable that an organisation will be attacked. The threats keep coming, more sophisticated and aggressive than ever.
But with the support and expertise of Trustwave, organisations can work to build up their cybersecurity capabilities to achieve digital resilience. Drawing on the global expertise of the SpiderLabs, and Singtel’s patented technologies, they have an extensive footprint and best of breed partners to support organisations on every step of their digital journey.
Fighting off attacks; building up their reserves; and coming through this pandemic stronger than ever before.
Find out how your organisation can strengthen its digital resilience with Trustwave (Hall 2) at GovWare Focus 2020.