<
>

Digital Platforms and Cyber Threats

Past industrial revolutions have been driven by steam, electricity, and IT. We live in the 4th industrial revolution, where digital technologies have become the driver of the zeitgeist shift. When we talk about the word digital, we do not often have the same definition in mind. To avoid confounding you, my readers, I define digital as a mashup of technologies used as a platform that requires and generates large amounts of data enabled by hyperscale cloud. 

Within that definition, the word I would like to emphasise is platforms. Keeping the definition of digital in mind, we have a rough idea of what a digital platform may entail. Digital platforms are places for information, services, and goods to be exchanged within the present community. Not a particularly new concept, we have digital platforms of different categories varying from social media platforms such as Twitter and Facebook to service-oriented platforms like Grab and FoodPanda. 

The culture of societies around the world, bar the communities untouched by modernisation, have shifted to make room for the integration of digital technologies. By focusing on digital platforms, we can see that the adoption of technology has not only impacted organisations but also individuals like me and you. 

A common denominator in the use of these varying digital platforms is its reliance on the internet. Without the internet, these platforms become useless as they are no longer held together by the symbolic glue. As a single point of convergence, the Internet has experienced an influx of users as the world continues on its digitally accelerated trajectory. 

What’s wrong with that?

Where There is Good, Evil Will Follow

There are always two sides to every coin. When we have good things in our lives, there will always be other parties wanting to take away what’s ours. Although the fast rate of transformation and digital adoption is a cause for celebration for humankind, there are always those who look for ways to exploit these developments. 

Our newspapers used to be filled with reports of physical crime, whether it be a break-in or a mugging. Now, we are kept up to date about the different cybercrimes we are threatened with on our news applications, the context of which is oddly befitting. 

Like most of the public, cybercriminals want to digitally transform too. Due to the inherently capitalist nature of our societies, cybercriminals have created an industry of their own accounting for the cybercrime explosion. Factoring in the high ROI and relatively safe working conditions, if you were to become a criminal today, being a cyber one is the way to go. 

We’ve seen attackers targeting individuals in the past but the tides have turned, and now, they have their sights set on bigger prey. These days, threat actors have become more sophisticated with their attack tactics leading to their shift in focus to more sophisticated targets. That is why the ‘2021 Microsoft Digital Defence Report,’ has focused on cybercrime within organisations. 

Cybercrime has evolved to become the stuff of our nightmares, and it hasn’t been limited to the participation of individuals or groups anymore. Nowadays, nation-state attacks exist where countries, with the help of world-class engineers, develop sophisticated means of cyberattacks. These attacks are very difficult to defend against and recover from.

It may cross your mind that if you are not the ruler of a country, these attacks are in no way threatening to you. Think again as once an attack has been deployed, the rest of the cybercrime community can take and reverse-engineer the attack to reuse on a vastly expanded number of victims with widespread impact. 

How are we to Survive?

To stay ahead of these threats, we must re-think the way that we approach cybersecurity. The only way to move forwards is to consider the combination of two different approaches:

  • The Wholesome Approach 
    A wholesome approach means adopting an assume-breach methodology where you assume that your infrastructure has been compromised and plan the steps forward. It also includes taking measures beyond putting up firewalls because when an attacker gets past your lines of defence, you must be able to detect and defend against them. 

  • The Modern Approach
    A modern approach entails using digital technologies and methods such as AI, cloud-based Security Incident and Management (SIEM) and security orchestration automated response (SOAR) to protect, detect and respond to threats within your environment. With the rise of hybrid work environments, a modern approach includes adherence to zero-trust principles and the usage of cloud technology for micro-segmentation. 

By ensuring to implement an approach that is both wholesome and modern, organisations have a chance to survive the cyber pandemic. Fighting against the cybercrime community will not be an easy feat, but that is why we must encourage collaboration within the cybersecurity community.
 
About Dr Dzaharudin Mansor
Dr Dzaharudin is the National Technology Officer (“NTO”) for Microsoft Malaysia. With more than 33 years of professional experience in ICT, he engages with key national technology stakeholders including academics and policymakers to contribute to national development. Passionate in technology, he works closely with academia, holding advisory positions at several universities.

share us your thought

0 Comment Log in or register to post comments