With the continuous expansion and changes in the digital landscape today, organisations are compelled to accelerate their recovery and transformation plans in adapting to the consequences of the pandemic. Out of all of these changes, cybersecurity remains essential to any company for the protection of their businesses, staffs, employees and customers.
At the IBM Security Virtual Summit 2020, speakers discussed how cybersecurity is a shared fate between all the elements of a company – from the organisation itself, its staffs and employees down to its clients and customers.
Mary O’Brien, General Manager, IBM Security, started the webinar in her keynote titled, “Security Everywhere: Manage New Cyber Risks”, citing the shared responsibilities of everyone in the organisation for its cybersecurity.
“Often, a security incident is thought of as the security team’s problem when in reality, it’s the entire business’ problem. The damage from a cyber attack isn’t something that only affects the security team”, said O’Brien.
A cyber attack or security breach can stop production or delivery, affect sales, cause customers to lose trust and in some cases, put people’s lives in danger. This is why when it comes to cybersecurity within any company, everyone has a role to play – be it the owners, those in higher management, employees, vendors, providers, and even the customers and clients.
To discuss the new cyber risks which companies are now subjected to, Wendi Whitmore, Vice President, X-Force Threat Intelligence, IBM Cloud and Cognitive Software, followed the discussion, citing the changes in the digital landscape that have escalated these risks.
Whitmore mentioned that we have seen an increase in the use of remote working tools in a very positive way in organisations, leveraging video conferencing, remote access data and VPNs. However, this setup also makes companies vulnerable to cyber attacks, especially with the rising number of ransomware attacks we have seen this year.
Whitmore reiterated O’Brien’s earlier remark and said that everyone in an organisation can contribute to the avoidance of attacks such as ransomware. “There is a misconception that you can either pay a ransom or you can fix the environment, but ultimately, you need to do the latter. You always have to fix the environment and fix the root cause, which allowed the ransomware to be effective”.
She added that we must also focus organisations on the basics, such as strengthening the security foundations by making sure that you don’t have remote access devices that don’t have multi-factor authentication on them. In addition, companies need to protect and secure employees, as well as the backend setup that they are working through.
One part of the cybersecurity equation that is often overlooked, however, is the clients. Aarti Borkar, Vice President, Offering Management, IBM Security, believes that people should take a close look at this aspect because in today’s digital age, customers are interacting remotely with businesses as well, from purchase to post-sale. “Any kind of post-sale interaction is also happening through remote mechanisms, which means they are interacting with you through devices into your network”, Borkar commented.
“The customers are going to interact through what your developers built for them. And so that requires you to ensure that the developers can easily embed this interaction pattern into the applications”, added Srinivas Tummalapenta, Distinguished Engineer, CTO & Chief Architect, IBM Security Services, in the same session with Borkar titled “Protect Your Growing Remote Workforce and Securely Engage With Your Clients at a Distance”.
There is, however, one looming threat in cybersecurity that industries should be prepared for and perhaps the most interesting part in the webinar – quantum computing and its accompanying cybersecurity risks.
Sridhar Muppidi, IBM Fellow, VP & CTO IBM Security, in the session titled “Future of Security: Quantum AI & Encrypted Data on Cloud”, first discussed the promises of quantum computers. “What makes quantum computers interesting is that they can do tasks very quickly whereas classical computers would have taken an exponential amount of time”, he explained.
Muppidi stated that “Through quantum computing, it gives us an exponential amount of computing power. This helps us solve complex tasks, which also means that it’s going to help us break some of the hard tasks that underlie the current functioning of cryptography today”. However, in the wrong hands, these abilities could potentially bring about a new wave of never-before-seen cyber threats or boost the devastating capabilities of existing ones.
Nevertheless, J.R Rao, IBM Fellow and CTO, Research Security, IBM Research, explained that many companies and standard bodies have started the journey towards quantum safety to avoid this kind of situation in cybersecurity and cryptography.
“The industry knew this was coming and started exploring new cryptographic schemes. [Good examples of] that would be quantum-resistant schemes like lattice-based cryptography that could not be broken by quantum computing”, ended Rao.