Last week, cybersecurity firm Fortinet held the virtual Security Summit 2021, which tackled pressing issues in cybersecurity and their impact on businesses across the world. It also outlined security measures for ever-evolving threats, as well as the impact of cyber attacks on digital transformation efforts.
The keynote speakers for the virtual summit were Jonas Walker, Security Strategist of FortiGuard Labs at Fortinet; Simon Piff, Vice President of the Practice Group at IDC Asia/Pacific and Ching Ping Wong, Senior Business Development Manager of SEAHK at Fortinet. Walker started off the event by delving into cyber attack trends and how organisations can make strategic decisions based on threat insights, Piff discussed risk mitigation and future-proofing IT security infrastructure and Ching spoke about digitalisation amidst ever-increasing threats that are growing more sophisticated by the day.
Digital Transformation Means Increased Attack Surface
Peerapong Jongvibool, Regional Director of SEAHK at Fortinet, highlighted in his welcome remarks, three elements connected to digital transformation that has made the world more exposed to cyber attacks; the rise of homeworking, the rollout of 5G and the emergence of cloud computing. Despite the increasing risks, Peerapong rued how businesses are still more reactive than proactive in terms of security issues, which he says can be addressed by Fortinet’s base security fabric and encrypted solutions.
Walker, the first keynote speaker, underpinned the unprecedented increase in cybersecurity threats, noting how Fortinet thwarts, in every minute, approximately 7 million botnet C&C attempts and around 2.1 million network intrusion tries in the Asia-Pacific region alone. Additionally, Fortinet, according to Walker, neutralises 1.4 million malware attacks per minute in the region, further underscoring the increased activity of threat actors today.
“This just shows how threat actors are leveraging botnets to get access to systems which they were able to compromise and in keeping them under control. The more devices under their control, the more powerful they get,” said Walker. “[Network intrusion attempts] are attacks that are trying to achieve initial access into systems with known vulnerabilities. We have a lot of systems directly connected to the internet with different kinds of software in it, and when this software is vulnerable, threat actors try to exploit it to gain access.”
Threat actors, though, are not only getting more and more active. They are also getting more syndicated, with cybercrime groups growing more sophisticated in terms of gaining initial access and in the actual cyber attacks they are creating, to begin with. These groups are also collaborating with one another, often leading to improvisation, innovation and more sophistication.
They are also finding and working with individuals who have closer access to networks, thereby making it easier for a well-established cybercrime group to gain access to an organisation’s network. The most vulnerable target of both individual threat actors and cybercrime groups, in this case, are people working from home, whose devices, routers and internet connection may not be as secure as in a traditional office setup.
Ransomware Is the Biggest Emerging Threat
This setup is particularly prevalent in ransomware attacks, where individual threat actors are actively looking to breach into networks and then passing off the information to cybercrime groups—usually via negotiations in the darknet—in exchange for an upfront payment and/or a percentage from the ransom in case one is, indeed, paid by a ransomware victim.
Compounding matters, even more, are the many points of attack cybercriminals can exploit and the different security solutions needed to not only protect these vectors but to neutralise cyber attacks in their different stages.
“All these steps require so many different solutions to protect against them because the attack surface these days is so broad,” said Walker, “It’s not just only email or endpoint, it’s the public cloud, it’s whatever we directly connect to the internet.”
Investing in Cybersecurity
With cyber attacks growing more sophisticated, Walker recommended that organisations invest in good technology, including automation, and get onboard “educated people who can maintain and make sure these security layers which are put in place are configured correctly and adapt over time based on new attacks.”
In particular, Piff detailed in his keynote speech how cybersecurity concerns are best dealt with only if cybersecurity is part of the core business strategy, whose goals should in turn include building business resiliency and ultimately cyber resiliency.
“Businesses are dependent upon having increasingly complex technology systems to meet goals, and disruption can be devastating,” said Piff. “We’re building resiliency [in]to systems that allows them to withstand and adapt to adverse conditions…We need to build systems that can withstand intentional attacks, as well as unintentional failures, and continue operating in a degraded state if needed.”
A Long Road Ahead
However, many organisations in the Asia-Pacific region will have a lot of catching up to do in terms of their cybersecurity infrastructure. The IDC recently found out in its resiliency study that 69% of all enterprises in the region have the basic tools in cybersecurity only, with 22% having a robust cybersecurity system and a mere 10% having a sophisticated approach.
Many organisations will thus have to be more serious with their cybersecurity efforts and it will mean institutionalising a dedicated team of cybersecurity experts, whether in-house or outsourced.
“If you don’t have people dedicated to looking after your security, be they in-house or someone else doing it for you, you’re not taking it [cybersecurity] as seriously as you need to,” said Piff, “It’s not just about the technology, it’s also about the people and the processes.”
Piff’s final recommendations on how to build cyber resiliency are as follows:
Make sure security strategies are evolving dynamically with security trends.
Balance business and technology priorities to enhance the value of security programs.
Put more effort in terms of understanding what constitutes “enough” in terms of security across the Asia-Pacific region.
Ching, the event’s last keynote speaker, concluded the proceedings by reiterating the need for digital innovation but with a greater emphasis on security best practices to mitigate risks:
Evolve security strategies.
Reassess security plans and strategies.
Simplify the security infrastructure.
Deploy comprehensive solutions.
Ching also emphasised three key areas that organisations need to focus on to improve their cybersecurity, namely security-driven networking, zero-trust access and adaptive cloud security.
Meeting the Challenge
The challenge of cybersecurity is a daunting one but it is inextricably linked with digital transformation. That being said, digital innovation and a focused approach to security will help organisations better deal with this issue.