Navigating security threats beyond a compliance-centric posture
Article by Infosys Associate VP and head of Cloud, Infrastructure & Security Services, Vikas Tatwani.
There’s been a significant increase in the pace, scale and sophistication of cyber-attacks in the previous year. ANZ Bank’s Chief Information Security Officer, Lynwen Connick, recently shared that ANZ is now blocking between 8 million and 10 million malicious emails a month; which doubles the figure from a year ago of about 4 million. Targeted attacks are sophisticated, persistent, with specific motivation and in most cases well-funded, but businesses can combat these by building scalable and agile cybersecurity infrastructure that’s powered by threat intelligence.
It’s increasingly evident that the attacks are not only leveraging zero-day vulnerabilities, but also looking out for weaknesses in any security misconfiguration. Compliance posture is simply not enough to combat these threats. Take the recent cyber attack that impacted thousands of Aussie businesses due to a Microsoft bug, underlining what’s to be expected with the expanding threat surface.
Yet despite the disturbing forecast, the trend among organisations today in Australia and New Zealand to adopt threat intelligence and vulnerability management in place of a compliance-centric posture is really encouraging. The Gartner 2021 CIO Agenda Survey found that cybersecurity was the second priority for new spending, with 67% of Australia and New Zealand respondents increasing investment in cyber/information security, second only to business intelligence and data analytics (73%).
Recently the University of Queensland announced updating its vulnerability management system, while the Australian Bureau of Statistics is working towards a similar effort ahead of the August 10 population snapshot. It’s clear the ABS is implementing learnings from the last five-yearly census, which was plagued by technology failures and a denial-of-service attack leading to the website going offline for more than 40 hours.
Targeted attacks are often the hardest to detect and remediate, irrespective of their type and underlying motivation. A masterfully crafted targeted attack impacts even the most tech-savvy or experienced users. These are often referred to as advanced persistent threats (APT) since the cybercriminals use highly sophisticated technology to attack repeatedly until the target is breached.
A successful attack can often bring organisations including major companies to its knees: this came into sharp focus a few weeks back after Nine was compromised by a suspected ransomware attack from which it is still recovering.
An interesting insight from a study conducted by Infosys and Interbrand suggests that up to $223b of the world’s Top 100 brands’ value could be at risk from a data breach’.
The impact of cyber-attacks is pervasive and can cause irreparable damage to brands. To overcome this challenge, organisations need to look at building a scalable cybersecurity infrastructure governed by threat intelligence, giving organisations the ability to seamlessly adapt and respond to the evolving threat landscape.
Leveraging threat intelligence
Threat intelligence involves strategic, tactical and operational pillars that in combination can help uncover indicators of threat, but also vulnerabilities and exploits. The strategic element helps executives gain visibility of threat exposure, plan security processes and assess risk to the brand. Tactical intelligence is leveraged by the organisation’s analysts for day-to-day security, while operational intelligence provides context for security events and incidents.
While organisations are adopting a ‘defence-in-depth’ approach to keep away opportunistic attacks, they need to detect and mitigate targeted attacks by utilising threat intelligence.
Successful organisations can leverage this evidence-based approach, which can be integrated into platforms and tools to quickly address threats to individuals, organisations and assets in a standardised, accurate and consumable format.
The ability to develop and act on threat intelligence underpins any defensive strategy. Organisations can efficiently detect and mitigate targeted attacks by utilising threat intelligence backed by context-aware data protection and security tools that notify human analysts of an impending cyber strike.
With fraudulent activity becoming more sophisticated and persistent, organisations need to be proactively fortifying and enhancing their cyber defences against targeted attacks. As the world embraces IoT and cyber physical systems, it is imperative that companies craft the perfect blend of talent, processes, and technologies complimented by threat intelligence.
To learn more about Infosys, https://www.infosys.com/australia/