By Tin Zaw, Director of Security Solutions
Cybersecurity threats are becoming more sophisticated with each passing year. As bad actors discover new exploits, corporate countermeasures need to be one step ahead of them. For today's corporate security manager, it's not just about detecting and responding to such threats, but being proactive and preventing security breaches from happening at all.
Keeping up with an ever-evolving digital threat landscape requires regular examination of existing security measures to better implement more pragmatic solutions for the future. Here are some of the security countermeasures every security manager should be considering now:
Integrate security into development and operations. Whether you prefer the term "Rugged DevOps" or "DevSecOps," the core concept of this DevOps approach is the same: security should be an integrated part of the process. In short, whether you split development tasks from operations tasks or treat them as an integrated one, security should not be a standalone third consideration. It must be seamlessly unified into existing tasks.
For example, if DevOps uses a ticketing system, security tickets should be included along with other bug fixes and feature requests. Threat modeling, security testing and incident response processing shouldn't be additional tasks, but part of the regular workflow. An increasing number of companies are adopting this method, but expect the trend to accelerate in 2018, along with bigger threats on the horizon.
Track security metrics within the digital ecosystem. In 2014, Target did business with an insecure third-party vendor, resulting in more than 70 million customers' credit cards getting stolen. When corporations do business with one another, one company's security weakness can become another company's problem. Because it can harm their own reputations and hurt their consumers immeasurably, it is imperative for companies to hold each other accountable.
The industry is already tackling this problem by monitoring security postures of companies and compiling the data in a sort of "report card"– like a credit score for corporate cybersecurity. By reviewing the "report card," companies can see at a glance how secure a prospective partner or acquisition target is, and thus make more informed security decisions before linking together their computer systems. Optimizing your company's cybersecurity performance along the metrics monitored by these services will help potential partners trust your company, too.
Utilize machine learning that shows results. Machine learning is almost as old a technology as computing itself, but in recent years it has become a major factor in marketing security products and services. How can corporate security managers cut through the hype and figure out whether a given machine learning product is really going to bolster their company's security? They need to look at whether the product demonstrates tangible results. Managers should ask themselves: How long have they been using machine learning? How has it helped them identify bad actors more quickly? Companies that are able to show their work will likely be more effective security partners.
Leverage distributed and scalable tools to defend against threats. Beefing up security directly inside the physical data center is no longer enough. Now, cloud-based tools can eliminate threats before they even get that close to precious core computing resources.
When companies use distributed computing systems such as content delivery networks (CDNs) to defend against threats, they gain both security and scalability. Since a CDN is a globally distributed network of data centers, it can respond swiftly to threats before they get anywhere close to a company's origin servers. Additionally, CDNs offer virtually unlimited capacity, in terms of both bandwith and request rate. Companies can use more resources as their load expands, allowing them to scale to the extent that any traffic spike or threat mitigation requires. When you're harnessing an entire network of data centers instead of just one, even an orchestrated DDoS attack would have a difficult time overwhelming it.
Shut down vulnerabilities that could be used to generate or amplify attacks. Even as companies compete against one another, it's important to remember that we're all on the web together. That's why companies need to be mindful of the ways their own products could be used to generate or amplify attacks.
For example, while top-of-the-line smart TVs tend to be relatively secure, other models tend to have fewer protections. Malicious actors can take over such devices, incorporating them into botnets that spread malicious software and launch DDoS attacks without ever affecting the performance of the device itself or the experience of its customers. When developing security countermeasures, corporations worry not only about ways to avoid attacks to themselves, but about how to not become a party to attacks on other targets.
Years come and go, but defenses against cybersecurity threats are a permanent consideration in any corporate annual planning. Contact us to see how we can help you strengthen your cybersecurity strategy for 2018.