Emerging Trends In Cyber Security

by Santosh Nair, CIO, Siemens

As the world moves towards an all-encompassing digitalized future, every aspect of enterprise continues to be increasingly disrupted by technology. Fuelled by the union of Cloud computing, Social Media, Big data, mobile and surging demand for on-the-go access to information, this digital disruption is dramatically reshaping the competitive landscape. Globally, organizations are leveraging digital technologies to enhance business agility and customer experience.

Connected devices powered by the Internet of Things (IoT) offer enterprises opportunities to mine vast amounts of data, penetrate new markets, and enhance existing products. However, the rising levels of digitalization are embedded with an inherent set of challenges such as evolving business models, myriad customer engagement patterns, breach of privacy concerns and cyber security threats.

The rapid convergence of organizations, devices and people coupled with the widespread digitalization of our world offer cybercriminals newer vulnerabilities to exploit. Increasing usage of Smartphones and the Internet has made organizations’ business-critical information both accessible and vulnerable. Moreover, as the digital touchpoints between people and devices multiply, additional access routes to organization and personal information will be increasingly available. Therefore, it is no longer surprising that the size, severity and frequency of data breaches continue to grow—some of the largest incidents of data breaches ever occurred in 2013 and 2014 affecting banks, governments, retailers, and many more entities.

In a world that is being closely knit by digitalization, cyber spies, cybercriminals and cyber activists have at their disposal advanced capabilities to endanger businesses. Profits harvested by the cybercriminal networks are being ploughed back into research and development. These criminal networks will also invest generously to conduct in-depth research of potential targets and leverage their expertise to identify newer loopholes to infiltrate ‘secure’ networks. Today, the sophisticated expertise developed by cybercriminals rivals those harbored by a select few in the past. What is unsettling is the fact that anyone can buy this expertise from discussion forums on the Internet.

The IoT is bringing in a paradigm shift in the way we interact with the world around us. Market estimates suggest that in 2017 more than 5 billion devices will be interconnected (Estimates by Gartner). By the next decade this number is expected to reach 30 billion. What does the IoT mean to cyber security? Well, it adds a whole new dimension to the frontiers of security risks. The list of devices it connects is expanding with every passing day—from automobiles to thermostats and from mood lights to production plants—the avenues for connecting devices continue to expand. This interconnectivity also exposes hitherto secure entities to cyber attacks via the burgeoning mesh of mobile phones, sensor networks and services on the cloud.

Cloud computing has emerged as the cornerstone that supports IoT, Big Data, and newer ideas for collaboration. The demand for cloud computing is driven by the almost unquenchable user thirst for round-the-clock access to data. While the trend for cloud computing is on the rise, service providers will be questioned about the resilience of their security architectures in the face of sophisticated cyber attacks. Users’ trust in cloud-based services will strengthened only when the solutions are secure. In the near future, discussions about making both public and private cloud computing services secure to protect digital assets will only mature.

IT security systems employed traditionally are ill-equipped to deal with the sophisticated attacks in cyberspace. In order to ward off cyber attacks, organizations will have to invest more in information security- the escalation of cyber threats and rising levels of regulatory requirements warrant the rise in IT security budgets. They also need to collaborate with external experts to improve both cyber threat intelligence and enhance security. Moreover, organizations have to internalize effective governance systems for information security systems and mold their processes and tools to ‘safely’ navigate the digital future. Cyber security is a business risk that organizations can ill-afford to ignore. The stakes are too high. It is time organizations judiciously appreciate the strategic value of mature security programs and invest in cyber security to safeguard their businesses.