Abdur Rafi, CISO at ABP shared his views on the future of cybersecurity industry, ransomware attacks and challenges of CISOs
Q1. In the context of continuous uncertainty of Pandemic, what are the cyber security challenges for CISOs?
The COVID-19 induced pandemic has created new challenges for businesses as they adapt to a new operating model in which working from home has become the ‘new normal’. Companies are plunging into digital transformation, and cyber security is now a major concern. In light of such events, here are the main Cyber security challenges for CISO’s.
Increase in digitisation calls for an increase in Cyber security measures: Increase in remote working, calls for a greater focus on Cyber security, because of the greater exposure to cyber risk. This is apparent, for example, from the fact that 47% (or more) of individuals fall for a phishing scam while working at home.
Increased attacks on video conferencing sessions: Between February 2020 and May 2020 more than half a million people were affected by breaches in which the personal data of video conferencing services users (e.g., name, passwords, email addresses) was stolen and sold on the dark web.
Ransomware Attack: While working from Home, irregular System update (OS & Security Patches) makes the end points more vulnerable. This is one of the greatest opportunities for the hackers to get control over those endpoints and compromise the data, systems.
Lack of awareness program: During any pandemic, the priority and focus of life (personal and professional) changes from what it was in the normal state. A user doesn’t want to spend time on Cyber Security Awareness program, rather he or she spends many hours thinking out of the box to get new innovative business ideas.
Q2. Which are the key security areas that you would identify which will change the course of security Industry?
• Threats to Web3 infrastructures / Tokenized Networks : Blockchain, smart contracts etc.
• Advent of Quantum computing may break all known full proof security protocols.
• Threats posed by highly targeted cyber attacks: via ransomwares, spywares, APT etc.
• Threats to Cloud Infrastructures: misconfigurations, unpatched environments etc.
• Threats from misuse of social platforms, open-source softwares / tools
• Risks on unprotected IOTs
• Cyber crime-as-a-service (CaaS)
• Malware Automation
• Risks posed by Third parties.
Q3. How do you see the future of IT Security industry in terms of innovation and sales when there is a slowdown due to global financial crisis?
Cyber security spending is unlikely to slow down. The International Data Corporation (IDC) forecasts that worldwide cyber security spending will reach $174.7 billion in 2024, with security services the largest and fastest-growing market segment. The rise in cyber attacks, especially ransomware, has fuelled the cyber insurance market. GlobalData, which works on data and analytics, predicted that the industry would hit $8.92 billion in 2021 and more than double to $20.6 billion by 2025.
In terms of innovation, here are the upcoming security innovation trends:
AI will play a critical role in fighting cybercrime. As bad actors employ more sophisticated AI-powered attacks, CISOs will have to fight fire with fire – for detection, response, prevention, and protection.
IoT will continue to be a primary driver for cyber consumption. Since IoT devices are typically endpoints, endpoint security will be a strong candidate for innovation.
OT security and embedded devices are also interesting use cases for cyber security.
Secure architectures such as Access Secure Edge (SASE), Software Defined Perimeter, and Zero Trust – that support “work from anywhere” and enable hybrid operating environments for both employees and third parties – will be front and center.
Cyber insurance will be increasingly leveraged to help businesses hedge their risks and provide protection from the devastating aftereffects of cybercrime.
Q4. As ransomware attack is one of the key cybersecurity concerns for CISOs, how does your organization deal with this security threat?
The trick is to be proactive to deal with such threats, here are some measures that will effectively reduce chances of data loss owing to Ransomwares:
Closing loopholes: Patching endpoints and servers. In case patching is not feasible, use server security softwares with capability of implementing virtual patching.
Securing Perimeter: Secure the boundary with a modern firewall (NexGen UTM) with timely updates, protect email gateways with mandatory DMARC, DKIM & SPF checks along with anti-phishing measures.
Securing Network: Using Intrusion Detection Devices to have timely information related to command and control, lateral movements etc.
Securing Endpoints: Using modern endpoint protection which have features like ML and BM, this encompasses threats posed by the unknown-unknown threats.
Visibility of the entire Infrastructure: Using tools like XDR, SIEM, and Deception Technology, the task of SOC teams becomes much easier in terms of accurate reporting, incident forensics and threat intelligence. This also provides a holistic threat view of the organization, which can be quantified to show the success/failure scenarios.
Q5. Based on your experience, give us an insight into the hardship and challenges for the budding CISOs in the coming years.
In the coming years, the threat landscape will be even more diverse, with the advent of new techniques employed by the attackers, the budding CISOs need to be on their toes almost all the time, with adversaries using new techniques and the unpredictability surrounding the operation models, here are some of the challenges:
• Malware automation
• Continuing Skill shortage
• Credential Stuffing Attacks
• Hybrid Workforces
• Introduction and adoption of Web3 Infrastructure
• Need for Advance detection and response
Q6. What are the crucial qualities that are required for becoming a futuristic CISO?
The CISO is the most senior cyber security role, which means the person must understand cyber security in considerable technical depth but at the same time be able to translate that into something that can be operationalized throughout the enterprise.
Here are 3 crucial qualities that a futuristic CISO must have:
Strategy: A CISO should be a strategist with a chair at the executive table who has the people skills to work with other departments well. If so, that person is in a better position to become an enabler versus an obstacle to progress. In short, the CISO should help the business meet its strategic goals in a manner that minimizes the potential risks.
Resiliency: A CISO’s role is also critical to business resiliency. While a strong CISO cannot control what bad actors do, they can help prepare their organization for the most likely threats. That way, when disaster strikes, the incident response follows a plan as opposed to descending into chaos.
Leadership: CISOs can help and should take a leadership role in creating a cyber risk aware culture that permeates the business since effective cyber security requires vigilance on everyone’s part. For this reason, CISOs should oversee cyber hygiene training for everyone in the organization.