We live in a world with many new requirements and realities. These include: multi-layer masks for respiratory protection, social distancing, air filtration, tests to identify virus carriers and contact tracing.
These tactics against the invisible enemy, the virus, are reminiscent of the world of cybersecurity, where cyberattacks are also invisible. We may not know who attacked us or how the attack was carried out. We may not know which network link is broken or which server is compromised. Externally, the attack may not reveal itself at all. As with COVID, there are many unknowns in cybersecurity.
Both the virus and the hacker only need to find one weak spot. We have to defend against all possible risk factors, on all fronts. But that’s the way the world we live in works, and we have to make efforts to protect ourselves and our environment, including our data.
We saw how the pandemic slowed down everything in the world in 2020. Everything but cybersecurity breaches… Taking advantage of the fact that the environment was affecting organizations’ employees and counterparties, distracting them from security issues, attackers conducted ruthless attacks on corporations and government agencies, while employing new methods to break into security systems.
– Increased attention to security measures around the world –
As a consequence, we will see an increased focus by governments around the world on protecting critical infrastructure. Basic security rules may differ administratively and in terms of compliance, but they will need to include basic protections such as configuration management, installation of updates, encryption, auditing, anonymization and segregation of duties.
Companies will pay more attention to protecting the most valuable assets, which tend to be concentrated in the RDBMS (payment information, debts, customers, personal employee data, etc.). Increase in the number of data leaks caused by human factor will require reorganization of corporate systems security concepts towards data protection and not just towards the network perimeter. The domestic market will see a growing trend toward using technological solutions from Western vendors together with domestic products that provide protection in accordance with legal requirements.
Organizational leaders will adjust their IT development strategies to ensure smooth operation of business processes and employees. Measures will include both ensuring secure remote work and IT infrastructure support in the face of a possible shortage of administrators. In addition, control over compliance with information security policies with respect to partners and counterparties will be tightened.
All this will increase business interest in the cloud model in private, public and hybrid versions, depending on the maturity of IT services and the prospects for recovery of the industry in which the company operates.
In the fight against cybercrime, corporations are expected to join forces with large cloud providers through the creation of profile boards, user groups and sharing experiences (best practices) to increase the expertise of administrative staff and help improve the quality and level of automation of cyber defense tools. On the agenda is the widespread adoption of AI/IMO tools, both for making recommendations to SOC personnel and for providing autonomous protection.
We hope to clarify the definition of personal data, the misinterpretation of which hinders the widespread implementation of cloud monitoring tools. For their part, software and service providers will offer solutions focused on the implementation of functionality specified by the regulator as mandatory (e.g., providing multifactor authentication in DBMS).
– What steps should be taken now? –
Interesting parallels can be drawn between cybersecurity tools and the conclusions we drew during the pandemic. Just as with a virus, so with cyberattacks, steps must be taken to assess, identify and prevent danger. There is no general and absolute panacea in either case, but every step in the right direction increases the chances of preserving health and data.
Our data holds valuable assets, and protecting it is a very important thing to do. To do this, for example, there are certain minimum actions you can take:
- Encrypt the data to prevent unauthorized access;
- Audit and monitor all important database operations;
- Limit user rights to the necessary minimum;
- Ensure that the responsibilities of all persons responsible for the data are segregated;
Most companies have already taken the necessary measures, but it is difficult to eliminate all vulnerabilities without the right tools and competent personnel. A single, reliable and comprehensive cloud data protection solution will be the best tool for organizations of all sizes.