By Jennifer Varner, Director Security Solutions Sales – North America, Verizon Business
Every year, emerging technologies come to market, offering new opportunities to connect with employees and customers in previously unimaginable ways. However, these advances can come at a price for businesses as they may unlock new avenues for hackers to exploit.
Staying ahead of the latest technologies is paramount for today’s technology leaders, and so is protecting sensitive information by understanding the latest cybersecurity threats and countermeasures. Adoption of new technology across the enterprise can drive incredible innovation but can be fraught with unknown risks, especially in today’s complex threat environment.
Cybercrime is on the rise as technology makes forays into every corner of the working world, with ransomware used in almost 24 percent of malware breaches over the past year, according to Verizon’s 2022 Data Breach Investigations Report (DBIR). Our annual report examines thousands of data breaches across industries, providing a detailed analysis of current cybersecurity threats and emerging trends.
Overall, the report showed 40 percent of ransomware incidents used desktop-sharing software and 35 percent involved email. Ransomware attacks have hit companies on two fronts: causing both a loss of access to their data, as well as a need to publicly report a data breach – given the actors have also taken a copy of the organization’s data. Notably, ransomware attacks are four times more likely to come from external threats than from inside the company, and four out of every five breaches are attributed to organized crime.
Despite this fertile ground for bad actors to exploit these new technologies, the need for innovation never stops. To help avoid costly and potentially devastating problems down the road, here are several newer technologies that IT decision-makers need to understand and the ways they can bolster their organizations safety measures.
Improving security of 5G devices
When it comes to network deployment, the arrival of 5G wireless technologies marks a new era of network connectivity and ushers in what many are calling the Fourth Industrial Revolution. The transition from 3G and 4G to 5G is already providing dramatic increases in both bandwidth and upload and download speeds, together with extraordinary decreases in latency.
But 5G-enabled applications and business processes may pose security risks if they are deployed without appropriate security scrutiny and oversight. For example, a poorly secured database or misconfigured application remains a risk even if the connection to it is significantly faster.
Businesses eager to implement 5G-enabled technologies like Internet of Things (IoT) or autonomous network-connected devices to improve the customer experience or increase operational efficiency should consider if the firmware of these devices can be exploited.
Unpatched device firmware is a common weak point that could lead to network incursions by cybercriminals. If your security program lacks a robust process to review and approve new technologies or devices before they are connected to the network, expect blind spots. Don’t let your company’s “attack surface” go unchecked in a rush to take advantage of 5G. And don’t let innovation outpace security oversight.
Remember to lock down the blockchain
Blockchain is a distributed database or public ledger used to record digital transactions, which are linked and secured using cryptography. It’s ideal for many security applications, including managing digital identities, protecting the configuration of key IT systems and ensuring secure supply chains.
While the transactions cannot be altered retroactively, having confidence that the machines that power and protect your business are configured correctly is a necessity. Unauthorized and undetected changes to settings in any number of blockchain systems can lead to data theft, fraud and unsanctioned wire transfers – and to greater exposure to email-based malware, viruses and phishing campaigns.
A new approach to a key element of blockchain cybersecurity is called machine state integrity, or MSI. This technique captures concise “state” information and continuously monitors machines in an organization’s environment to accurately identify, analyze and flag changes to those systems.
Blockchain-inspired security solutions can have a significant positive impact on an organization’s security posture, but the technology itself has a reputation for being complex and abstract. When a security vendor proposes a solution based on blockchain, it’s a good idea to focus on the measurable, practical security benefits and results of the solution. Don’t get caught up in the details behind the tool.
Smarter security for AI and ML applications
Artificial Intelligence (AI) and Machine Learning (ML) are increasingly becoming the driving force behind several new advanced cybersecurity tools that Chief Information Security Officers (CISOs) and their teams may be advocating to adopt. For example, ML automates many facets of threat hunting, a critical but time-consuming security activity designed to find bad actors who have compromised corporate IT systems.
Traditional threat hunting, conducted by humans, can often result in a large number of false positives. This “noise” distracts from focusing on the real, hidden threats. ML-driven threat hunting systems may reduce time to detection from 200-plus days on average to just a few hours. And the faster a hacker can be found, the less damage they can inflict. AI-driven security solutions can enable organizations to accelerate and, in many cases, automate their response to cyber incidents.
Embrace the future with modern security
No matter what advanced technology your organization is looking to deploy, you can’t embrace the future if your security architecture is stuck in the past. These innovative technologies are transforming organizations, helping them to increase a range of key performance indicators.
To be successful with any new technology, it’s essential that organizations understand the risks and the company’s posture so that the correct cybersecurity measures can be implemented. It’s been long said that an ounce of prevention is worth a pound of cure, and that’s especially true for organizations seeking to deploy advanced new technologies in today’s sophisticated threat environment.
About the Author
Jennifer Varner is the Director Security Solutions Sales – North America at Verizon Business. She leads Verizon’s Security Sales Organization for Global Enterprise and Mid-Market in the Americas and is focused on helping customers improve security postures and reduce risk through the power of Verizon’s secure network portfolio which includes Network-as-a-Service and Private 5G technologies, Integrated and Managed Security Solutions, and a best-in-class Cybersecurity Consulting practice. Jennifer can be reached online at https://www.linkedin.com/in/jennifer-varner/ and at www.verizon.com/business.