Mitigating the risks of cyber threats through cyber intelligence and frontier technologies
By Ritesh Kumar, Chairman & CEO, CYFIRMA
Smart cities bring about an abundance of benefits for a nation – a more liveable space for citizens, a thriving business environment, and greater economic growth. It is therefore no surprise that world leaders and nations are focused on developing critical infrastructure and rolling out technologies to build up their own smart cities.
However, with the increased connectivity and interconnectivity of smart systems comes greater risks and opportunities for threat actors to attack and take down critical systems and services swiftly.
One example of such cyber threats is ransomware, which smart cities are particularly vulnerable to. The interconnectivity of smart systems creates more openings for cybercriminals to launch attacks, and self-propagating malware can easily take down these key systems rapidly and lead to breakdowns of critical services, affecting the lives of citizens.
Just a few months back, the ransomware attack on the Colonial Pipeline in the United States affected nearly half of the east coast’s fuel supply. We have also detected multiple ransomware attacks on government and utility organizations recently, such as a hit on renewable energies and multi-source electricity producer Voltalia which resulted in a large amount of business-critical and sensitive data being exfiltrated, as well as a potential data leak of personal identifiable information (PII) from an Indian database that is suspected to be government-related.
These incidents serve as a cautionary tale and hammers home the importance of having a clear, effective cyber defense strategy. As government leaders continue in their missions to build up smart cities, they need to proactively mitigate the risks of cyber threats through the following four considerations.
#1 Leverage cyber intelligence to stay ahead of the game
Staying one step ahead of cyberattacks requires a thorough understanding of knowing where to look, who the threat actors are, what they are after, when they are planning to launch an attack and how they intend to do so. Smart city cyber-defenders need to be proactive to gain a pre-emptive advantage. Often, this means looking into the deepest, darkest corners on the Internet. Over 94 percent of the world’s information resides in the deep and dark webs, which are frequented by cyber-threat actors trading restricted information ranging from academic and research data, to financial and medical records.
To minimise the fear of data breaches and cyber threats, smart cities must adopt an intelligence-centric mindset and leverage deep technology to monitor these platforms. Predictive detection capabilities help remove the element of surprise from these cyberattacks, allowing cybersecurity agencies to take actions swiftly and prevent data exfiltration and loss.
#2 Fight AI-powered attacks with AI-powered self-defense systems
Similar to how our immune system continuously self-monitors, learns and heals when faced with anomalies, the next frontier of cybersecurity solutions should have the ability to identify abnormal foreign activities or programs through adaptive machine learning.
An automated, self-defense cybersecurity system powered by AI and predictive analytical technologies will be able to define normal and abnormal statuses, monitor the system 24/7, and respond to and recover from new threats. Having such a system will reduce the risk of attacks significantly and reduce the attractiveness of being a hacking target for threat actors.
#3 Rethink the regulatory environment for cybersecurity
While governments have enacted cyber laws, the reality is that is can be difficult to enforce. There are a few areas within the circle of influence where improvements can be made and scaled.
For a start, incident reporting can be made mandatory and this will generate a body of research data that can provide insights on threats to the nation, and inform the government on strategies it can undertake to strengthen its cyber posture. Imposing mandatory risk and vulnerability assessments also helps governments identify threats early and conduct remediations to close any cybersecurity gaps. Commencing attack vector assessments can help uncover new attack surfaces as businesses adopt new digital formats and services.
Beyond that, nations can cultivate a cyber reward culture where the discovery of bugs and vulnerabilities are rewarded, providing an incentive for the cybersecurity community to share their knowledge and promote joint solutioning. For example, Singapore conducts its Government Bug Bounty Programme where ethical hackers are rewarded with a monetary bonus for discovering online vulnerabilities.
#4 Adopt a people, technology, process and governance framework
As much as cybersecurity is a technology problem, it cannot be ignored that humans are part of the equation contributing to it. Cyber hygiene needs to be emphasised and practiced religiously. Employees and individuals need to be educated on cyber threats and risks, given the prevalence of phishing attacks and social engineering hacking campaigns.
From the technology perspective, the public and private sector should incorporate layered defenses with data and endpoint security, gateway-based security, automating scanning, monitoring and malware removal. Antivirus solutions, data loss detection and protection, and VPN solutions must not be overlooked. With processes, cybersecurity teams should conduct threat profiling, creation of threat segmentation, zoning and risk containerization. Having a habit of backing data daily would be a good policy to adopt too. Finally, when it comes to governance, a good cyber threat visibility and intelligence programme will be vital in completing a well-rounded cybersecurity strategy.
Ultimately, the increasing connectivity of our world means that the possibility of cyber threats will always be present. However, it is clear that the potential economic and social benefits that smart cities can bring to the table outweigh the risks, and nations should not be dissuaded from their smart city plans. Through gaining accurate intelligence of where external threats lie, understanding them and implementing effective cybersecurity measures, cities will become not just smarter, but safer as well.
About the Author
Kumar Ritesh is the Chairman & CEO of CYFIRMA. He has 2+ decades of global cybersecurity leadership experience across all facets of the cybersecurity industry.
Ritesh spent the first half of his career as the head of a cyber-intelligence agency, gaining first-hand cyber threats and risks insights on a global scale before transiting into the commercial arena as a senior executive for multi-national corporations such as IBM and PwC. Ritesh was also the global cybersecurity leader for one of the world’s largest mining companies, BHP Billiton.
A highly dynamic executive who successfully blends technology expertise with business acumen, Ritesh has a strong track record of developing successful cybersecurity strategies, products, policies, standards, and solutions, in addition to running complex cybersecurity programs.
He has developed prototypes for data loss prevention, social profile risk assessment, web content assessment management, intelligence-led cyber risk management, and adaptive cyberthreat intelligence tools. The co-inventor of two patented technologies for phishing fraud detection and protocol-aware PCB architectures, he is PMP, CISSP, CISM, CISSP-ISSAP, TOGAF 9.1, CIPM, and CIPT certified.
Through his blogs and public speaking engagements, Kumar educates companies on cyber security risks, solutions and trends.