Page 44 - Cyber Defense eMagazine for August 2021
        P. 44
     #1 Leverage cyber intelligence to stay ahead of the game
            Staying one step ahead of cyberattacks requires a thorough understanding of knowing where to look,
            who the threat actors are, what they are after, when they are planning to launch an attack and how they
            intend to do so. Smart city cyber-defenders need to be proactive to gain a pre-emptive advantage. Often,
            this means looking into the deepest, darkest corners on the Internet. Over 94 percent of the world’s
            information  resides  in  the  deep  and  dark  webs,  which  are  frequented  by  cyber-threat  actors  trading
            restricted information ranging from academic and research data, to financial and medical records.
            To minimise the fear of data breaches and cyber threats, smart cities must adopt an intelligence-centric
            mindset and leverage deep technology to monitor these platforms. Predictive detection capabilities help
            remove the element of surprise from these cyberattacks, allowing cybersecurity agencies to take actions
            swiftly and prevent data exfiltration and loss.
            #2 Fight AI-powered attacks with AI-powered self-defense systems
            Similar  to  how  our  immune  system  continuously  self-monitors,  learns  and  heals  when  faced  with
            anomalies, the next frontier of cybersecurity solutions should have the ability to identify abnormal foreign
            activities or programs through adaptive machine learning.
            An automated, self-defense cybersecurity system powered by AI and predictive analytical technologies
            will be able to define normal and abnormal statuses, monitor the system 24/7, and respond to and recover
            from  new  threats.  Having  such  a  system  will  reduce  the  risk  of  attacks  significantly  and  reduce  the
            attractiveness of being a hacking target for threat actors.
            #3 Rethink the regulatory environment for cybersecurity
            While governments have enacted cyber laws, the reality is that is can be difficult to enforce. There are a
            few areas within the circle of influence where improvements can be made and scaled.
            For a start, incident reporting can be made mandatory and this will generate a body of research data that
            can provide insights on threats to the nation, and inform the government on strategies it can undertake
            to  strengthen  its  cyber  posture.  Imposing  mandatory  risk  and  vulnerability  assessments  also  helps
            governments  identify  threats  early  and  conduct  remediations  to  close  any  cybersecurity  gaps.
            Commencing attack vector assessments can help uncover new attack surfaces as businesses adopt new
            digital formats and services.
            Beyond that, nations can cultivate a cyber reward culture where the discovery of bugs and vulnerabilities
            are  rewarded,  providing  an  incentive  for  the  cybersecurity  community  to  share  their  knowledge  and
            promote joint solutioning. For example, Singapore conducts its Government Bug Bounty Programme
            where ethical hackers are rewarded with a monetary bonus for discovering online vulnerabilities.
            #4 Adopt a people, technology, process and governance framework
            As much as cybersecurity is a technology problem, it cannot be ignored that humans are part of the
            equation contributing to it. Cyber hygiene needs to be emphasised and practiced religiously. Employees
            and individuals need to be educated on cyber threats and risks, given the prevalence of phishing attacks
            and social engineering hacking campaigns.
            Cyber Defense eMagazine – August 2021 Edition                                                                                                                                                                                               44
            Copyright © 2021, Cyber Defense Magazine.  All rights reserved worldwide.





