Is Complete Cyber Security Possible?

Cyber Security Concerns

Every minute, we are seeing about half a million attack attempts that are happening in cyberspace.” – Derek Manky, Fortinet global security strategist

Pricewaterhouse Coopers has predicted that cyber security will be one of the top risks facing financial institutions over the course of the next 5 years. They have pointed at a number of risk factors, such as the rapid growth of the Internet of Things, increased use of mobile technology, and cross border data exchange, that will contribute to this ever growing problem.

Gartner has estimated that by 2020, the number of connected devices will jump from around 6.4 billion to more than 20 billion connected devices. In other words, there will be between two and three connected devices for every human being on the planet. Derek Manky of Fortinet, told CNBC that “The largest we’ve seen to date is about 15 million infected machines controlled by one network with an attack surface of 20 billion devices. Certainly that number can easily spike to 50 million or more“. So in a world where Cyber Security seems almost unattainable, is it still possible for you, or for large companies, to remain protected?

threat-cybersecurity

According to Cross Domain Solutions “comprehensive security is possible by making all security data accessible and automating security procedures”, which allows threats to dealt with in real time. They suggest an approach focused on data confidentiality, data integrity and the authenticity of users and data placeholders. Although it is theoretically possible, this is unlikely to provide total cyber security in practical situations.

The expansion and widespread adoption of the Internet of Things (IoT) has become the most pressing cyber security issue over the last 5 years. Smart phones, smart watches, smart TVs and smart homes, amongst other devices, have increased the surface area for hackers to take advantage of exponentially. This combined with the problems of perimeter security in cloud-based services, the sheer size of data collection by IoT devices, and the lack of security on many modern IoT devices, mean that complete cyber security (for businesses or individuals) will become increasingly more difficult. In a move that shocked the world earlier this year, hackers made off with tens of millions of dollars from Bangladesh’s central bank by using malware to gain access to accounts. Cyber Security is a very real issue for any business that has valuable information or assets stored digitally.

james-lewisIt has been suggested that we should focus on strategies to reduce risk that use formulas such as cyber risk = threats X Vulnerabilities X consequences; thus by reducing one of the factors to zero we can achieve complete Cyber security. The Common Vulnerabilities and Exposures list has more than 50,000 recorded vulnerabilities (with more added every hour), so it is almost impossible to ensure your network can deal with an incessant wall of hackers trying to get in. James Lewis, a cybersecurity expert at the Washington DC-based Center for Strategic and International Studies (CSIS), commented recently that businesses need to stop worrying about preventing intruders from accessing their networks. They should instead be concentrating on minimising the damage they cause when they do gain access. According to the Cisco 2015 Annual Security Report, “Security is no longer a question of if a network will be compromised. Every network will, at some point, be compromised”.

Fortunately for the tech world, the same capabilities that make networks more vulnerable can help to strengthen defences as well. Financial institutions are able to utilise big data analytics to monitor for covert threats, helping them to identify evolving external and internal security risks and react much more quickly. Whilst total cyber security may not be practically possible, the technology exists for businesses to be as security conscious as they feel they want to be. Both consumers and businesses should be assigning cyber security as the highest priority.

By Josh Hamilton

Ajay

Explainable Intelligence Part 3 – The Strategy for XAI

The Strategy for XAI It is not enough to say that something is true just because 'I know it’s true!' – we have to have some evidence or argument that gives a justification for our ...
Gilad David Maayan

Accessing (HPC) High Performance Computing

HPC in the Cloud Big data and Machine Learning (ML) can provide businesses with incredible insights and an innovative edge. However, to properly analyze the data collected or to train your ML models, you need ...
Juan Pablo Perez Etchegoyen

7 Security and Compliance Considerations for Cloud-Based Business Applications  

Security and Compliance Considerations There’s no doubt on-premises deployments of mission-critical business applications provide more control over data as it resides within the four walls of an organization’s network infrastructure. However, businesses can no longer ...
Patrick Joggerst

Session Border Control as a Service: Faster, More Secure and Dramatically Less Complex Enterprise Communications

Session Border Control as a Service As businesses are increasingly moving to cloud-based unified communications (UC) for improved collaboration and productivity, they must also ensure that their networks and systems are as secure as possible ...
Mark Barrenechea

Information is at the Heart of Your Business

Information Business Even though digital information is evolving at a rapid pace, the world is still document-centric. Documents, whether created by a human or generated by a machine, underpin every operation, communication exchange and innovation ...
New York

From Y2K To NYC Parking Meters: Have We Learned Anything About Complacency In Cybersecurity?

Cybersecurity Complacency This past January – in what seems like a different world now – a story briefly hit the headlines and was seen as more of a quirk than a threat. It was soon ...