The Everlasting Cybersecurity Conundrum

Cybersecurity Conundrum

Technologies put forward that attempt to block and ensnare cyber-criminals and the more infamous advances of said cyber-criminals searching for new loopholes and implementing fresh attacks. Unfortunately, just as tech advances such as artificial intelligence aid the security world in the design and development of modern defences, so too is it being used by hackers in automated attacks that are able to more quickly break into user accounts. Overall, cyber-security is a chicken and egg conundrum that’s not likely to change in the foreseeable future.

With regards to security breaches and cyber-attacks, said Jonathan Couch, SVP of Strategy at ThreatQuotient, at the end of last year, “Unfortunately right now I think we’re still in that area where the bad guys are winning.“” According to Trend Micro’s Rundown of the Biggest cybersecurity Incidents of 2016, ransomware attackers were the most persistent cyber-criminals, while Mirai with the capability of turning devices into DDoS attacking bots took the role of worst all-round troublemaker. In 2016 we unfortunately also saw the first successful cyber-attack on an industrial facility when parts of the Ukrainian power grid were captured causing unscheduled power outages that affected approximately a quarter of a million customers. And with news in December of over a billion users breached and compromised, Yahoo takes the dubious prize for largest breach on record. Along with SWIFT Vulnerabilities, the prevalence of ransomware, and further vulnerabilities coming to light, 2016’s cyber-security landscape was troubled, to say the least.

A New Year, a New Strategy?

As much as we’d like to believe that all these holes have been plugged, 2016’s cybersecurity failures imply more to follow in 2017. Experts believe IoT will continue to be vulnerable to attack this year, but with the landscape broadening across personal, business, and governmental areas, as well as innovations and adoptions steadily expanding, the potential for attacks cresting even the recent DDoS attack on Dyn can be envisaged. Malware is also being predicted to be an active threat this year, and with artificial intelligence imbuing such methods with greater ability as well as the industrialisation of cybercrime, it’s a race to see whether security providers and experts can plug holes as quickly as they appear.

Gladly, security automation and orchestration could provide greater defence against cybercrime through machine learning, behavioural analytics, and threat intelligence, but while bolstering the security field and filling skill gaps, such innovations can also be exploited for immoral assistance’s; just as autonomous security programs seek out and patch vulnerabilities, so too can autonomous hacking programs seek vulnerabilities, but with a very different end goal in mind. Ransomware is also likely to evolve in 2017, and being one of the ‘better paid’ forms of cybercrime, organizations will have to review strategies to safeguard their systems and data. Regrettably, some experts predict ransomware attacks may develop from primarily finance-driven models to efforts to influence business decisions and policies, affecting strategic outcomes.

A daunting setting, but it’s important not to forget the good guys tirelessly battling these challenges, racing against the clock to prevent intrusions, disruptions and violations; the news seldom highlights failed assaults and successful threat prevention, but they are growing as significantly as the misdeeds. Going forward, organisations and individuals will have to make the commitment to get more involved in cybersecurity; it’s no longer enough to trust providers with this eternal task. Regulators are already coming to the fore helping consumers and providers alike implement necessary security strategies, and the practical among us track current trends while implementing policies that limit vulnerability. It’s time to pick a side, and those reluctant to join the fight against cybercrime are directly enhancing the position and tools of cyber-criminals.

By Jennifer Klostermann

Kelly Dyer
Achieving Data Security Compliance As individuals, we go through life sharing information about ourselves in every aspect of our daily existence. From credit checks for securing a loan, through to entire personal and family medical ...
Alex Tkatch
Best Practices for Designing and Executing a Product Launch Nothing in entrepreneurial life is more exciting, frustrating, time-consuming and uncertain than launching a new product. Creating something new and different can be exhilarating, assuming everything ...
Dinesh Varadharajan
The Future with Automation Many entrepreneurs believe digital technologies will transform the way their companies work. By 2022, the worldwide hyper-automation technology market is expected to be worth $596.6 billion. And by 2055, almost half ...
Dana Gardner
Just as cloud computing initially seeped into organizations under the cloak of shadow IT, application programming interface (API) adoption has often followed an organic, inexact, and unaudited path. IT leaders know they’re benefiting from APIs -- ...
JK Chelladurai
Maintain telecom tax compliance The Telecommunications industry is one of the most heavily taxed service industries. In countries such as the United States, providers have to keep on top of Federal, State, and District taxes, ...
  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.