The pandemic has accelerated digital transformation beyond anyone’s imagination. Considering the increased cybersecurity risks introduced by digital technologies, what should society do to prevent cyber-attacks, reduce damage, and strengthen trust? In this blog post, I'll try to explain how to improve cybersecurity preparedness in the post-COVID world by promoting trust in the digital world through awareness, culture, and sensible controls such as the implementation of zero-trust architecture, encryption, and digital sovereignty, as well as sharing information to build a web of trusted partners.
Advance Trust with Awareness and Culture
As new technologies, like artificial intelligence, cloud computing, blockchain, and the Internet of Things (IoT), become increasingly prominent in the workplace, digital trust practitioners will need to adapt responsibly and safely. Furthermore, effective security necessitates skilled personnel, which is now impeded by a cybersecurity skillset deficit. Individuals who have attained the essential training will be better equipped to protect their organizations. The emergence of ransomware groups targeting critical infrastructure such as healthcare facilities and energy organizations, as well as the rising trend of large-scale data breaches, is putting governments' capacity to defend citizens' lives, property, and well-being in jeopardy. Several countries have advocated a number of public and private sector security measures to address the dangers presented by cybersecurity assaults.
Strengthen Trust with Sensible Controls
In the old days, organizations can build reasonable defense based on physical barriers and perimeter controls. With cloud and mobile computing becoming the norm, identity-based and strong authentication are the crucial steps in advancing trust in the digital world. The implementation of preventive security controls such as multi-factor authentication, encryption, strategies like zero-trust architecture and digital sovereignty are foundational pillars in strengthening digital trust. Furthermore, companies of all sizes need to strengthen trust with sensible controls to be better prepared for cybersecurity threats. Based on the NIST Cybersecurity Framework, I have listed here seven areas where enterprises can focus. Achieving these will go a long way toward enhancing organizations’ security posture while meeting various national and industry regulatory compliance requirements, including the ever-growing number of cybersecurity and privacy acts.
- Identify: An organization must be able to discover data wherever it resides and classify it. This data can be in many forms: files, databases, and big data; spread across storage on-premises, in clouds, and across back-ups. Data security and compliance start with finding exposed sensitive data before hackers and auditors. Identification enables organizations and their stakeholders to determine the "what" and "where" of sensitive data and critical business processes so that appropriate security measures can be implemented.
- Protect with zero trust: The mantra of zero trust is "trust no one and always verify". Humans, machines, and APIs should all be authenticated using this method based on their identities, purposes, and usage context. Essential data can then be extracted, transferred, stored, analyzed, and manipulated under the control of zero trust to produce meaningful results.
- Protect with Encryption and De-identification: Once an organization knows where its sensitive data is, it can apply critical data breach mitigation controls such as encryption or tokenization. For encryption and tokenization to successfully secure sensitive data, the cryptographic keys themselves must be secured, managed, and controlled by the organization. Even if data is inadvertently disclosed, once encrypted or de-identified, the resulting data string appears to an unauthorized person as gibberish and has no value.
- Protect with digital sovereignty: This term refers to keeping encryption and data access under your control. This eliminates the risk of sensitive data falling into the hands of others without explicit permission, resulting in regulatory non-compliance. Digital sovereignty facilitates multi-cloud operations while avoiding vendor lock-in.
- Detect with continuous monitoring and assessments: This enables organizations to keep an eye on information security, vulnerabilities, and threats at all times to support risk management decisions. To detect ongoing or recent attacks, malicious insiders, privileged users, APTs, system and user behaviors and other cyber threats must be monitored for anomaly.
- Respond: Prepare for the incident by detecting, identifying, analyzing, containing, eliminating, recovering, and learning from it.
- Recover with business continuity and resilience: The implementation of a Business Continuity Plan (BCP), Incident Response Plan (IRP), and Disaster Recovery Plan (DRP) ensures that operations can continue as usual even if unexpected events, crises, or unusual operating conditions occur.
Share Information and Build a Web of Trusted Partners
The hacking community is continually evolving, affecting victims in both public and private sectors, causing multi-trillions dollar of damage every year. To better understand and adapt to the changing threat landscape, organizations must share information with one another to build a web of trusted partners as well as implement and develop secure baselines and policies to strengthen defenses and response plans. Examples such as the Cybersec Infohub from the HKSAR Government and the recent US Executive Order calls for the government and essential service providers to share cybersecurity related information and collaborate effectively to defend against the growing threat of cyberattacks.
I hope the list above will help you improve your cybersecurity preparedness and provide some insight into the steps to avoid cyberattacks, reduce damage, and strengthen trust. So to wrap up, we need a safe digital society and the only way to achieve that is though awareness, culture, sensible controls, and information sharing to build a network of trusted partners.
Learn more about how Thales can help you discover, protect and control access to your sensitive data wherever it is - from the cloud and data centers and across networks.