Cyber security has never assumed more relevance than now, when cloud adoption and AI are transforming the way we live, and the region, in particular, is on fast track mode where technology is concerned. Add to this, the stress on innovation, and we have a whole security landscape that requires a fresh, renewed approach.
FireEye, leaders in cyber security, have revealed their predictions for 2020 in a report titled ‘The Road Ahead: Cyber Security in 2020 and Beyond’, detailing key trends and lookout points about cyber security that organizations need to bear in mind during their digital transformation journey.
Sandra Joyce, Senior Vice President of Global Intelligence, FireEye, says in the report that one key takeaway for the next year is that “every organization is somehow related to a possible target. Even if an organization is small or seemingly insignificant to threat actors, it’s likely a supplier, third-party vendor, or in some way connected to a bigger, larger target. Organizations need to be cognizant that they could be the critical node—they could be the weakest link.”
In order to do this, she says, organizations must consider the broader context: “It’s not just what’s happening between a target and a threat actor-the entire ecosystem that they’re a part of matters. The best thing organizations can do going into 2020 is understand where they sit in the threat landscape, but that’s easier said than done. Those that are trying to use intelligence are now seeing that it’s quite a large task to really understand their threat profile.”
Another key learning is that there are multiple levels of security maturity in the market space. “Some organizations are extremely mature when it comes to using intelligence to make decisions and to improve their security postures, whereas other organizations are just starting out and need good advice about how to use intelligence in the best way possible to prioritize their spend and put the technology they have to good use. Leaders of organizations implementing an intelligence program have the benefit of understanding what is likely to happen, and what threats are targeting them and others in their industry. However, other leaders haven’t had to think about what is going on beyond their network until now,” Joyce points out.
According to the report, ransomware is an emerging area of concern and defenders of the cyber security landscape must explore new techniques to tackle this threat.
“What we’ve been seeing in the underground is threat actors advertising their access to organizations, no matter what industry, and trying to find partners who have ransomware that they can deploy deep in those networks in a very customized fashion. We’ve also seen some of the most sophisticated criminal intrusion operations shift to this type of ransomware deployment, away from other tactics. This very targeted ransomware technique is leading to increased ransomware demands and putting organizations at a high risk of losing intellectual property,” Joyce says.