Connect with us

Technology

From reactive to proactive: The future of cyber defence

By Nick Walker, Regional Director EMEA, NetSPI

There have been 2.29 million cyber-attacks on UK businesses in the last 12 months, with ransomware attacks increasing by 70%. These shocking figures not only highlight the growing scale of cyber threats but that businesses are also becoming increasingly vulnerable to them.

It’s clear that cybersecurity is no longer confined to the realm of IT departments and tech experts; it has become a concern for every individual in the organisation. In fact, PWC’s Global Digital Insights survey found that cyber budgets in 2024 are increasing at a much higher rate than last year, as “mega breaches” rise in number, scale and cost.

When security can’t keep up with the pace of innovation, the ability to deliver bottom-line results is at stake. To innovate with confidence, organisations need proactive security at the core of their cybersecurity programme. But what exactly is proactive security, why is there a growing need for this approach, and how can organisations ensure their security programmes aren’t just reactive?

Defining proactive security

Traditionally, many businesses tend to operate cyber security defensively or reactively. For instance, patching vulnerabilities or implementing a new security tool after experiencing a breach. This is especially the case for organisations that belong to an industry with significant regulatory or government compliance pressures, such as financial services or healthcare. This approach is no longer fit for purpose – that’s where proactive security comes into play.

Eric Parizo, Principal Analyst at Omdia, defines proactive security as: “…technologies (including those provided as services) that enable organizations to seek out and mitigate likely threats and threat conditions before they pose a danger to the extended IT environment.”

Essentially, a proactive security approach hinges on the anticipation of cyber threats before they materialise into actual breaches. It involves staying one step ahead of the hackers by identifying vulnerabilities before they are exploited by bad actors. Contrary to a reactive approach, dedicated security teams will focus on the entire scope of an organization’s security posture – specifically how to identify, protect (against), detect, and respond to risk.

Let’s also clarify what proactive security is not – it is not a collection of disjointed, temporary solutions that are one trick ponies. This sentiment only creates more confusion and tool fatigue and it may give a false sense of security if those solutions aren’t properly configured or validated. Proactive security is also not knee-jerk reactions to cyber threats – gone are the days of one-off escalated events, too many alerts, and flashing screens. Security teams do not need to respond to everything in their systems; we must be more strategic than that.

What is driving the need for proactive security?

In today’s threat landscape, hackers are finding new ways to breach the security of corporations and one of the tools they are using is artificial intelligence (AI). AI, specifically generative AI such as ChatGPT and the like, has become a powerful tool in their arsenal using the technology to automate attacks, create convincing phishing messages, develop more evasive malware or crack passwords. While AI can help cyber defenders, it also means an expanded attack surface across the organisation which can leave assets exposed and vulnerable to adversaries.

Alongside this, businesses have had to address the growing demand for cloud computing infrastructure, as well as adopt new digital identity technologies to not only satisfy customer needs, but continue innovating at record speed.

A holistic, proactive approach to cybersecurity

Despite the large investments many companies have made in detective controls, they often struggle to detect tactics, techniques, and procedures (TTPs) used by real-world threat actors during sustained and sophisticated attack campaigns. On top of this, the expanding attack surface and ever-changing parameters puts security controls to the test so gaining visibility into external facing assets, vulnerabilities and exposures is a time-consuming and difficult challenge.

The goal is to help businesses address these issues more easily with a combination of right technology and right people to provide expert, tailored guidance. While there isn’t a one size fits all approach, here are the steps to ensuring a holistic approach to your proactive security programme:  

  • Identify: This starts with penetration testing, to provide a snapshot of an organisation’s current environment.
  • Protect: A continuous assessment of the external attack surface is carried out.
  • Detect: Identify a vulnerability and run a play in a breach and attack simulation solution to detect whether a threat would be identified by your security stack.
  • Respond: Complete a Red Team engagement to ensure the team would be able to successfully defend and respond to that threat.

By following these steps, organisations can enhance their cybersecurity posture, proactively address vulnerabilities, and bolster their resilience against cyber threats. This approach not only helps in mitigating risks but also fosters a culture of proactive security within the organisation.

With cybercrime on the rise and only 15% of UK businesses having a formal cybersecurity incident management plan – there has never been a better time to get proactive about security. As AI continues to infiltrate organisations and cloud computing continues to evolve, business leaders must gain a better understanding of their IT stack and overall security posture to minimise potential gaps and exposures. Innovation – and business success – depends on it.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Business

Driving business success in today’s data-driven world through data governance

Source: Finance derivative

Andrew Abraham, Global Managing Director, Data Quality, Experian

It’s a well-known fact that we are living through a period of digital transformation, where new technology is revolutionising how we live, learn, and work. However, what this has also led to is a significant increase in data. This data holds immense value, yet many businesses across all sectors struggle to manage it effectively. They often face challenges such as fragmented data silos or lack the expertise and resources to leverage their datasets to the fullest.

As a result, data governance has become an essential topic for executives and industry leaders. In a data-driven world, its importance cannot be overstated. Combine that with governments and regulatory bodies rightly stepping up oversight of the digital world to protect citizens’ private and personal data. This has resulted in businesses also having to comply e with several statutes more accurately and frequently.

We recently conducted some research to gauge businesses’ attitudes toward data governance in today’s economy. The findings are not surprising: 83% of those surveyed acknowledged that data governance should no longer be an afterthought and could give them a strategic advantage. This is especially true for gaining a competitive edge, improving service delivery, and ensuring robust compliance and security measures.

However, the research also showed that businesses face inherent obstacles, including difficulties in integration and scalability and poor data quality, when it comes to managing data effectively and responsibly throughout its lifecycle.

So, what are the three fundamental steps to ensure effective data governance?

Regularly reviewing Data Governance approaches and policies

Understanding your whole data estate, having clarity about who owns the data, and implementing rules to govern its use means being able to assess whether you can operate efficiently and identify where to drive operational improvements. To do that effectively, you need the right data governance framework. Implementing a robust data governance framework will allow businesses to ensure their data is fit for purpose, improves accuracy, and mitigates the detrimental impact of data silos.

The research also found that data governance approaches are typically reviewed annually (46%), with another 47% reviewing it more frequently. Whilst the specific timeframe differs for each business, they should review policies more frequently than annually. Interestingly, 6% of companies surveyed in our research have it under continual review.

Assembling the right team

A strong team is crucial for effective cross-departmental data governance.  

The research identified that almost three-quarters of organisations, particularly in the healthcare industry, are managing data governance in-house. Nearly half of the businesses surveyed had already established dedicated data governance teams to oversee daily operations and mitigate potential security risks.

This strategic investment highlights the proactive approach to enhancing data practices to achieve a competitive edge and improve their financial performance. The emphasis on organisational focus highlights the pivotal role of dedicated teams in upholding data integrity and compliance standards.

Choose data governance investments wisely

With AI changing how businesses are run and being seen as a critical differentiator, nearly three-quarters of our research said data governance is the cornerstone to better AI. Why? Effective data governance is essential for optimising AI capabilities, improving data quality, automated access control, metadata management, data security, and integration.

In addition, almost every business surveyed said it will invest in its data governance approaches in the next two years. This includes investing in high-quality technologies and tools and improving data literacy and skills internally.  

Regarding automation, the research showed that under half currently use automated tools or technologies for data governance; 48% are exploring options, and 15% said they have no plans.

This shows us a clear appetite for data governance investment, particularly in automated tools and new technologies. These investments also reflect a proactive stance in adapting to technological changes and ensuring robust data management practices that support innovation and sustainable growth.

Looking ahead

Ultimately, the research showed that 86% of businesses recognised the growing importance of data governance over the next five years. This indicates that effective data governance will only increase its importance in navigating digital transformation and regulatory demands.

This means businesses must address challenges like integrating governance into operations, improving data quality, ensuring scalability, and keeping pace with evolving technology to mitigate risks such as compliance failures, security breaches, and data integrity issues.

Embracing automation will also streamline data governance processes, allowing organisations to enhance compliance, strengthen security measures, and boost operational efficiency. By investing strategically in these areas, businesses can gain a competitive advantage, thrive in a data-driven landscape, and effectively manage emerging risks.

Continue Reading

Technology

‘Aligning AI expectations with AI reality’

By Nishant Kumar Behl, Director of Emerging Technologies at OneAdvanced

AI is transforming the way we work now and will continue to make great strides into the future. In many of its forms, it demonstrates exceptional accuracy and a high rate of correct responses. Some people worry that AI is too powerful, with the potential to cause havoc on our socio-political and economic systems. There is a converse narrative, too, that highlights some of the surprising and often comical mistakes that AI can produce, perhaps with the intention of undermining people’s faith in this emerging technology.

This tendency to scrutinise the occasional AI mishap despite its frequent correct responses overshadows the technology’s overall reliability, creating an unfairly high expectation for perfection. With a singular focus on failure, it is, therefore, no surprise that almost 80% of AI projects fail within a year. Considering all of the hype around AI and particularly GenAI over the past few years, it is understandable that users feel short-changed when their extravagant expectations are not met.

We shouldn’t forget that a lot of the most useful software we all rely on in our daily working lives contains bugs. They are an inevitable and completely normal byproduct of developing and writing code. Take a look at the internet, awash with comments, forums, and advice pages to help users deal with bugs in commonly used Apple and Microsoft word processing and spreadsheet apps.

If we can accept blips in our workhorse applications, why are we holding AI to such a high standard? Fear plays a part here. Some may fear AI can do our jobs to a much higher standard than we can, sidelining us. No technology is smarter than humans. As technology gets smarter, it pushes humans to become smarter. When we collaborate with AI, the inputs of humans and artificial intelligence work together, and that’s when magic happens.

AI frees up more human time and lets us be creative, focusing on more fulfilling tasks while the technology does the heavy lifting. But AI is built by humans and will continue to need people asking the right questions and making connections based on our unique human sensibility and perception if it is to become more accurate, useful, and better serve our purpose.

The fear of failing to master AI implementation might be quite overwhelming for organisations. In some cases, people are correct in being cautious. There is a tendency now to expect all technology solutions to have integrated AI functionality for the sake of it, which is misguided. Before deciding on any technology, users must first identify and understand the problem they are trying to solve and establish whether AI is indeed the best solution. Don’t be blinded by science and adopt the whistles and bells that aren’t going to deliver the best results.

Uncertainty and doubt will continue to revolve around the subject of AI, but people should be reassured that there are many reliable, ethical technology providers developing safe, responsible, compliant AI-powered products. These organisations recognise their responsibility to develop products that offer long-term value rather than generating temporary buzz. By directly engaging with customers to understand their needs and problems, a customer-focused approach helps identify whether AI can effectively address the issues at hand before proceeding down the AI route.

In any organisation, the leader’s job is to develop strategy, ask the right questions, provide direction, and often devise action plans. When it comes to AI, we will all need to adopt that leadership mindset in the future, ensuring we are developing the right strategy, asking insightful questions, and devising an effective action plan that enables the engineers to execute appropriate AI solutions for our needs.

Organisations should not be afraid to experiment with AI solutions and tools, remembering that in every successful innovation, there will be some failure and frustration. The light bulb moments rarely happen overnight, and we must all adjust our expectations so that AI can offer a perfect solution. There will be bugs and problems, but the journey towards improvement will result in achieving long-term and sustainable value from AI, where everyone can benefit.

====

Nishant Kumar Behl is Director of Emerging Technologies at OneAdvanced, a leading provider of sector-focussed SaaS software, headquartered in the UK.

Continue Reading

Business

Machine Learning Interpretability for Enhanced Cyber-Threat Attribution

Source: Finance Derivative

By: Dr. Farshad Badie,  Dean of the Faculty of Computer Science and Informatics, Berlin School of Business and Innovation

This editorial explores the crucial role of machine learning (ML) in cyber-threat attribution (CTA) and emphasises the importance of interpretable models for effective attribution.

The Challenge of Cyber-Threat Attribution

Identifying the source of cyberattacks is a complex task due to the tactics employed by threat actors, including:

  • Routing attacks through proxies: Attackers hide their identities by using intermediary servers.
  • Planting false flags: Misleading information is used to divert investigators towards the wrong culprit.
  • Adapting tactics: Threat actors constantly modify their methods to evade detection.

These challenges necessitate accurate and actionable attribution for:

  • Enhanced cybersecurity defences: Understanding attacker strategies enables proactive defence mechanisms.
  • Effective incident response: Swift attribution facilitates containment, damage minimisation, and speedy recovery.
  • Establishing accountability: Identifying attackers deters malicious activities and upholds international norms.

Machine Learning to the Rescue

Traditional machine learning models have laid the foundation, but the evolving cyber threat landscape demands more sophisticated approaches. Deep learning and artificial neural networks hold promise for uncovering hidden patterns and anomalies. However, a key consideration is interpretability.

The Power of Interpretability

Effective attribution requires models that not only deliver precise results but also make them understandable to cybersecurity experts. Interpretability ensures:

  • Transparency: Attribution decisions are not shrouded in complexity but are clear and actionable.
  • Actionable intelligence: Experts can not only detect threats but also understand the “why” behind them.
  • Improved defences: Insights gained from interpretable models inform future defence strategies.

Finding the Right Balance

The ideal model balances accuracy and interpretability. A highly accurate but opaque model hinders understanding, while a readily interpretable but less accurate model provides limited value. Selecting the appropriate model depends on the specific needs of each attribution case.

Interpretability Techniques

Several techniques enhance the interpretability of ML models for cyber-threat attribution:

  • Feature Importance Analysis: Identifies the input data aspects most influential in the model’s decisions, allowing experts to prioritise investigations.
  • Local Interpretability: Explains the model’s predictions for individual instances, revealing why a specific attribution was made.
  • Rule-based Models: Provide clear guidelines for determining the source of cyber threats, promoting transparency and easy understanding.

Challenges and the Path Forward

The lack of transparency in complex ML models hinders their practical application. Explainable AI, a field dedicated to making models more transparent, holds the key to fostering trust and collaboration between human and machine learning. Researchers are continuously refining interpretability techniques, with the ultimate goal being a balance between model power and decision-making transparency.

Continue Reading

Copyright © 2021 Futures Parity.