3 technology and process security risks that you need to manage
Some technologies and common processes used by organisations today can conceal cyberthreats. These factors increasingly expose organisations to emerging cybersecurity challenges such as Advanced Persistent Threats (APTs), cloud security risks, and cyber supply chain risks.
Threat actors behind APTs such as malware and ransomware are sophisticated and use a variety of stealth techniques to compromise systems and data at high-value organisations. These may include phishing campaigns, creating backdoors to critical organisational resources and data, or indulging in web server exploitation.
Many APTs are carried out by state-sponsored groups and target valuable data, assets, and properties of rival countries. They are often motivated by financial gain or cyber espionage for intellectual property theft, and sometimes even hacktivism. The dwell time of APTs is high, which means they can remain undetected in the host systems for weeks or months. In addition to targeting public entities, APTs are known to take aim at companies that work with governments in the region.
To prevent APTs, public and private sector organisations in APAC must bolster their cybersecurity posture. They can avoid blind spots that may harbour APTs by deploying broader technical controls. These controls deploy detection capabilities across the network and endpoints and offer comprehensive visibility into evolving threats.
Digital supply chains are full of security risks
As supply chains become more digital, deeply interlinked and global, the potential for weak spots in them has increased manifold. Each link that relies on technology becomes a cybersecurity risk that needs to be accounted for while developing the security posture. It is essential to understand what the cyber risks and challenges in supply chains are and how to create a sound a cyber supply chain risk management policy
The complex nature of the supply chain to meet evolving market needs can create vulnerabilities that may lay dormant for years. Each participant in the supply chain, be it a manufacturer or distributor, adds further layers of inherent supply chain cyber risks.
Threat actors who hack through digital supply chain’s weak spots often target the mass market by inserting malicious software or hardware, or even counterfeits, and tamper with source codes.
How do you manage cybersecurity risks in supply chains? It is essential to ensure the supply chain’s integrity, reliability, security, quality, and resilience, as well as the products and services that go into building the supply chain over its lifetime. To reduce supply chain cybersecurity risks, organisations need to:
- Identify and map their cyber supply chain
- Scope, analyse, and understand cyber supply chain risks
- Establish cyber supply chain cybersecurity benchmarks
- Audit the cyber supply chain regularly for security compliance
- Continually monitor and enhance cyber supply chain practices
The National Institute of Standards and Technology (NIST) of the US’s supply chain risk assessment framework and Cyber-Supply Chain Risk Management (C-SCRM) programme provides templates for identifying, assessing, and mitigating the risks due the distributed and interconnected nature of ICT product and service supply chains. As it covers the entire life cycle of a system it is quite handy in managing these risks.
Cloud cybersecurity threats keep surging
There was a higher incidence of cloud cybersecurity attacks in 2022 as cloud adoption became increasingly popular in APAC. Cloud infrastructures can carry cybersecurity risks, just like on-premises IT infrastructures. So, it is important to understand what are the security risks of cloud computing.
In the shared responsibility matrices of cloud engagements, both cloud services providers and consumers are responsible for certain parts of the cloud cybersecurity controls. However, the sheer amount of data and information stored and moved into the cloud makes it prone to cybersecurity risks despite having multilevel cybersecurity controls. Top cloud security threats in the region include:
- Account hijacking, where malicious actors gain control over an organisations or its employees’ cloud-based accounts.
- Credential theft, which involves stealing a business or individual’s proof of identity.
- Shadow IT, or the use of devices, software, or services outside the ownership or control of the organisation’s IT department.
- Misconfiguration or errors, glitches, or gaps in setting up cloud services or access controls.
- Weak data encryption.
SaaS applications, in particular, are made up of multiple assembled parts, with each having a different level of risk. Worse still, there are millions of vulnerable open-source components, many of which have high-risk vulnerabilities.
It is expected that cloud security risks will multiply in 2023. Fact is, most organisations in the region do not have the required skills to manage evolving cybersecurity challenges in the cloud. When the pandemic started, companies had to speed up the deployment of cloud-native services using the skills of application developers, who did not have the needed expertise to implement cloud security controls.
Companies today are facing a few important cloud security challenges:
- Lack of experience or skills among those who configure and manage cloud controls
- The scarcity of specialised cloud security talent
- The adoption of DevSecOps practices, which integrate security into each stage of the software development and operations lifecycle, is not yet widespread in the region
These factors, when added together, form a major hurdle to consistently embedding security guardrails and controls in the cloud environment.
Managed services: The solution to the security skills challenge
Managing core business functions while analysing and responding to the large volume of potential threats is typically beyond the scope of most in-house IT security teams. In addition, mitigating cyber threats and integrating cybersecurity controls into all relevant areas of the cloud require specific skills and experience that can stretch the workload in many organisations today.
Cybersecurity teams can leverage the services of experts at managed service providers to help them manage cyber supply chain risks and enhance their cloud security posture. Such companies can also provide the advanced competencies required to prevent, detect, and manage most APTs.