The cyber threat will continue to be persistent within all industries within UK PLC. The smaller organisations who often feel immune today will have their fair share of problems via traditional day to day cyber enabled crime, whilst the majority will continue to fall victim of low cost phishing attacks. The evolving digital landscape, agile infrastructure and automation of technologies provides an innovative environment for hacking and exploiting new technology. Securing the pervasive digital presence within an organisation will challenge the way security professionals think about security architecture, what a ‘device’ is and its ‘identity’, aligned to multi-layered communication and integration issues. Notwithstanding how this dovetails into core business processes and how these devices, people and apps communicate together. The advancement in automation will see a rise in the already sophisticated automated hacker toolsets, seeing an advanced hacking capability from a less skilled advisory.
The threat landscape has changed for all of us, from attacks on critical infrastructure to aggressive ransomware attacks in local government and wholesale denial of services. The ubiquitous security weaknesses within the vast number IoT devices which are set to transform all our lives, are now unwitting co-conspirators allied in global distributed denial of service attacks. These attacks will continue to challenge the very fabric of the internet, as we know it today. Managed service providers (Cloud and IT) will offer premium cyber safe(r) services, akin to those offering continuity and resilience enhancements to services today. None will be exempt from the new wave of cyber compliance legislation, led in Europe by GDPR, where a disregard for privacy and protection of consumer data will result in huge financial penalties.
Cyber security will cross the traditional boundary from information security risk, focused on Confidentiality, Integrity and Availability of data and information assets. Cyber security will become visible as a critical safety concern. Every dimension of our lives is becoming digital, from the cars we drive to our connected homes and cities, the impact of a cyber-attack as we look forward will affect the safety of people and our digital environments. Cyber security professionals will also become responsible for keeping people and the environment safe. This convergence will require us to think about the changes needed for security within business operations, and the depth of supply chain engagement with security professionals.
Transformational cybercrime capabilities are leveraging digital currency such as the Bitcoin, underpinned by Blockchain, to anonymously monetise malware and exploit kits on a tremendous commercial scale. There are over 300 different ransomware variants already from 50 different families of malware. Each new variant brings better encryption and new features, taking advantage of asymmetric cryptography algorithms that use two separate keys. Malware evasion and encryption technologies will continue to dominate the landscape as this lucrative cybercrime market evolves. Security researchers prepared to cross the line and sell their zero day wares to the highest bidder will continue to support the advancement of modern cyber warfare. Where the blurred lines of state actors and organised cyber-crime work hand in glove for mutual accord in support of targeted attacks.
Cyber defenders will move from legacy incident response duties to a continuous response mode of operation, spending less on prevention technologies and more on investing in their ability to detect and respond. Organisations will develop Security Operations Centre (SOC) capabilities to actively defend against future cyber threats. Active ‘offensive’ defence needs a blend of cyber skills borne out of experience and exposure to multi-layered attack patterns. This can be accomplished through simulating cyber-attack operations, where teams practice detecting and responding to realistic situations to gain the necessary skills. Mining operational security Big Data sets combined with advancements in Machine Learning will provide a pivotal watershed in combating cyber-crime and reducing an organisations attack surface. Offering defenders improved attribution techniques to enhance forensic cyber intelligence capabilities.
Richard Beck is Director of Cyber at QA. He works with customers to build effective and successful learning solutions tailored for business needs, helping to solve business problems. Richard has designed and architected numerous enterprise and nationwide cyber programmes for QA customers. Responsible for the QA cyber portfolio, products, proposition and cyber partner community. He has over 15 years' experience in senior Information Security roles.
Prior to QA, Richard was Head of Information Security for an organisation who underpin 20% of the UK's Critical National Infrastructure. Richard also held Security and Technical Management posts in Defence, Financial Services and HMG. He holds a number of leading cyber professional certifications, including CISSP, CISM, CISA.
Richard sits on a number of industry boards and security advisory panels, and previously chaired the Communication Industry Personnel Security Information Exchange (CPNI). He is the work stream lead for Cyber Skills & Diversity on the techUK Cyber Management Committee, in addition Richard is also supporting a work stream for the UK Cyber Security Council Formation project. Richard is a regular contributor for cyber insights and industry collaboration including speaker engagements.
He is also a STEM Ambassador working to engage and enthuse young people in the area of cyber security. Providing a unique perspective on the world of cyber security to teachers and encourage young people to consider a career in cyber security.
More articles by Richard
Cyber Pulse: Edition 149 | 9 April
Stop your search for cyber security talent
Cyber Pulse: Edition 148 | 1 April
Cyber Pulse: Edition 147 | 16 March
Cyber Pulse: Edition 146 | 4 March 2021
Cyber Pulse: Edition 145 | 19 February 2021
Cyber Pulse: Edition 144 | 5 February 2021
Cyber Pulse: Edition 143 | 27 January 2021
Cyber Pulse: Edition 142 | 18 January 2021
CISOs should prioritise the “human firewall” during Covid-19