The onus of keeping our digital infrastructure secure can no longer lie solely with the IT team or the upper echelons of management, but is now the responsibility of everyone with access to a computer or smart device.
By Anil Bhasin
Cybersecurity has been elevated from a mere operational consideration to become an issue of international concern and cooperation. This year at the World Economic Forum, we even saw global business and political leaders at the highest levels make clear public commitments to greater openness, transparency and collaboration in the fight against cybercrime.
In the race to keep up with ever-evolving strains and attack modes, the onus of keeping our digital infrastructure secure can no longer lie solely with the IT team or the upper echelons of management, but is now the responsibility of everyone with access to a computer or smart device. It has become clear that a reactive approach to cybersecurity will no longer be sufficient to protect businesses moving into 2020 and beyond. These are four such developments that will define how organisations prepare as we navigate the 2020s:
Mistakes of 4G may carry over to 5G
Telecom Regulatory Authority of India (TRAI) is gearing up to open the 5G spectrum in 2020. However, 5G is built on the foundation of 4G, meaning that the same security threats that were present in the 4G network will likely be magnified further on 5G networks – now moving at an ever-growing pace and connected to even more devices. If existing security risks are not dealt with now and roll over into the 5G era, mobile internet service providers could be the first point of failure during a cyberattack, grinding critical services to a halt.
IoT will become a minefield
Internet of Things (IoT) will result in billions of connected devices. If left unsecured, these connected devices provide multiple entrance points to corporate networks, creating a potential minefield of security ‘explosions’ that could go off at any time—particularly in healthcare IT environments where cyber hygiene, software patches and updates may take a backseat at the moment.
Embracing AI to get ahead
With attackers embracing automation and artificial intelligence (AI) to launch attacks, cybersecurity professionals also need to stay a step ahead by leveraging AI. With many businesses currently in ‘survival mode’ and coronavirus-themed attacks being one of the largest security threats, organisations that aren’t already exploring AI-driven cybersecurity may find themselves at a disadvantage.
Security will influence the next generation of tech products
A DevSecOps approach is one that integrates security processes and tools into the development lifecycle of new products. Baking security into products from the start is the only way given the uber-connectedness expected for networks in the 2020s, especially so with Asia’s soaring appetite for digital financial services and e-commerce. The DevSecOps approach makes everyone responsible for security instead of assuming new apps and devices will be secured by the user once in their hands. Instead, security will need to be the constant thread running through all phases of development.
It’s important to note that a 100% secure network is not practically achievable even in the next decade. Security must be based around priorities, so it’s essential to understand what the organisation’s crown jewels are and protect those effectively.
The writer is regional vice president, India & SAARC, Palo Alto Networks