Turns out, fighter jets have more to fear from cyberattacks than missiles.
Interested Engineering, a science and technology web site says, "F-35 fighter jets are more susceptible to cyberattacks than missiles. This is because F-35s are flying computers with technologically advanced features such as AI-like sensor fusion, improved data links, and a database of threat information at-the-ready."
In a similar vein, whenever an organization adopts a new technology or a new way of doing business, it is also opening up new loopholes and vulnerabilities that attackers can exploit.
A good example of this is the well-known supply chain hack of an IT management company in 2020. This was one of the biggest cybersecurity breaches of that year and left many US government agencies reeling.
A traditional supply chain, for a manufacturer or a retail operation, for example, refers to the various people and processes that are involved in the end-to-end distribution cycle of a product, from procuring the raw materials to manufacturing and dispensing the product to the end user. For a software publisher though, a supply chain is the network of developers, systems, and teams, both internal and external, that are part of the development and distribution of an IT product or service.
A leading IT management company in the US, which services clients like Microsoft and several US government agencies, was subjected to a supply chain attack, allegedly by Russian hackers. One of the company's software solutions was hacked into, and a malicious code was added to it. This software is used by over 33,000 clients, whose data the hackers were able to access.
The attackers then entered the clients' systems by sending an upgradation email with the malicious code in it. Once the customers installed the upgrade, a malware was installed in the system through which the hackers spied on client organizations. The hackers had free rein in numerous IT systems for some time, until they were spotted by one of the company's clients, a cybersecurity firm.
The simplicity of the attack and how it was carried out prompts concerns about the cybersecurity readiness of some organizations.
According to a recent IDG survey commissioned by Insight Enterprises, despite increases in their cybersecurity budgets in 2020, 78% of senior IT leaders believe that their companies lack sufficient protection against cyberattacks.
This realization led to over 91% of organizations, who participated in the IDG survey, increasing their cybersecurity budget in 2021.
While this conveys the importance most organizations now place on their cybersecurity measures, the real concern is whether this increased spending will make a difference.
To ensure that cybersecurity spending results in the required ROI, organizations will have to implement a cybersecurity framework that best suits each of their business models and needs.
For example, Intel chose to use the NIST cybersecurity framework for its pilot project to improve its existing risk management processes, security measures, and associated budgets. The flexibility of the NIST framework enabled Intel to tailor it to align with its business needs.
According to the official NIST website, Intel stated that "the Framework can provide value to even the largest organizations and has the potential to transform cybersecurity on a global scale by accelerating cybersecurity best practices".
The compliance requirements of the industry that the organization belongs to, as well as its vision, mission, and business needs can be addressed by implementing an effective cybersecurity framework.
In a recent survey of 500 respondents who were either individuals responsible for Incident Command System operations, or were from IT and business enterprises, over 48% preferred to map their systems to the NIST Cybersecurity Framework.
Other top-rated frameworks include the Center for Internet Security Critical Security Controls (CIS) and those put forth by ISO like ISO 27001 and 27002.
Apart from being prepared for possible security breaches and avoiding any loopholes from the organization's standpoint, following a framework helps you approach cybersecurity from an end-to-end risk management perspective. This includes the monitoring activities that occur at all levels and across all departments in the organization.
Implementing a good framework also helps an organization assess itself, its place in the threat landscape, and the loopholes it has to address.
Customers feel more comfortable doing business with organizations that have proper protocols in place to protect personal information. Following a top-rated framework like NIST or CIC adds credibility to an organization as well as an increase in customer/stakeholder trust.
A framework also helps create a plan of action that a company can turn to at the time of a cyber crisis. Take for instance, the five-step plan put forth by NIST to tackle ransomware attacks.
With the increasing number and variety of cyberthreats, many organizations have begun to focus on creating a powerful defense mechanism to increase their resilience against sudden and unpredictable attacks.
According to Threatpost, there has been a global surge of 151% in ransomware threat volume in 2021, as compared to 2020. As a consequence of this, NIST has published revised guidelines to help deal with ransomware attacks. Review the five steps in the NIST Framework illustration.
In a recent study from Frontiers in Computer Science, conducted by students of La Trobe University, it was found that one of the major setbacks in the Smart City initiative by Saudi Arabia was the lack of a comprehensive cybersecurity framework to address possible threats.
With the aim of providing a better quality of life to their citizens, several developed and developing nations have taken up Smart City initiatives. Like the program name suggests, these cities provide smarter and more efficient ways for governments to use the limited resources available through information and communication technology. The participating cities typically rely on digital technology, design-thinking, and data.
The study, which compares Saudi's Smart City initiative to similar plans implemented in several cities in the US, Singapore, and India, describes three layers that work together to form a smart city.
This interconnectedness of systems which is the driving force behind the Smart City Initiative, leads to all the data being stored in one place and posing a great deal of risk from potential cyberthreats. A security framework like CIS, which consists of 18 different security controls, talks about data protection in control 13. It consists of measures like maintaining an inventory of sensitive data, removing sensitive data or data not regularly accessed by an organization, access controls, encryption of data on mobile and USB devices, and more. It also talks about monitoring and blocking unauthorized network traffic or encryption using an automated tool, which would alert information security professionals. A SIEM solution like Log360, which uses automatic data collection to collect log data from various sources and ensures real-time data monitoring, is an effective way to mitigate some of the risks associated with interconnectedness and storage of all data in one place.
Cybersecurity and data privacy frameworks are a priority when it comes to developing smart cities, which are dependent on information and data for their functioning.
The paper goes on to propose a cybersecurity framework for Saudi Arabia's Smart City initiative, with five main components.
"The first is a digital trust platform to manage connections and seamless communication between different nodes in the ecosystem.
The second part of the framework is a cyber-threat intelligence and analysis forum where cyber threats are actively monitored to ensure that they are mitigated effectively.
The third component of the framework is cyber competencies and awareness programs to raise interest in the field and attract more people into the workforce.
The fourth component is privacy-by-design that aims to protect the privacy of residents in the smart cities through the use of privacy standards throughout the ecosystem.
Finally, the proposed framework has a cyber-response and resilience standard that would ensure smart cities are ready to effectively respond to any future cyber-attacks."
All of these are essential components not just for smart cities but any organization that aims to build a system to ensure cybersecurity and resilience. Choosing and implementing a good framework is crucial in today's threat landscape, especially with governments, industry giants, and huge conglomerates increasingly depending on data.
The Saudi Smart City case study notes that real-time data collection and tracking is a major component of cybersecurity, whether it a smart city or an organization.
Choosing a SIEM solution like Log360, which carries out real-time data tracking to provide alerts and diagnose malicious activity, is advantageous for any cybersecurity plan.
Click here to download Log360 and access the free 30-day trial.
You will receive regular updates on the latest news on cybersecurity.
© 2021 Zoho Corporation Pvt. Ltd. All rights reserved.