Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Technology

From Coronavirus to Cybersecurity: The Wisdoms of Dealing with Pandemics

From Coronavirus to Cybersecurity: The Wisdoms of Dealing with Pandemics

Published : , on

By Dhanya Thakkar, Vice President and Managing Director, AMEA, Trend Micro 

In the span of a few months, the coronavirus has reached every country, every community, and every neighbourhood. No nation is spared. Economy grinds to a halt. Millions have fallen sick.

In the meantime, if you take a look at the 15 biggest cyberattacks in the 21st century, you’d notice a few things. First, no country is untouched. Second, it’s extremely disruptive to business operations. Third, millions have fallen victim to these attacks. We have been dealing with a different kind of outbreak for many years, that is, the pandemic of cyberattacks.

The world responds

By now, most countries have imposed a mixed bag of measures to deal with the outbreak. If you look closely, the overarching strategy for dealing with COVID-19 has revolved around four quadrants: prevention, detection, response, and prediction.

In cybersecurity, we often talk about the importance of a holistic strategy that consists of the same quadrants. At its core, a good cybersecurity strategy should take multi-pronged approach and a long-term view.

Prevention

The first pillar of the defense is prevention. In the time of COVID-19, prevention means protecting people from being infected in the first place, such as washing your hands, socially distancing yourself from others, disinfecting your phone and wallet when you get home, and more.

In cybersecurity, prevention means the exact same thing – protecting your IT assets from being infected in the first place. Because most major data breaches can be traced back to a single point of failure that could have been prevented.

Today, many new cybersecurity vendors talk of a shining silver bullet that miraculously waves away all your cybersecurity headaches – such as machine learning or EDR. But in reality, the concept of a single silver bullet doesn’t hold up. You need the basic technologies – such as antivirus, application control, web and file reputation, etc. – to do the heavy lifting. These technologies can filter majority of the alerts, categorising them as either good or bad.

Detection – knowing what you’re looking for

Contact tracing is crucial during outbreaks. The longer you take to identify a patient, the more people will be infected.

In cybersecurity, detection is about the same thing – how fast you can detect a breach in your system determines the scope of damage. We believe in this strategy called connected threat defense. By deploying security solutions at all the touchpoints in an IT system, from the endpoints to the network to the server, you can start to connect the dots and gain visibility into every nook and cranny. If you know what’s lurking in your IT environment, you can significantly increase your chance of getting rid of it.

Endpoint detection and response (EDR) is another tool designed for the same purpose. EDR technology works like a black box in a plane. It records everything that takes place on the endpoints and threat hunters can rewind to see from which point a threat entered the system, and how it spread across the network. Based on the information, a blueprint of the malware’s infection path can be drawn.

Response – prioritizing the important ones

During the outbreak, there are many false positives and false negatives. Some people may test negative now but develop the symptoms next week. Suspected cases may turn out to be totally innocuous. Because the medical supplies are limited, the healthcare workers need to prioritize. To prioritise, you need context-rich information about the patient.

It’s the same in cybersecurity. A security operations centre (SOC) receives thousands of alerts on a daily basis. Hence, prioritization becomes the key and this is where XDR comes into picture. XDR is the natural progression from EDR. The X stands for anything you can apply detection technology to, such as emails, servers, or the network. XDR is a big collector of security alerts, absorbing data from various touchpoints.

Essentially what XDR does is to break the silos between all these solutions gathering data on their own. A prominent feature of the XDR tool is a central data lake where all data will flow to eventually and be analysed as a collective.

All this data churning can minimise alert fatigue, as it produces high-priority alerts with rich context around it. SOC analysts can now focus on alerts that need immediate action instead of combing through every single one of them and manually looking for connection.

Prediction – taking two steps ahead

Wall Street Journal reported that epidemiologists were teaming up with data scientists to forecast the spread of the coronavirus outbreak in the near future. By taking into consideration a vast array of different types of data, the model is expected to predict the number of new cases to arise in an exposed population, or peak infection rates.

Likewise, in cybersecurity, the more accurate our predictions are, the more effectively we can deal with an upcoming data breach. We achieve this by collecting and correlating a vast array of different types of detection and activity data from our native sensors, deployed at different layers within the organisation, like the endpoint, network, email, and the cloud environment.

Combined with big data analytics, threat models, advisory-based behaviour analytics and detection rules from our security experts, we can help to uncover if an emerging or unknown threat or a threat actor is attempting to infect your organization. On top of that, continuous risk assessment of an organisation’s cybersecurity posture also serves to predict impending issues.

COVID-19 will go away, just like any of the pandemics in the past. But cyberattacks will stay as long as there’s a computer connected to the internet. The most effective way to deal with cyberattacks is not to dream of a cure-all panacea, but to take small but coordinated measures that culminate in an all-rounded defense strategy.

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: . You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post