Cybersecurity - The War Is Outside

When I landed at Washington DC via Abu Dhabi for the first time, I was looking for the immigration counter. I asked someone in the airport and he pointed me to the exit sign which led me directly to the taxi rank. I was very intrigued, thought hard and then realised that the immigration formalities to the United States were completed at the Abu Dhabi airport. While this revolutionises customer experience, I understand that the threat landscape of US border control might have increased by a few notches.

It would not take long for us to realise that the US Authorities would need to implement the same people, process and technology at the Abu Dhabi airport as they have at US Airports. This would mean having close communication and intelligence sharing between the border controls of the two nations.

Well what's the relevance with cybersecurity? Today the threat landscape of Cybersecurity has gone through a major transformation. Traditionally, it was all about fortifying the perimeter of the organisation from external bad guys. Organisations are no longer a network of assets which are isolated and segregated from the internet. Most organisations have migrated to the cloud, are exposed to Internet of Things (IOT) and are looking at adopting next gen innovations like Blockchain and Industry 4.0 etc. A organisation of today is a heterogeneous mixture of cloud service providers, partners, managed service providers, suppliers, fourth parties, work from home employees etc., that has redefined the boundaries of the perimeter.

The iSecurecyber team at Transformationplus interviewed more than a dozen CISO and CRO's and they stated that the most dominating threat they perceive in their organisation is cyber attacks through Supply Chain channels.

The same trend was echoed in several industry reports including the following:

#1: Exactly half (50%) of today’s attacks leverage "island hopping“- Carbon Black quarterly report, April 2019

#2: Supply Chain attacks ballooned by 78% in 2018. – NextGov article on security threat report 2019

In order to effectively defend against the evolving threat landscape, we at Transformationplus, recommend the following:

1. The role of CISO needs to be transitioned from being technology focussed to business focussed. This means that CISO's would need to become Chief cyber risk officers (CCRO) supervising and managing cyber risks across the enterprise. This would enable the CCRO to articulate cyber risk as a business risk.
2. All employees of the organisation including the board need a paradigm shift in behaviour. They need to become champions of cyber risk. This would mean that they own cyber risk in their respective departments and work with cyber risk officers to integrate cyber security into their respective business processes.
3. Third party landscape is fast evolving. Traditional third party management processes are no longer sufficient to manage third party risks. Organisations need to have complete situational awareness over third parties. For this to happen, organisations need to adopt more dynamic processes such as Due diligence, threat monitoring and threat intelligence sharing etc to gain situational awareness over third parties.
4. It is a fact that cyber attacks are inevitable. Most cyber incident response would involve close coordination with third parties. Organisations need to enhance their incident response playbooks to prepare for supply chain attacks. Organisations also need to conduct incident response exercises in coordination with third parties.
5. Customised and targeted security awareness training must be provided to all third parties who access the organisation's data or network. The training content should align with the risk levels the employees face.The increase in awareness across the enterprise will increase the quality and quantity of the cyber threat assessment.

Think about it! For more information write to our cybersecurity team at: isecurecyber@transformationplus.com