BrainBlog for Tanium
The post-pandemic reality. Macroeconomic turbulence. Explosive technology innovations. Generational shifts in technological expectations. All these forces and more drive rapid, often confusing change in organizations large and small.
With every such change comes opportunity – for bad actors looking to game the system. Cybersecurity cannot stand still, or the waves of innovation will overrun the shores.
Adversaries continue to innovate. Keeping up – and hopefully, staying ahead – presents new challenges. Here is a short list of recent considerations for CIOs as they work with their teams to shore up their defenses.
Multifactor authentication fatigue and biometrics shortcomings
Multifactor authentication (MFA) is a popular technique for strengthening the security around logins. With MFA, the web site or application will send a text message or push notification to the user with a code to enter along with their password.
MFA fatigue or ‘push phishing’ is a popular hack that targets MFA by repeatedly sending the user superfluous, malicious MFA notifications in hopes they inadvertently accept one or simply click to stop the annoying flood of messages.
In other cases, MFA includes a biometric step – reading a fingerprint, scanning a face, and the like. Users appreciate the convenience of biometrics, but they have their flaws as well.
Sometimes they simply don’t work, perhaps due to a change in contact lenses or a new tattoo. Any spy thriller aficionado will also know it’s possible to ‘steal’ someone’s fingerprint or facial image – and once an individual’s biometric is compromised, there’s no way to change it the way we change passwords.
Security implications of ChatGPT and its ilk
ChatGPT and other generative AI technologies have taken the world by storm, but the combination of their sudden popularity and a general lack of understanding of how they work is a recipe for disaster.
In reality, generative AI presents a number of new and transformed risks to the organization. For example, ChatGPT is eerily proficient at writing phishing emails – well-targeted at particular individuals and free from typos.
A second, more pernicious risk is the fact that ChatGPT can write malware. Sometimes the malware has errors, but with simple repetition the hacker can generate multiple working versions of the code. Such polymorphic malware is particularly hard to detect, because it may be different from one attack to another.
Securing the software supply chain
The Log4j vulnerability that reared its ugly head in late 2021 showed a bright light on the problem of software supply chain security.
Most commercial enterprise software products and nearly all open-source ones depend upon numerous software packages and libraries. Many of these libraries are themselves open-source and depend upon other libraries in a complex network of opaque interdependencies.
Some of these components have professional teams that test and maintain them, releasing security patches as needed. Other open-source components are the result of some lone developer’s moonlighting activities from years past.
For each open-source component in your entire IT infrastructure, which are the well-maintained ones and which are the forgotten work of hobbyists? And how do you tell?
Getting ahead of the ransomware gangs
Ransomware is big business for the criminal gangs who have figured out how to capitalize on it. The malware itself is easy to buy on the Dark Web. In fact, there’s a veritable bazaar of ransomware variations, as hackers maneuver to create the most pernicious version.
From the enterprise side, the ransomware problem is multifaceted and dynamic. The malware itself continues to evolve, as do the criminal strategies of the perpetrators.
The most familiar strategy – encrypting files on servers and then demanding a ransom for the decryption key – is but one approach among many. Other attackers steal data and threaten to release it to the public. Another angle is to target the victim’s backups.
No list of strategies and techniques does the ransomware problem justice, as the bad guys continue to innovate. CIOs and CISOs must remain eternally vigilant.
Managing costs while supporting digital transformation
The Covid pandemic accelerated many enterprise digital transformation initiatives as executives struggled to meet the suddenly changing needs of both customers and employees.
Today, economic challenges generate digital transformation headwinds as the needs of customers and employees change once again to address post-pandemic realities.
Cybersecurity budgets are typically caught between these two forces. Given the importance of meeting customer needs on limited resources, how important is cybersecurity?
It’s vitally important, of course – but it’s only one of the many risks CIOs must mitigate. Other risks include operational risk (the risk of downtime), technical debt risk (the risk of failures of legacy technologies), as well as compliance risk.
There’s never enough money to drive all these risks to zero – so how should executives decide which risks to mitigate, and how much money and time to spend mitigating them?
Organizations must be able to engineer comprehensive risk management that quantifies each type of risk and establishes risk targets that conform to budgetary and human resource limitations.
This ‘threat engineering’ gives CIOs a justifiable approach to making cybersecurity expenditure decisions while also mitigating the other risks facing the IT organization.
Advice Moving Forward
This article highlights modern security trends for CIOs that weren’t on anybody’s radar as little as five years ago. Five years from now, the list might once again be entirely different.
Such is the nature of cybersecurity risk management. The risks continue to evolve as adversaries improve their strategies. CIOs must remain vigilant while they leverage state-of-the-art cybersecurity tools and strategies to keep one step ahead of the bad guys.
© Intellyx LLC. Tanium is an Intellyx customer. Intellyx retains final editorial control of this article. No AI was used in the production of this article. Image credit: Matt P.
Comments
Comments are closed.