Friday, March 23, 2018

Reinvent yourself or die... also in cybersecurity

Maybe the title of this blog seems to us a topic in these times, where all companies are immersed in processes of digital transformation and where technological advances have an immediate impact on society. Maybe this relationship is logical, but today we are going to focus on how the "evil ones" are striving to renew their bad arts, as we have seen throughout this week, full of news relevant to the cybersecurity sector.

Undoubtedly, one of the news related to our sector that has had the most impact (even in general media) has been the "discovery" that Cambridge Analytica tried to influence US voters during the last presidential elections using information compiled from 50 million Facebook users. This leak has led the dismissal of the director of the company, a significant loss of confidence of Facebook users in its social network (giving rise to the #DeleteFacebook movement) and an important drop in the stock market valuation of the Zuckerberg’s company, as well as the loss of important advertisers.

We have already spoken in other posts of the growing importance of ransomware, both by the number of attacks suffered by companies, as well as the sophistication and variety of them. Certainly, the fact that it is one of the most profitable and easy to perform cybercrime modalities has had a lot to do with its evolution to more complex incidents, which increase the insecurity of companies and users.

Within this environment of constant renewal of threats it is framed the growing need to update the knowledge (and also the members) of the cybersecurity teams, since each technological or social engineering progress usually leads to the need to have profiles specialized to deal with this type of threats and can be integrated into existing structures.

Not all bad news, there have also been significant steps towards an action that we have been claiming from these pages for a long time: the generation of collaborative environments where all cybersecurity professionals can contribute knowledge and experiences that help us face the new threats , as IBM has stated with its Security Community.

Surely, this has been a big step, but it's not just about collaborati0n. It is also necessary to improve the tools with which Infosec professionals count on to carry out their work, constantly renewing the methodologies and incorporating the learning obtained from each new attack. For example, the latest WAN study recommends prioritizing functionality over convenience, simplifying existing networks to make them easier to defend.

In summary, this has been an interesting week, where the community has been able to hear about new attack vectors used by cybercriminals, new threats to the privacy of users, the use of information (real or false) with the objective to manipulate the society and new threats and vulnerabilities, although we are left with positive advances in the improvement of security and also in the increased cooperation of institutions and professionals to make the Internet a bit more secure.


Post a Comment