Cybersecurity is the number one risk facing companies today.
So much so that the World Economic Forum (WEF) rated it as such last year, and 2018 looks to be no different.
We caught up with Thomas following the event and spoke more about Dimension Data’s report. In particular focusing on the EMEA (Europe, Middle East and Africa) region to find out what the threat landscape of the past year has been like, and why.
Hypertext: You recently spoke at the IDC IT Security Summit here in Johannesburg. What was that like?
Mark Thomas: It was fantastic. The audience in attendance was truly engaged.
I spoke about how digital transformation is being impacted by the global threat landscape. Following that I presented at a handful of roundtables and had the change to interact with representatives from across the EMEA region as we try to deal with growing global cyber threats.
Hypertext: In Dimension Data’s joint threat landscape report with NTT Security, cybersecurity is the number concern for organisations. Does that pertain to large corporates as well as SMEs and startups?
Mark Thomas: Yes, absolutely.
I think at the moment given what has happened in the cybersecurity space over the past couple of years it’s a major concern. The WEF has also listed it among the top three risks facing the world at the moment.
It’s also become more prevalent in the media for example, with two high-profile ransomware campaigns, Wannacry and Bad Rabbit, last year. All of these kinds of infections get taken note of, and they begin to be reported on TV, radio and of course online.
Everyone was talking about cybersecurity and its impact on the business.
This in turn raises the profile of cybersecurity and businesses don’t want to be the ones being reported on.
Hypertext: Diving deeper into your report, and looking at the EMEA region, businesses and professional services were the most targeted (20 percent). Why was that the case?
Mark Thomas: I think this refers back to supply chain attacks.
Business and professional services include the likes of accounting agencies, legal firms and consultancies.
These types of organisations tend to outsourced, whereby if an adversary were to target an individual in consulting for example, a consulting company has access to hundreds if not thousands of clients. There’s also various intellectual property that’s available to access.
Instead of targeting the business directly, it’s the supply chain which is being targeted. From there, being able to steal data like trade secrets, blueprints and references is more easily achieved as it affords attackers the chance to better see what is happening in an organisation.
By attacking one, you get access to many, which why this particular segment has been targeted in the EMEA region so heavily.
Hypertext: Sticking with EMEA the technology sector saw a significant increase in attacks (25 percent). Why was there such a rise in this region in particular?
Mark Thomas: When it comes to the technology sector, a lot of the value for attackers lies in the intellectual property that these companies have.
Technology organisations involve a lot of research and development, and from a competitive advantage standpoint being first to market is one of the ways they can gain a larger revenue share.
Unfortunately being first to market also opens the technology organisation up to attacks, as security is often pushed to the back burner as they try to get the solutions and services into the marketplace before competitors.
If new technologies are created, security often tends to get left off until the last-minute.
This therefore means that the adversaries are honing in on that and adapting their attacks in order to better exploit those vulnerabilities.
In turn the technology sector becomes more at risk than others in the threat landscape.
Hypertext: Does that mean that the technology sector is more vulnerable than others by nature?
Mark Thomas: No I don’t think so.
A lot of companies are beginning to evolve digitally and their digital footprint is increasing.
What makes the technology sector particularly vulnerable is its approach to security. They are starting to get more “exposed” simply by the nature of the business that they are in.
Yes, they have more technology deployed in the market than others, but the risk landscape affects everybody.
If you look at the financial services for example, globally they are number one at 26 percent of all attacks. They’re opening new communications and channels to engage with the customer. So as any organisation undergoes a digital transformation, the risk is always there.
Hypertext: Do you think the technology sector’s view of security when bringing offerings to market will change in future?
Mark Thomas: That will only happen when security and privacy become part of the design.
Security will only be less of a risk when it is front of mind across the organisation, for every project and new piece of innovation.
Furthermore if security is left off until the last-minute, it also becomes more costly to resolve. That’s why it’s less expensive to think about security from a project’s inception, than do so when the project is nearly complete.
That in itself should be a source of competitive advantage when you think about the reliability of a product or the scalability of a business.
Hypertext: Is it your opinion then that attacks in the technology sector will decrease next year?
Mark Thomas: When it comes to the technology sector I think it will actually increase.
I say that because it’s been the trend that we [Dimension Data] have been seeing from year-to-year.
It’s also something that we’ve seen for most of the regions.
Regardless of where you look, the technology sector is a popular target, and that’s because their digital footprint is increasing far faster than other sectors.
Hypertext: Looking at malware, why do think ransomware (29 percent) was the go-to method used by attackers in the EMEA region?
Mark Thomas: Well this can be attributed in large part to the two aforementioned ransomware attacks of last year.
Wannacry impacted more than 200 000 systems and Bad Rabbit, also referred to as NotPetya, affecting a vast number of companies across Europe.
That’s why we tended to see such a high prevalence of ransomware attacks across the region, with 29 percent for EMEA compared to 7 percent for the rest of the globe.
Added to this is the leveraging of machine learning, with adversaries building it into their malware to devastating effect.
It poses a significant problem moving forward, which is why organisations need to ensure that they have the right security controls to help minimise that risk.
Hypertext: Looking at 2019, what kind of threat trends is Dimension Data anticipating seeing?
Mark Thomas: Yes, I think malware will continue to be an ongoing source of threat.
I was at DEF CON recently and I saw that the threat adversaries are engaging machine learning and deploying that to their tool sets, as they look to bypass traditional security measures. And they’re being very effective at that.
We’re also seeing a significant rise in crypto mining, with agents being deployed in cloud environments.
I think we’ll start seeing some data around those threats from Dimension Data and NTT during next year’s report.
To find out more about Dimension Data’s NTT Security 2018 Global Threat Intelligence Report, or to download it, head here.
[Image – CC 0 Pixabay]