The optimism that should have greeted the dawn of a new decade was overshadowed by the impact COVID-19 had on businesses in Hong Kong and around the world. One impact was the tremendous surge in telecommuting as millions of employees logged in remotely to access company servers via Wi-Fi networks.
Unfortunately, cybercriminals were quick to recognise the multiple new attack vectors that an expanded remote workforce presented and launched a combination of sophisticated attacks exploiting the COVID-19 panic and social engineering targeting healthcare and other verticals.
Many companies in the past decade sought to bolster their cybersecurity posture by investing in multiple best-of-breed point solutions, creating a broad and disparate defensive system ecosystem.
What has become abundantly clear is that businesses will need to up their game if they are to survive the onslaught of new and sophisticated attacks during this current crisis and beyond. Only by taking a proactive approach to cybersecurity will organisations be able to protect their networks and assets wherever their employees access the network.
Here are four developments that define how organisations can prepare for 2020 and beyond:
1. The mistakes of 4G may carry over to 5G
With telecommuting looking increasingly likely to become the new normal for many industries, the promised lightning speed, increased reliability and low latency of 5G will be welcomed by enterprises and employees alike.
However, 5G is built on the foundation of 4G, meaning that the same security threats that were present then will likely be magnified further. Any existing 4G security risks that exist today will therefore roll over into the 5G era, and mobile internet service providers may well be the first point of failure during a cyberattack, causing critical services from healthcare to banking, grinding to a halt.
2. The Internet of Things will become a minefield
Exciting developments in the Internet of Things (IoT) will result in billions of connected devices proliferating throughout networks across the world.
However, if left unsecured, these connected devices provide multiple entrance points to corporate networks particularly as there is a growing trend for cyberattackers to use sophisticated deepfake technology. This and other technologies enable attackers to mimic biological identifiers, thus reducing the effectiveness of multifactor authentication, and biometric identification.
In many organisations, unsecured IoT devices are already in place, creating a potential minefield of security ‘explosions’ that could go off at any time; particularly in healthcare IT environments where cyber hygiene may be less of a priority in the current health crisis. Some organisations are beginning to adopt a “secure by design” approach with security built in from the start.
3. Embracing AI to get ahead
With attackers embracing automation and artificial intelligence (AI) to launch attacks, cybersecurity professionals must leverage AI-driven solutions to stay ahead in the detection and remediation of anomalies in network behaviour at phenomenal speeds.
With many businesses currently in ‘survival mode’ and coronavirus-themed attacks becoming common, organisations must ensure they have the right AI solutions in place to allow their people to focus on areas where they can have maximum impact.
4. Security will influence the next generation of tech
Baking security into products from the beginning is the only way forward especially with Hong Kong’s soaring appetite for digital financial services and e-commerce. This approach means new apps and devices will be secured before they reach the user. This emphasis on security will become the constant thread running through all phases of development.
Despite the best efforts and advanced technologies, there are always likely to be gaps in an organisation’s security posture. It is essential that security professionals understand what the organisation’s crown jewels are and protect them effectively.
In this new world of cybersecurity, the threat landscape will continue to evolve and have a profound impact on the way security infrastructure is designed. Just as there are concerted efforts to step-up personal hygiene practices, the same should be applied and maintained at the same level of vigilance when it comes to digital security.
Written by Wickie Fung, Managing Director Hong Kong and Macau, Palo Alto Networks