Industry experts point to Zero Trust (ZT) as an essential paradigm for businesses moving forward as recent cybersecurity reports confirm the rise of multiple and increasingly sophisticated cyber threats and reported attacks.
If we look at Malaysia, for example, despite its cybercrime index dropping slightly between 2019 and 2021, fraud and intrusion remain major threats. In addition, 2021 registered the highest number of DDoS attacks in the country within the last three years.
According to the Malaysia Computer Emergency Response Team, fraud and intrusion made up nearly 85% of incidents in 2021, up around 1% from 2020, while DDoS (distributed denial-of-service) attacks rose from 16% in 2020 to 22% last year.
Malaysia also recorded a total of 57.8 million virus attacks during the first quarter of 2022 (Q1 2022), which accounted for 1.14% of the total cyber-attacks around the globe, according to Fortinet.
Such news prompted renewed efforts by industry experts to point to zero trust (ZT) as an essential paradigm for businesses moving forward.
Defining Zero Trust (ZT)
Zero Trust is a security concept that assumes that no user or device should be trusted by default, even if they are inside the network perimeter. In a Zero Trust security model, every user and device must be verified and authenticated before they are granted access to network resources, applications, and data.
Incidentally, the US government’s National Institute of Standards and Technology (NIST) defines Zero Trust (ZT) ‘as an evolving set of paradigms that move defences from static, network-based perimeters to focus on users, assets, and resources’. Essentially, the ZT paradigm is driven by a set of Zero Trust principles that hinge on ongoing user and asset authentication, among other factors.
To dive deeper into ZT and into the country’s industries and critical infrastructure, we talked with industry veteran Dickson Woo, country manager, Fortinet Malaysia.
“Businesses in the region are faced with cyber adversaries and rising cyber risks whilst undergoing rapid digitalisation to scale growth and profitability,” he said.
The growth of AR, VR, and MR technologies creates new virtual spaces that can provide fertile ground for cybercrime. Virtual goods theft and biometric hacking are expected to become prevalent in these virtual cities.
Dickson adds that wiper malware is predicted to become a dominant form of cybercrime, commoditised for cyber-attackers and easily accessible through the dark web.
The CISO in 2023
“Businesses in the region are faced with cyber adversaries and rising cyber risks whilst undergoing rapid digitalisation to scale growth and profitability,” he said.
The growth of AR, VR, and MR technologies creates new virtual spaces that can provide fertile ground for cybercrime. Virtual goods theft and biometric hacking are expected to become prevalent in these virtual cities.
Dickson adds that wiper malware is predicted to become a dominant form of cybercrime, commoditised for cyber-attackers and easily accessible through the dark web.
“The role of CISOs [chief information security officers] is evolving in 2023 with a focus on proactive threat identification and prevention. This requires a shift in security strategies to protect the entire organisation, not just the IT department. As a result, CISOs are becoming executive-level decision-makers with the goal of making cybersecurity a crucial business enabler.”
“Moreover, CISOs face the challenge of balancing short-term and long-term benefits in their decisions. Taking shortcuts in security strategy may create vulnerabilities, so it’s important to deploy authentication technologies for secure access to critical resources,” he said, adding that the companies Zero Trust Network Access (ZTNA) solution is designed to provide such protection by hiding network traffic and assessing user/device identities, security posture and access rights.
Cybersecurity: a business enabler
In addition, Dickson said the whole practice of cybersecurity is moving to a new position today, in tandem with promulgating a cyber-conscious culture.
“Cybersecurity is gaining importance and taking centre stage as a business enabler. Facing new threat levels, employees may struggle to adjust to the changes in their work setting, leading to a decline in productivity.”
“It’s the organisation’s responsibility to educate employees on how these solutions can help them and how to use them efficiently,” he said, adding that the company’s security awareness training focuses on keeping employees both aware of and how to mitigate cyber risks.
ZT changing the game
Dickson went on to share use case examples to illustrate how the ZT model is helping to change the game.
To maximise the value of ZT, he advises that organisations should adopt a comprehensive ZTNA solution for all cloud environments, which simplifies security tech and operations.
“Teams should also communicate their security strategy to the entire organisation for proper incident response.”
Into an automated 4IR era
He further stressed that Zero Trust is a security strategy and not a solution in itself.
Setting up this model involves a security architecture, or framework, that needs all users – whether inside or outside a network – to be authenticated, authorised and validated on a rolling basis.
From a 4IR (4th Industrial Revolution) perspective, OT (operational technology) security is vital for critical infrastructure security and the economy. OT is usually a combination of hardware and software used to monitor and manage physical devices.
“OT systems rely on IT technologies, making them vulnerable to cyber-attacks. Attacker tactics are also evolving, making it easier for them to target businesses.
Dickson added that “If a device is compromised, security fabrics can deliver automated processes to minimise impact and bring systems back online quickly.”
Cybersecurity experts pointed out that in an increasingly automated landscape, organisations need to implement comprehensive security fabrics that provide visibility, prevention and assess compromised devices. AI-driven threat intelligence and integration with security infrastructure will allow organisations to assess their network risk.
Malaysia’s announcement of a National Robotics Roadmap last year is a further spur to secure devices against threats.
Covering the attack surface
Best practices recommend that organisations can reap various benefits by securing their attack surface with a broad, integrated and automated cybersecurity solution.
Working with the right solutions and technology partners, CISOs can identify high-risk areas that need to be tested for vulnerabilities and detect unmanaged devices that access sensitive company resources.
IT and security teams can then assess the security posture of each asset and think like an attacker to determine which ones are likely to be targeted, as well as detect vulnerabilities like configuration errors, SSL (secured socket layer) certificate issues, exposed ports, and leaked credentials.
Another aspect of best practices is to cover the entire digital surface attack area and stay ahead of the constantly changing threat landscape; organisations should analyse security incidents and receive effective remediation strategies to prevent similar incidents from happening.
These solutions can also map out exposed digital assets per country, allowing teams to prioritise devices or files that need the most attention.
Finally, ongoing comparative reporting enables IT and security teams to measure their threat mitigation strategies in real-time. They can view changes in their attack surface, remediation trends, and historical data and fine-tune their security program for better results. This comprehensive solution provides a clear view of the organisation’s security posture and helps to ensure long-term business operations protection.
Choosing the best partners
In a previous interview – Securing Malaysia’s adoption of robotics against attacks– Dickson emphasised the important role in cybersecurity held by infrastructure players such as telcos.
Interestingly, an earlier Disruptive.Asia article, covering an industry leadership forum hosted by Telekom Malaysia’s enterprise and business solutions arm TM One, much of the discussion highlighted that frontier technologies – such as AI, machine learning and more responsive, pervasive cloud platforms – are triggering increasing disruption of multiple industries. A key recommendation was to work with skilled technology partners to review an organisation’s security playbook.
When asked about how to choose the best partners, Woo suggested: “Organisations should evaluate if security providers can identify assets, classify them, and prioritise based on value, segment the network dynamically, analyse traffic for threats and vulnerabilities and secure both wired and wireless access. These are all crucial elements of proactively limiting risk in OT networks.”
“Infrastructure players such as Telekom Malaysia (TM) have taken tremendous efforts to empower and strengthen the cybersecurity posture in Malaysia. TM has signed a Memorandum of Collaboration (MoC) with CyberSecurity Malaysia as they understand the importance of security in the digital economy.”
“Their role will see them protecting and fending off threat actors that look to bring down businesses in the public and private sectors.”
Telecom companies are usually targets of attacks
He added that telecom companies are usually targets of attacks as they control and operate critical infrastructure.
“As a result, it is vital for telecom companies to harness best-in-class cyber security solutions to better detect, respond and control increasingly sophisticated threats that emerge as we move towards next-generation technologies like 5G.”
During a CYDES conference, TM experts shared insights on the value of implementing ZT to guard against cybersecurity challenges.
Confirming that malware is becoming increasingly sophisticated, Raja Azrina Raja Othman, speaking as TM’s chief information security officer, pointed to the energy sector, a key aspect of a country’s critical national infrastructure, has seen major malware used persistently.
“Perimeter defences and network segmentation remain highly relevant,” explained Raja Azrina. “Segmentation helps to restrict access from one system to another, reducing the attack surface that hackers can target, and containing breaches as they occur.”
Time is of the essence
Time is of the essence, and APAC will stand to reap the rewards of intensifying efforts to move towards Zero Trust, Fortinet advises.
In fact, a global survey by Fortinet found that the most significant benefits organisations gained with a zero trust strategy were “security across the entire digital attack surface” and ongoing authentication and monitoring. Respondents indicated they understand Zero Trust (77%), and over 80% reported already having a zero-trust strategy in place or in development.
Yet, over 50% indicated being unable to implement core Zero Trust capabilities, and nearly 60% indicated they do not have the ability to authenticate users and devices on a continuous basis.
Looking ahead, Dickson advised that “Organisations need to protect themselves from these new attack trends by integrating a cybersecurity mesh platform with the latest threat intelligence. This platform will provide a holistic solution to protect business operations and resources, ensuring organisations remain competitive and secure in the future.”
“In 2023, the global cyber landscape, including Malaysia, will face new attack trends. One such trend is the rise of Cybercrime-as-a-Service (CaaS) models, where amateur attackers will purchase a-la-carte services like data theft and DDoS attacks,” he concluded. “Money laundering is also expected to increase with the integration of machine learning to recruit money mules and may eventually become part of the CaaS portfolio.”
Be the first to comment