Cloud

2/5/2018
10:30 AM
Marc Wilczek
Marc Wilczek
Commentary
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail vvv
100%
0%

Mastering Security in the Zettabyte Era

Many businesses are ill-equipped to deal with potential risks posed by billions of connected devices, exponential data growth, and an unprecedented number of cyber threats. Here's how to prepare.

Digitization is in full swing. Gartner estimates that by end of this decade more than 7 billion people and businesses and nearly 35 billion devices will be connected to the Internet of Things (IoT) — the magic place that connects people, processes, data, and devices. The current population explosion on the IoT has been triggered by the development of IP-enabled devices, a rapid increase in global broadband availability, and the emergence of IPv6.

All this means that the world is entering into a new chapter — the zettabyte era — in which massive data fuels the economy. (A zettabyte equals 1,000 exabytes, or 1 billion terabytes.) According to Cisco's "2017 Annual Cybersecurity Report" (registration required), annual global IP traffic will reach 2.3ZB by 2020, a threefold increase over 2016. Two-thirds (66%) of it will be produced by wireless and mobile devices; wired devices will account for only 34%. The volume of global Internet traffic in 2020 will be a staggering 95 times greater than it was in 2005.

On the flip side of this global megatrend is the reality that the world is being exposed to an unprecedented number of cyber threats. After polling nearly 3,000 security professionals, Cisco says that many organizations still feel unprepared to cope with the radical implications resulting from the above. While 58% of respondents say their security infrastructure is up-to-date, a solid 37% do not share this enthusiasm and are more pessimistic.

Unparalleled Numbers of Endpoints
For 58%, the proliferation of mobile devices and sensors is a great concern; these devices will soon number five times the global population. Together they create an unparalleled number of endpoints that need monitoring and safeguarding. Data in the public cloud, cloud infrastructure as a whole, and negligent user behavior (each cited at 57%) are also top challenges to mitigating cyberattacks. Particularly, the exponential growth of third-party cloud applications is increasingly causing headaches. While some 20,400 third-party apps were deployed in October 2014, the number reached 108,000 in October 2015 and exceeded 222,000 by October 2016. More than a quarter of them (27%) are considered high risk, and another 58% are deemed to be medium risk. Only a mere 15% of these apps are seen as low risk.

Today, the average enterprise has more than 1,000 of these apps embedded into their IT landscape, with more than 20,000 different installations of them. Thanks to APIs, the vast majority of these apps have an excessive access scope, allowing them to communicate freely and potentially turn into loose cannons if something goes wrong. OAuth, for instance, is empowering the cloud space and numerous software-as-a-service (SaaS) platforms, but if it is compromised, it will also shortcut the path to the crown jewels — namely, gigantic data silos that only grow bigger by the hour.

Lackluster Risk Remediation
Missing talent, tools, or automated processes that help determine severity levels and root causes of a given alert might force security teams not to conduct an investigation. Yet, not responding to an alert is obviously a big risk. Cisco's research finds that, based upon a sample size of 2,796 alerts, a staggering 44% of all incidents were not investigated. Even worse, out of the remaining 56% that have been examined, less than half (46%) have been mitigated. In other words, a staggering 56% of legitimate alerts are hidden beneath a carpet, leading to potentially painful consequences. For example, according to the survey, of those organizations that encountered a breach, 49% had to deal with public scrutiny. Some 29% of respondents lost revenue due to attacks in the past year, and another 22% lost customers or business opportunities in the aftermath. Of that group, 38% said their revenue loss was 20% or higher.

To effectively combat cyber threats in the zettabyte era, security leaders must relentlessly prioritize security and focus upon prevention, detection, and mitigation. This must encompass policies, tight access controls, and mandatory encryption for data at rest, in motion, and in use. Since technology advances at lightning speed, it's also important to understand that the threat landscape is evolving permanently. Thus, policies and measures must be subject to constant review and enhancement. At the same time, security teams must progress from "running faster" to "running smarter." To accomplish this, it's key to reduce complexity by seeking stronger integration of the exiting tools and solutions, and to simplify operations through analytics and automation.

Related Content:

Marc Wilczek is a columnist and recognized thought leader, geared toward helping organizations drive their digital agenda and achieve higher levels of innovation and productivity through technology. Over the past 20 years, he has held various senior leadership roles across ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Australian Teen Hacked Apple Network
Dark Reading Staff 8/17/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-15504
PUBLISHED: 2018-08-18
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than 11.
CVE-2018-15505
PUBLISHED: 2018-08-18
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. An HTTP POST request with a specially crafted "Host" header field may cause a NULL pointer dereference and thus cause a denial of service, as demonstrated by the lack of a trailing ']' character in an IPv6 a...
CVE-2018-15492
PUBLISHED: 2018-08-18
A vulnerability in the lservnt.exe component of Sentinel License Manager version 8.5.3.35 (fixed in 8.5.3.2403) causes UDP amplification.
CVE-2018-15494
PUBLISHED: 2018-08-18
In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid.
CVE-2018-15495
PUBLISHED: 2018-08-18
/filemanager/upload.php in Responsive FileManager before 9.13.3 allows Directory Traversal and SSRF because the url parameter is used directly in a curl_exec call, as demonstrated by a file:///etc/passwd value.