Cloud

2/5/2018
10:30 AM
Marc Wilczek
Marc Wilczek
Commentary
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail vvv
100%
0%

Mastering Security in the Zettabyte Era

Many businesses are ill-equipped to deal with potential risks posed by billions of connected devices, exponential data growth, and an unprecedented number of cyber threats. Here's how to prepare.

Digitization is in full swing. Gartner estimates that by end of this decade more than 7 billion people and businesses and nearly 35 billion devices will be connected to the Internet of Things (IoT) — the magic place that connects people, processes, data, and devices. The current population explosion on the IoT has been triggered by the development of IP-enabled devices, a rapid increase in global broadband availability, and the emergence of IPv6.

All this means that the world is entering into a new chapter — the zettabyte era — in which massive data fuels the economy. (A zettabyte equals 1,000 exabytes, or 1 billion terabytes.) According to Cisco's "2017 Annual Cybersecurity Report" (registration required), annual global IP traffic will reach 2.3ZB by 2020, a threefold increase over 2016. Two-thirds (66%) of it will be produced by wireless and mobile devices; wired devices will account for only 34%. The volume of global Internet traffic in 2020 will be a staggering 95 times greater than it was in 2005.

On the flip side of this global megatrend is the reality that the world is being exposed to an unprecedented number of cyber threats. After polling nearly 3,000 security professionals, Cisco says that many organizations still feel unprepared to cope with the radical implications resulting from the above. While 58% of respondents say their security infrastructure is up-to-date, a solid 37% do not share this enthusiasm and are more pessimistic.

Unparalleled Numbers of Endpoints
For 58%, the proliferation of mobile devices and sensors is a great concern; these devices will soon number five times the global population. Together they create an unparalleled number of endpoints that need monitoring and safeguarding. Data in the public cloud, cloud infrastructure as a whole, and negligent user behavior (each cited at 57%) are also top challenges to mitigating cyberattacks. Particularly, the exponential growth of third-party cloud applications is increasingly causing headaches. While some 20,400 third-party apps were deployed in October 2014, the number reached 108,000 in October 2015 and exceeded 222,000 by October 2016. More than a quarter of them (27%) are considered high risk, and another 58% are deemed to be medium risk. Only a mere 15% of these apps are seen as low risk.

Today, the average enterprise has more than 1,000 of these apps embedded into their IT landscape, with more than 20,000 different installations of them. Thanks to APIs, the vast majority of these apps have an excessive access scope, allowing them to communicate freely and potentially turn into loose cannons if something goes wrong. OAuth, for instance, is empowering the cloud space and numerous software-as-a-service (SaaS) platforms, but if it is compromised, it will also shortcut the path to the crown jewels — namely, gigantic data silos that only grow bigger by the hour.

Lackluster Risk Remediation
Missing talent, tools, or automated processes that help determine severity levels and root causes of a given alert might force security teams not to conduct an investigation. Yet, not responding to an alert is obviously a big risk. Cisco's research finds that, based upon a sample size of 2,796 alerts, a staggering 44% of all incidents were not investigated. Even worse, out of the remaining 56% that have been examined, less than half (46%) have been mitigated. In other words, a staggering 56% of legitimate alerts are hidden beneath a carpet, leading to potentially painful consequences. For example, according to the survey, of those organizations that encountered a breach, 49% had to deal with public scrutiny. Some 29% of respondents lost revenue due to attacks in the past year, and another 22% lost customers or business opportunities in the aftermath. Of that group, 38% said their revenue loss was 20% or higher.

To effectively combat cyber threats in the zettabyte era, security leaders must relentlessly prioritize security and focus upon prevention, detection, and mitigation. This must encompass policies, tight access controls, and mandatory encryption for data at rest, in motion, and in use. Since technology advances at lightning speed, it's also important to understand that the threat landscape is evolving permanently. Thus, policies and measures must be subject to constant review and enhancement. At the same time, security teams must progress from "running faster" to "running smarter." To accomplish this, it's key to reduce complexity by seeking stronger integration of the exiting tools and solutions, and to simplify operations through analytics and automation.

Related Content:

Marc Wilczek is a columnist and recognized thought leader, geared toward helping organizations drive their digital agenda and achieve higher levels of innovation and productivity through technology. Over the past 20 years, he has held various senior leadership roles across ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Mozilla, Internet Society and Others Pressure Retailers to Demand Secure IoT Products
Curtis Franklin Jr., Senior Editor at Dark Reading,  2/14/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-8933
PUBLISHED: 2019-02-19
In DedeCMS 5.7SP2, attackers can upload a .php file to the uploads/ directory (without being blocked by the Web Application Firewall), and then execute this file, via this sequence of steps: visiting the management page, clicking on the template, clicking on Default Template Management, clicking on ...
CVE-2019-7629
PUBLISHED: 2019-02-18
Stack-based buffer overflow in the strip_vt102_codes function in TinTin++ 2.01.6 and WinTin++ 2.01.6 allows remote attackers to execute arbitrary code by sending a long message to the client.
CVE-2019-8919
PUBLISHED: 2019-02-18
The seadroid (aka Seafile Android Client) application through 2.2.13 for Android always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks.
CVE-2019-8917
PUBLISHED: 2019-02-18
SolarWinds Orion NPM before 12.4 suffers from a SYSTEM remote code execution vulnerability in the OrionModuleEngine service. This service establishes a NetTcpBinding endpoint that allows remote, unauthenticated clients to connect and call publicly exposed methods. The InvokeActionMethod method may b...
CVE-2019-8908
PUBLISHED: 2019-02-18
An issue was discovered in WTCMS 1.0. It allows remote attackers to execute arbitrary PHP code by going to the "Setting -> Mailbox configuration -> Registration email template" screen, and uploading an image file, as demonstrated by a .php filename and the "Content-Type: image/g...