Cloud

2/5/2018
10:30 AM
Marc Wilczek
Marc Wilczek
Commentary
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail vvv
100%
0%

Mastering Security in the Zettabyte Era

Many businesses are ill-equipped to deal with potential risks posed by billions of connected devices, exponential data growth, and an unprecedented number of cyber threats. Here's how to prepare.

Digitization is in full swing. Gartner estimates that by end of this decade more than 7 billion people and businesses and nearly 35 billion devices will be connected to the Internet of Things (IoT) — the magic place that connects people, processes, data, and devices. The current population explosion on the IoT has been triggered by the development of IP-enabled devices, a rapid increase in global broadband availability, and the emergence of IPv6.

All this means that the world is entering into a new chapter — the zettabyte era — in which massive data fuels the economy. (A zettabyte equals 1,000 exabytes, or 1 billion terabytes.) According to Cisco's "2017 Annual Cybersecurity Report" (registration required), annual global IP traffic will reach 2.3ZB by 2020, a threefold increase over 2016. Two-thirds (66%) of it will be produced by wireless and mobile devices; wired devices will account for only 34%. The volume of global Internet traffic in 2020 will be a staggering 95 times greater than it was in 2005.

On the flip side of this global megatrend is the reality that the world is being exposed to an unprecedented number of cyber threats. After polling nearly 3,000 security professionals, Cisco says that many organizations still feel unprepared to cope with the radical implications resulting from the above. While 58% of respondents say their security infrastructure is up-to-date, a solid 37% do not share this enthusiasm and are more pessimistic.

Unparalleled Numbers of Endpoints
For 58%, the proliferation of mobile devices and sensors is a great concern; these devices will soon number five times the global population. Together they create an unparalleled number of endpoints that need monitoring and safeguarding. Data in the public cloud, cloud infrastructure as a whole, and negligent user behavior (each cited at 57%) are also top challenges to mitigating cyberattacks. Particularly, the exponential growth of third-party cloud applications is increasingly causing headaches. While some 20,400 third-party apps were deployed in October 2014, the number reached 108,000 in October 2015 and exceeded 222,000 by October 2016. More than a quarter of them (27%) are considered high risk, and another 58% are deemed to be medium risk. Only a mere 15% of these apps are seen as low risk.

Today, the average enterprise has more than 1,000 of these apps embedded into their IT landscape, with more than 20,000 different installations of them. Thanks to APIs, the vast majority of these apps have an excessive access scope, allowing them to communicate freely and potentially turn into loose cannons if something goes wrong. OAuth, for instance, is empowering the cloud space and numerous software-as-a-service (SaaS) platforms, but if it is compromised, it will also shortcut the path to the crown jewels — namely, gigantic data silos that only grow bigger by the hour.

Lackluster Risk Remediation
Missing talent, tools, or automated processes that help determine severity levels and root causes of a given alert might force security teams not to conduct an investigation. Yet, not responding to an alert is obviously a big risk. Cisco's research finds that, based upon a sample size of 2,796 alerts, a staggering 44% of all incidents were not investigated. Even worse, out of the remaining 56% that have been examined, less than half (46%) have been mitigated. In other words, a staggering 56% of legitimate alerts are hidden beneath a carpet, leading to potentially painful consequences. For example, according to the survey, of those organizations that encountered a breach, 49% had to deal with public scrutiny. Some 29% of respondents lost revenue due to attacks in the past year, and another 22% lost customers or business opportunities in the aftermath. Of that group, 38% said their revenue loss was 20% or higher.

To effectively combat cyber threats in the zettabyte era, security leaders must relentlessly prioritize security and focus upon prevention, detection, and mitigation. This must encompass policies, tight access controls, and mandatory encryption for data at rest, in motion, and in use. Since technology advances at lightning speed, it's also important to understand that the threat landscape is evolving permanently. Thus, policies and measures must be subject to constant review and enhancement. At the same time, security teams must progress from "running faster" to "running smarter." To accomplish this, it's key to reduce complexity by seeking stronger integration of the exiting tools and solutions, and to simplify operations through analytics and automation.

Related Content:

Marc Wilczek is a columnist and recognized thought leader, geared toward helping organizations drive their digital agenda and achieve higher levels of innovation and productivity through technology. Over the past 20 years, he has held various senior leadership roles across ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
Making the Case for a Cybersecurity Moon Shot
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  2/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-8980
PUBLISHED: 2019-02-21
A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.
CVE-2019-8979
PUBLISHED: 2019-02-21
Koseven through 3.3.9, and Kohana through 3.3.6, has SQL Injection when the order_by() parameter can be controlled.
CVE-2013-7469
PUBLISHED: 2019-02-21
Seafile through 6.2.11 always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks.
CVE-2018-20146
PUBLISHED: 2019-02-21
An issue was discovered in Liquidware ProfileUnity before 6.8.0 with Liquidware FlexApp before 6.8.0. A local user could obtain administrator rights, as demonstrated by use of PowerShell.
CVE-2019-5727
PUBLISHED: 2019-02-21
Splunk Web in Splunk Enterprise 6.5.x before 6.5.5, 6.4.x before 6.4.9, 6.3.x before 6.3.12, 6.2.x before 6.2.14, 6.1.x before 6.1.14, and 6.0.x before 6.0.15 and Splunk Light before 6.6.0 has Persistent XSS, aka SPL-138827.