It's fair to say that 2020 held some unique challenges, but 2021 will have its own hurdles. These are the top five
challenges facing CISOs as we move into the new year.
To generate this list, we combed through internal Silent Breach data from 2020, discussions with clients and industry leaders, as well as a holistic review of
global trends, technologies, and threats.
As the global economy shifted into lockdown last spring, millions of businesses were forced to transition virtually overnight to remote work. Consequently, the
usual network and endpoint protections that had served as the frontline defense were no longer sufficient. Employees now work off of home WiFi networks, personal
devices, and under unsupervised, and therefore ungovernable, conditions.
As we turn toward 2021, it seems that remote work is here to stay, at least for the near future. According to the latest McKinsey estimates, US workers overall
will spend up to 40% of their time working from home, while those in the finance, information, and management sectors could spend up to 80% of their time working
remotely. Over the last 6 months, CISOs have taken steps to address these security gaps, but securing remote working conditions will remain a major challenge for
the cybersecurity industry throughout 2021.
Recommendations: Remote workers are particularly susceptible to social engineering attacks, outdated software usage, and weak password policies. Review
Silent Breach's Cybersecurity Survival Guide for Remote Working for a list of mitigation tips.
The global migration to the cloud is perhaps nothing new, but it also shows no signs of slowing. The cybersecurity landscape has become incredibly complex,
and cloud security has been continuously evolving to keep up with emerging threats. To cite just one example, the Cloud Hopper attack, widely believed to be
the work of the Chinese government, infected at least a dozen cloud providers hosting sensitive data for multinationals like Philips, American Airlines, Deutsche
Bank, Allianz, and GlaxoSmithKline.
According to Andrew Miller, of Quantum Armor, "Robust cloud security is key to any effective cybersecurity strategy. Accordingly, and in collaboration with our
partners and clients, we've developed our products to not just be cloud-friendly, but perhaps more importantly, to be cloud-centric. We believe that having a
secure cloud environment at the heart of your organization's cybersecurity program will, with the correct tools, improve your ability to monitor, predict, and
adapt to most security events."
Recommendations: This is where the regular slate of configuration reviews, architecture audits, hardening exercises, and tactical coaching will come in
handy. Alternatively, consider outsourcing these exercises to a managed security partner. Finally, continuous monitoring platforms, such as Quantum Armor, are
now available to provide in-depth monitoring, auditing, and analytics across your cloud environments.
Supply Chain Attacks
While the recent SolarWinds attack was certainly the most dramatic security breach of the year, it was far from being the sole victim. In fact, we'd need an
entire article just to detail this year's largest cybersecurity breaches.
What's clear, though, is that supply chain attacks (like the SolarWinds hack) exponentially increase the potential scope and impact of a given attack. In this
case, a malicious script embedded in a SolarWinds update granted hackers access to hundreds of organizations (ranging from government agencies, Fortune 500
companies, and IT providers) around the globe.
As organizational software stacks expand, and application dependencies multiply, the technological landscape is growing tightly integrated. Opportunities for
malicious activities are growing along with them and, as the saying goes, a chain is only as strong as its weakest link.
Recommendations: Aside from ensuring that all of your dependencies and software are up-to-date, we recommend enrolling in a managed incident response
program. This ensures that in the event of a compromised product, you'll have access the latest IOCs, forensics, and mitigation techniques.
There is an incredible abundance of data, but not nearly enough time and human capital to interpret it all. The challenges that organizations are facing, as we
move into 2021, will be centered around data analytics. Those who excel here will be able to stay ahead of the curve and have far more visibility into their
network's health, activity, and needs, while those whose analytics lag behind will quite literally be drowning in meaningless data.
Building out your organization's AI/ML capabilities will be key here. Industry reports indicate that investments in AI/ML-powered security solutions will increase
by double digits compared to 2019. For example, here at Silent Breach, we've developed a tool that combs through numerous threat intelligence sources
(from security agencies like NATO, dark web data dumps, and IOCs from our industry partners) and cross-references these against our clients' cloud logs.
This way, rather than employing a small army of analysts, our clients wake up each morning to a secure, actionable, and catalogued list of only the most relevant
Recommendations: Depending on the size and needs of your organization, consider shifting a greater portion of your budget to developing an analytics
strategy. Alternatively, outsource these responsibilities to a reputable MSSP. Often, a hybrid model, where a trusted security partner helps compliment your
in-house resources, is the way to go.
Growing Attack Surface
Unfortunately, organizations across nearly every sector are still struggling to secure their public-facing applications. In 2020, for example, Silent Breach
security consultants found that 92% of web applications tested contained serious or critical security flaws. In particular, we recently reported that 97 of the
100 largest airports are similarly compromised.
About Silent Breach: Silent Breach is an award-winning provider of cyber security services. Our global team provides cutting-edge insights and expertise across the Data Center, Enterprise, SME, Retail, Government, Finance, Education, Automotive, Hospitality, Healthcare and IoT industries.
A major contributor to this trend lies in the fact that, for most organizations, the attack surface is only growing. CISOs are finding that they must defend
against cyberattacks on multiple fronts: web, mobile, social, physical, wireless, cloud, and insider, to name just the most obvious.
Recommendations: While penetration tests, vulnerability assessments, and attack surface monitoring tools like Quantum Armor will help uncover your
weakest links, without corporate buy-in and a company-wide cybersecurity awareness, technical fixes will only go so far. Here, regular training workshops
are crucial; not only to provide the necessary skills and knowledge, but perhaps more importantly, to instill a culture of security and responsibility throughout