Thomas Fikentscher, Regional Director A/NZ, CyberArk, tells Intelligent CIO how organizations in the APAC region should respond to protect their critical data and assets.
On June 19, in front of national and global media, Australian Prime Minister Scott Morrison made clear that, in the face of mounting evidence of on-going state-sponsored cyberattacks on Australia’s public bodies and academia, national cyberdefenses needed to dramatically step up.
Subsequently, the 2020 Cybersecurity Strategy has made it clear that the Government plans to introduce cybersecurity regulations for corporations. Other major economies in APAC have already made similar moves; Singapore, for instance, created an information hub for critical infrastructure security in 2019.
But what exactly are the threats that we need to defend against? AV-TEST Institute registers over 350,000 new malicious programs, malware and unwanted programs per day. The good news is that it doesn’t really matter how many external threats there are.
The most ‘successful’ attacks in recent years, from NotPetya and WannaCry to Mirai, generally have a first-mover advantage of some kind. They take advantage of existing, unknown and/or unpatched software vulnerabilities or find unsecured pathways into personal computers or networks.
In a scenario like this, your anti-malware defenses being up-to-date won’t be effective protection. Equally, all the endpoint protection in the world won’t stop a phishing attack on an executive or a highly-privileged member of your IT infrastructure team, and phishing remains a key piece of weaponry for attackers, featuring in 22% of breaches reported in Verizon’s 2020 Data Breach Investigations Report.
How, then, should APAC organizations respond and step up to protect their critical data and assets?
The first step is to stop wasting energy on attempting to prevent all attacks. This will only perpetuate the failing perimeter defense model; a model that has been with us, unchanged, even as the environment has evolved around us.
The reality is that the perimeter as-was no longer exists and thus cannot be effectively defended. Instead, forward-looking IT leadership focuses security strategy on being able to contain attacks that threaten critical data and assets.
This is particularly important in the context of the pandemic-driven new normal and our Digital Transformation as a whole. As more of what we do as consumers move online and as companies adopt Software-as-a-Service tools with their own security settings and user privileges, we create more reasons and more targets for attackers to go after as they aim to get a foothold into organizations.
In particular, there is a need to focus on securing identity since it now defines the organizational perimeter. If attackers can steal the credentials associated with an employee or customer identity, they have a way in to an organization’s infrastructure. More importantly, they are then far more likely to be able to find and compromise the real prize: the privileged credentials that are the pathway to the critical data and assets they are after.
Businesses in APAC must focus less on the ‘who’ is conducting an attack, and more on the ‘how’. ‘How’, in this case, is how to protect critical data and assets. Attribution is a political issue – one that is better handled by governments. What should concern us is whether we’re securing what is really important to the organization.
Note from editor: The Gartner 2020 Magic Quadrant for Privileged Access Management can be viewed here
Click below to share this article