It may be well-understood that cybersecurity needs to be front and center in all technology projects, but organizations are still slow or hesitant to fully commit to it. This is becoming a problem for data-intensive organizations, which need to brace for an onslaught of both external and internal threats.
Only about one-half of organizations are beginning to recognize how important cybersecurity is from the start in any transformation effort, an Accenture survey of 3,000 executives shows.
Fifty-three percent said that cybersecurity is part of the core transformation team, and the same percentage said that cybersecurity is required before any solution is deployed. Accenture researchers recommend that enterprises “require cybersecurity controls before all new solutions are deployed,” and that they “apply cybersecurity incrementally as each digital transformation milestone is achieved.”
As a result of fast-moving advances in corporate technology, ensuring cybersecurity represents a whole new ball game from even just a few years ago, industry leaders agree.
A CHANGING THREATSCAPE
Threats are coming from both the outside and inside of enterprises. “The cybersecurity landscape has evolved substantially over the past 5 years,” said Allen Ureta, managing director at Deltamine. “Attackers have grown more sophisticated, targeting specific industries or organizations for maximum impact. The interconnected nature of technologies has expanded the attack surface, offering cybercriminals more entry points.”
With these more dispersed infrastructures, “threats have grown in intensity,” said Sharad Varshney, CEO of OvalEdge. “The explosion of cloud technologies and high adoption of business applications have significantly increased the danger of software misconfigurations, remote access management, and cloud vulnerabilities.”
Adding to this mix is the remote work trend, which “has blurred the lines between personal and professional devices, making data security more challenging,” said Igor Volovich, VP of compliance strategy at Qmulos.
After COVID, with the decentralization of the office as well as the distributed nature of data, “we have observed hackers now trying to find creative ways to attack key individuals,” said Rahul Mahna, partner at EisnerAmper’s Outsourced IT Services team. “The landscape has changed much more to new styles of individual threat vectors and created a new paradigm of cybersecurity techniques.”
The rise of the Internet of Things and edge computing has also raised the stakes for cybersecurity. “It expands the attack surface”—raising the specter of ransomware and direct denial of service attacks, said Theresa Lanowitz, head of evangelism and portfolio marketing at AT&T Cybersecurity.
These threats come from a rising number of endpoints, Lanowitz continued. “Over the next several years, intentional and purpose-built devices are going to be more prevalent in edge computing—think robots, autonomous vehicles, and wearables. Endpoints are expanding, and, as a result, so are the attack surfaces, the sophistication of attacks, and complexity of attacks.”
With such a rapidly expanding attack surface, “data lives in more places than ever before, from data centers to the cloud and the edge to SaaS,” agreed Zack Brigman, principal product marketer at Commvault.
More data is being collected and gathered than ever before, “and there is less control over the standards from which data has been sourced,” cautioned Bob Brauer, founder and CEO of Interzoid. “For example, an ELT approach to data lakehouses versus the previous data minimalist approach of ETL in the data warehouse era is encouraging vast amounts of data to be stored under an organization’s IT umbrella. Data assets are now being made available to a larger audience of data consumers— for activities such as the training of AI models, as a feeder to analytics applications, and for business intelligence-focused reporting and operational purposes. However, this broader access and diminished oversight can leave an organization vulnerable to increasing levels of poor data accuracy, data consistency problems, and other data quality issues that therefore make enterprise data more difficult to use, harder to trust, and can result in flawed decision making.”
The rise of open source also adds a new dimension to cybersecurity challenges. “As open source adoption has become commonplace and mainstream, so have software supply chain security attacks,” says Rob Futrick, VP of platform engineering at Anaconda. “Most security scanning tools poorly detect supply chain breaches, so it is important for organizations to modernize their software supply chain and tools and not simply go through the motions of running existing tools, which can lead to a false sense of security.”
“In fact, it is precisely because of how popular open source software is, that it is attractive for attacks—because there is a high reward-to-effort ratio in favor of the attacker,” Futrick added. “Open source software cyberattacks are more prevalent and sophisticated now than 5 years ago.”
Time is often not on the side of enterprises when it comes to dealing with outside threats. For example, malicious parties “are grabbing a copy of an encrypted database, holding on to it for a set amount of time, and leveraging stronger and cheaper compute to crack encryption,” said Creighton Adams, director of enterprise systems engineering at Launch Consulting Group. “With the speed of which compute continues to grow, in 2–3 years’ time and through persistent attempts, encrypted datasets can be breached, and personal identifiable information accessed.”
Even if a hacker is immediately caught, “the length of time in court systems for civil cases can be 5–7 years,” Adams continued. “That’s why ensuring the encrypted data does not leave the four walls of the data center or cloud is of increasing importance.”
Insider threats come from “both malicious insiders and those with compromised accounts,” said Sophie Stalla-Bourdillon, senior privacy counsel and legal engineer at Immuta. “The increasing trend of remote work, coupled with the growing adoption of cloud data platforms, amplifies the risk.”
COMPLIANCE FORCES THE ISSUE
Compliance is another side of the cybersecurity puzzle, putting pressure on executives and managers to take more proactive steps to guard their data. “In the past half-decade, there’s been a surge in privacy-related laws and an uptick in enforcement actions,” said Stalla-Bourdillon.
“We have seen a number of new compliance mandates over the last several years, from GDPR and security standards to regulations on ransomware payments, breach reporting, and incident response planning,” says Brigman. “While businesses operating in highly regulated industries have always had stringent data security and compliance standards, we are seeing similar mandates and protocols bleed into other industries.”
Still, compliance measures do not adequately address the rapidly evolving threatscape. Compliance requirements “have not kept pace well at all,” said Mike DeNapoli, director and cybersecurity architect for Cymulate. “The majority of compliance frameworks focus on more generic terms like ‘databases’ and ‘file storage’ without understanding that these objects have significantly different forms and security needs when used in a public cloud. New government and other regulatory actions are working to curtail this, but it is a process that will take time.”