Even before the start of 2020, industry watchers were predicting this would be a decade of digital disruption. Just 7 months in and another “D” has become prominent: “Dependency”. If the Covid pandemic has revealed anything then surely it is how the global economy, and society in general, relies so much on technology in order to function.
Our reliance on technology – from ubiquitous superfast communications networks, to AI-driven software and smart devices – is both inevitable and unstoppable. But it is also as full of risk as it is opportunity. Because the other major lesson from the Covid experience is that cyber attackers have no mercy and will even exploit global human catastrophe to advance their goals.
So what else has changed in this post-Covid world, and what does it mean for threat intelligence and its role in helping organizations survive and thrive?
Lesson 1: There can be no barrier to the pace of innovation
Around the world, lockdowns have forced companies to innovate. Businesses have been forced to make fast decisions that, in some cases, completely transform their business models. We’ve seen digital transformation programmes fast-tracked , and organizations gain confidence in their ability to make change happen far more quickly than previously thought.
The effect of this is that organizations are now far more impatient for change, and arguably more determined to remove obstacles in protocol and process. This might be very positive for cutting out the ‘dead wood’ of bureaucracy, but could have serious implications for cybersecurity. For instance, the rush to get employees working from home has resulted in numerous attacks , and exposed serious, well-documented security shortcomings in third-party applications . In other respects, the desire for fast decision making can also expose weakspots, particularly when exploited through increasingly common social engineering and BEC scams that (for example) compromise, spoof or takeover business email accounts.
What’s clear is that organizations want and need to be more dynamic, and cybersecurity measures simply have to keep up. An organization that delays innovation until security risks have been mitigated could be in even greater danger of going out of business before these infrastructure and policy changes have had time to implement. This plays to the strengths of threat intelligence, enabling prioritized, real-time insights specific to the organization’s unique situation to be acted upon both proactively and reactively.
Lesson 2: There is no security in obscurity
Awareness of cyber issues has been elevated throughout this period, and is routinely highlighted as a matter of intergovernmental cooperation, foreign diplomacy and even warfare. But for every recent high-profile instance of, for example, Chinese or Russian Covid-related state-sponsored attacks, there are countless unreported cases of everyday organizations succumbing to cyber threats.
Some attacks are explicitly related to the quest for finding a Covid-19 cure, reflecting the value of intellectual property to the organizations that own it rather than its value on the black market. Again, the media focus on these attacks in particular betrays what is going on in the wider world, with organizations of all kinds under threat from a range of attack vectors specific to their industry.
The good news is that cyber awareness is among the most effective weapons in the cybersecurity arsenal, and the cheapest and simplest to implement at a basic level. As organizations progress beyond simple testing of users with phishing campaigns (and other tactics), so threat intelligence becomes more critical to supporting more sophisticated approaches such as realistic attack simulations and red-teaming activities.
Lesson 3: There is more that organizations can do to remain safe
As far as cybersecurity is concerned, it’s clear that the stakes are now higher for businesses and that cyber threats are heightened. Implementing key cyber hygienes has never been more important, and there are added measures that can be taken to reflect new trends in remote working practices that are look set to become the new normal for the foreseeable future.
But the cyber threat landscape does not stand still; it is a constantly changing picture. For that reason an effective threat intelligence system with enormous scope, yet enough modularity to focus on threats relevant to the unique organization, is essential to staying abreast of unknown and unpredictable changes in threat types and characteristics. Threat intelligence can also be used under the auspices of a complete GRC (governance, risk and compliance) strategy that allows organizations to be as flexible and dynamic as possible while keeping risks to acceptable levels.
A great deal has changed since the start of 2020, but all of it points to an even greater need to be fast, all-knowing and accurate in your responsiveness to complex cyber threats. This applies no matter how large or small, visible or obscure the organization concerned.
As organizations further entrench their reliance on technology to innovate products and business models, extend digital penetration to new applications, devices and business processes, and better support the flexible working of employees – cyber risks become ever greater, and threat intelligence more essential.