Staying Secure in the Digital Age: The Power of Automation, Analytics and Architecture

The increasing accessibility of technology is being exploited by cybercriminals who are utilizing malware to target mobile devices and IoT devices.

Staying secure in the digital age can be challenging, but here are some helpful tips:

• Use strong and unique passwords for all your accounts, and consider using a password manager to keep track of them.

• Keep all your software and operating systems up to date with the latest security patches.

• Be wary of phishing emails and text messages, and never click on links or download attachments from unknown sources.

• Use two-factor authentication whenever possible to add an extra layer of security to your accounts.

• Only connect to secure Wi-Fi networks, and avoid public Wi-Fi networks whenever possible.

• Monitor your antivirus software and keep it up to date.

• Backup your data regularly to protect it from loss or theft.

• Stay cautious when sharing personal information online, and never share sensitive information such as your social security number or bank account details.

• Educate yourself about common scams and frauds, and be vigilant in protecting yourself and your personal information.

• Trust your instincts. If something seems too good to be true or suspicious, it probably is.

Cybersecurity Ventures expects global cybercrime costs to grow by 15 percent per year over the next five years, reaching $10.5 trillion annually by 2025. Adversaries are constantly evolving their attacks, while developers and security teams struggle to keep up at the new speed of business. What is driving these trends?

Turns out, cyber criminals have more digital gear these days.

Recently, I interviewed Dr. Boaz Gelbord, chief security officer at Akamai Technologies, on my show CXO Spice. We talked about the spike in cybercrime. He points to three causes. First, the rise of digital currency because it’s easy to move money around. Secondly, folks can carry out activities in one jurisdiction without necessarily facing consequences in another jurisdiction, which changes the risk-reward ratio for criminals in terms of their likelihood of getting caught. And, thirdly, he cites the vulnerability of the global technology ecosystem and the different ways to exploit systems.

Akamai Technologies’ recently released State of the Internet report showed that up to 16 percent of organizations exhibited signs of a breach in 2022 alone. Observing close to seven trillion daily DNS requests, Akamai classifies malicious Domain Name Systems (DNS) that present major threats. Their technology is able to link attackers to specific malware, including Emotet, one of the most dangerous services, and QSnatch, the largest botnet threat targeting backups and file storage. Akamai reports that 36 percent of affected devices showed traffic to C2 domains.

Akamai’s data also showed that attacks targeted on home networks are not limited to computers, but also extend to mobile devices with a significant number of reported attacks using mobile malware and Internet of Things (IoT) botnets. As technology continues to evolve and become more accessible, we’re seeing that malware is following suit.

Automation, Analytics, Architecture – and the Big Data Problem

Dr. Gelbord shared with me how the three principles of automation, analytics and architecture work together to improve cybersecurity.He says, “Automation is so critical these days just given the vast amounts of information and the different processes that we need to protect ourselves.For example, if you’re handling phishing emails (common vectors of attack) manually, then you’re never going to keep up the speed with which cybercriminals work. His advice? “Automating defense processes is key,” he says. “In many ways, cybercrime is becoming a big data problem. How do I distinguish legitimate activity from malicious activity? It requires analytics on a vast scale.” 

As for architecture, he suggests thinking of it like a house. If you haven’t built it architecturally so there are limited entry points, then all defensive methods are moot. 

“Those three pillars, automating your defenses, having the analytics to distinguish good from bad and architecting yourself over the long-term to be resilient are so critical to a robust cyber defensive posture,” Dr. Gelbord says.

The Cost of Cybercrime

It’s estimated that ransomware and other advanced attacks cost businesses over $20 billion in 2021 alone. Clearly a vulnerable spot in many organizations’ bottom lines, it’s so important to implement a strategic approach to cybersecurity.

With predictions for ransomware to continue escalating, companies of all shapes and sizes need to be proactive in protecting themselves. Cybersecurity Ventures anticipates that by 2031 ransomware will attack a business, consumer or device every two seconds — estimating a $265 billion annual loss.

While most midsize companies relied on some use of cloud technology throughout the pandemic, many are seeing a continued need for innovative technology to maintain the benefits of hybrid and remote work. In order to do this successfully, security needs to be at the forefront of decision making.

The Power of Zero Trust Solutions

Going back to Dr. Gelbord’s house metaphor, Akamai’s Zero Trust security is built on the idea that a breach can happen anywhere, anytime, regardless of company firewalls. While so many companies have adapted a hybrid work model, Zero Trust is able to assist employees in remaining more secure regardless of device or location.

Committed to combating ransomware, Akamai acquired Guardicore — adding their leading micro-segmentation products to their portfolio — further enhancing their mission to protect life online.

“Micro-segmentation is proven to defend against ransomware and other attacks by greatly reducing attack surfaces in complex and dynamic environments,” said Pavel Gurvich, Senior Vice President and General Manager, Enterprise Security at Akamai. “These new offerings for Akamai Guardicore Segmentation customers will extend protection to devices that have historically been difficult to secure and will provide the extra visibility and analysis to fend off the most evasive threats.”

While securing IoT and OT devices is typically a challenge for organizations, Akamai’s technology enables Zero Trust policies to be used on devices that can’t run host-based security software.

Partnering for Prevention 

Just as in the environmental space, collaboration is fueling new solutions.

Akamai and FS-ISAC, a non-profit organization that works to protect financial institutions from cyberattacks, teamed up to produce a report regarding Distributed Denial-of-Service (DDos) attacks and financial institutions. The report uncovered a 22% increase in volume of DDos attacks — with a 73 percent increase in attacks throughout Europe. And it’s not just an overall uptick in crimes — financial services were the target of half of all DDoS attacks in Europe, comprising a giant portion of overall cybercrimes.

“We teamed up with FS-ISAC to produce the Evolution of DDoS: Return of the Hacktivists in an effort to better educate the financial community about the threats of DDoS and to offer some threat trends and best practices for the sector to better combat these attacks,” explains Steve Winterfeld, Advisory at CISO at Akamai, in a company press release.

Collectively, we can defeat cyberthreats and keep our companies and communities secure with vigilance and strategic preparedness. 

José Raúl Capablanca, Cuban chess champion during the roaring twenties, gives a nod to the value of preparedness: “In order to improve your game, you must study the endgame before everything else. For whereas the endings can be studied and mastered by themselves, the middle game and opening must be studied in relation to the endgame.”

As technologies continue to evolve, so do the tactics of cyber criminals. One way to stay ahead of them is through automation, analytics and architecture. By implementing a strategic approach to cybersecurity and partnering for prevention, we can combat the escalating threat of cyber-attacks. Let’s take a page out of Capablanca’s playbook and study the endgame in cybersecurity. With the right preparation and tools, we can outsmart our opponents and keep our companies and communities secure. Let’s stay vigilant, innovative and “strong together” to make the digital world safer.