- Security TWENTY
- Women in Security
As COVID-19 continues, and office workers become home or remote workers, incidences of cyberattack have been rising steeply. There are three key reasons for this, according to the digital services firm Reply.
First, cybercriminals are taking advantage of the rise in connectivity and increased surface attack area brought about by wide-scale working from home. Second, cybercriminals have been able to prey upon users’ fear around the current pandemic and corresponding financial crisis to lure them into unsafe practices. Finally, cyber-criminals are taking advantage of vulnerabilities around rapidly developing technologies such as IoT, quantum computing and 5G to launch attacks.
All of this means that organisations need to be more vigilant about their cybersecurity practices and make sure they are giving it the proper time and investment to ensure all bases are covered. The challenge for cybersecurity experts? Navigating tight budgets, gaining executive buy-in and ensuring constant up-skilling to keep up with this ever-evolving security landscape.
To mitigate the challenges of today and prepare for the threats of the future, here are some things they should consider:
Trusting the Internet of Things
The Internet of Things (IoT) is already making huge waves across many industries. It is set to revolutionise our lives, enabling exciting concepts such as smart cities and driverless cars. However, there are serious concerns about the security of any device connected to the internet, and the way each one could be uniquely targeted by cybercriminals. So, naturally, a smarter, more connected world brings about as much concern as excitement.
With so many everyday ‘things’ connected to the internet, it’s not just company information that’s at risk. What happens if the driverless car is hijacked by a bad actor? What if the medical robot is compromised and unable to complete a vital operation? What if the smart city platform that holds all of your personal information is hacked?
Cybersecurity experts are now devising tools and processes to evade the IoT security minefield. By using a framework that thoroughly embodies the hacker perspective, they can satisfy all the security needs of IoT developers from concept sketching to production. They mimic the cybercriminal mindset by performing specific IoT penetration tests focusing on both hardware and software analysis and attacks.
Quantum computing concerns
Like many emerging technologies, quantum computing brings both new possibilities and new challenges. While fully functioning quantum computers aren’t quite a reality yet, technology companies are starting to produce quantum computing offerings such as algorithms which can speed up business processes.
But that same capability could render some of the most cutting-edge security technologies useless. With an ability to solve problems much faster than classical computers, quantum computers could also quickly break the most commonly used encryption, RSA, which relies on a mathematical problem of prime numbers that regular binary computers cannot easily process.
Due to its speed, there are concerns about whether quantum computing could affect the security of Blockchain. To keep Blockchain reliable and safe for the era of quantum supremacy, it must be re-designed in a post-quantum perspective.
Security for 5G
5G has some big promises. It is set to deliver faster data transfer speeds and low latency that will really make concepts like IoT possible on a large scale. As a new and improved generation of connectivity, 5G will also in many ways enhance network security. It will feature the latest in encryption technology, enhanced secure roaming and secure identity management systems to name a few.
But, despite this, the rollout of 5G has also been one of the biggest topics of conversation in the security world and beyond, with the Huawei saga making headline news. Why? Not only is there concern that some of the security flaws of previous mobile generations might be inherited by the new standard, but there’s also plenty of room for new flaws and vulnerabilities in 5G infrastructure and devices. And, given that the end goal is for 5G to be the standard of connectivity, keeping it secure is paramount.
Ensuring 5G infrastructure and devices are secure is set to be a huge trend in cybersecurity, especially as other technologies develop alongside it with the potential to carry out more advanced attacks. For example, 5G will eventually support advanced cryptographic algorithms with 256 bits, ensuring that these algorithms are sufficiently resistant to threats from quantum computers when used in the 5G network.
With so many new areas to protect, the cybersecurity sector is constantly growing and is expected to be worth over $50 billion by 2023, according to IDC. This growth is creating a whole host of jobs and new skill opportunities for cybersecurity professionals across the globe. It’s vital that this includes training specialists who can help businesses address cybersecurity-related issues. To this end, many businesses are looking at new talent to fill the ranks of cybersecurity jobs. This autumn, Reply is hosting its own Cyber Security Challenge to teach security skills in coding, web, miscellaneous, crypto and binary. The more businesses invest in the skills of the future generation of cyber defenders, the better placed we’ll all be to benefit without fear from the tech innovations of the future.