By Bruno Lobo, Commvault’s General Manager for Latin America
By 2026, Gartner predicts that organizations that prioritize their security investments based on a CTEM program (continuous threat exposure management) will see a two-thirds reduction in breaches. A good practice for companies would also be to follow the Cybersecurity Framework defined by NIST, which assists companies in developing the processes and applying the technologies needed to cover the five areas of attention when it comes to cybersecurity: identify, protect, detect, respond and recover. Applying these practices will certainly reduce the impacts (not the attempts) in the event of cyber attacks.
To begin with, cybersecurity must be treated as a state problem, which threatens the planet just like natural and/or political risks, which must be dealt with in a coordinated manner. If the planet continues to treat this issue as “business-as-usual”, it is estimated that by 2024 almost $15 trillion will be spent on data recovery and cyber attacks, according to the Statista study (Statistas’ Ciersecurity outlook). Imagine the benefits of this amount being spent on programs to improve people’s quality of life and the environment?
Until a few years ago, the focus of the main players was on data protection and recovery in the event of natural disasters, human error, operational or compliance issues. Now, solutions that don’t deliver a Cyber Resilience platform that protects (before, during and after the attack), in an integrated and easy-to-execute way, will struggle to keep their customers and especially to convince new ones. It is necessary to keep an eye on the subject of cyber resilience, understand the market and study which solutions will help organizations prepare for the current risks.
Technologies are constantly evolving, but at the moment we realize that the best defense is attack. Companies can increasingly reduce the impact of these events (attacks) on their organizations. And, ultimately, be prepared to identify the data that has been compromised, recover this information in a secure manner and ensure that reinfection does not occur – another major problem to be combated.
Decentralizing Defences
The entire structure for dealing with cyber threats is arranged centrally, controlled and governed by companies. This also includes public clouds. The big challenge is to trust what cannot be seen or audited openly. On the other hand, the attackers are in decentralized and collaborative structures (ransomware-as-a-service) that interact with each other through sophisticated and ultra-fast business models.
Companies need to seek open innovation in cybersecurity in order to combat attackers, as we also have an additional factor: the rise of IoT devices. These, in turn, are present in companies and people’s homes and are expected to grow to 27 billion by 2025, according to a 2022 study by TGT Consult and the Brazilian Association of the Internet of Things (ABINC).
What’s more, AI is helping both sides: the companies defending themselves and the malicious actors attacking. This battle began a few years ago, and the technology industry (software and hardware) has proved effective in developing tools to deal with the three stages of a cyber-attack: before, during and after. Before the attack, we can automate threat detection and response, and with AI we can speed up this process.
Several layers of virtual but fake elements are created to attract attackers and neutralize their future actions. During the attack, anomaly detection technologies identify, alert and isolate the suspicious components so that they don’t contaminate the entire organization. And if there has been a breach of information security, data storage and protection verification technologies can inspect and select from the stored data, secure and clean copies of any contamination and carry out the secure recovery of this data.
Another interesting approach could be to use technologies that are being developed on the Web3, such as blockchain and decentralized data storage and protection platforms, with architectures and forms of collaboration that are completely different from the world we live in today on the Web2. Decentralized cybersecurity could be the answer.
*** Translated by DEFCONPress FYI Team ***