INTEllIGENT COMPUTING | SECURITY








          hyBrId NETWOrkS STrETCh aTTaCk SUrfaCES         SECUrITy GOES aUTOMaTEd OUT Of NECESSITy
          The attack surface — the total sum of the ways an organi-  As mentioned earlier, networks are growing increasingly
          zation is susceptible to cyberattack — is like a balloon. It   complex, meaning that IT security teams must contend
          expands with the introduction of new attack vectors and   with  growing  amounts  of  data  that  needs  to  be
          attack targets, like extensions into virtual, cloud and op-  contextualized, analyzed and acted upon. At the same
          erational technology environments. It contracts with the   time,  the  industry  is  suffering  from  a  worrying  talent
          good cyber hygiene and risk reduction. The larger your   shortage,  which  means  that  there  are  fewer  skilled
          attack surface, the more likely it is to pop.   workers available to manage these issues. This is creating
           To control an attack surface that encompasses hybrid   an environment where attack vectors abound, increasing
          networks  and  that’s  affected  by  a  constantly  evolving   the organization’s risk of attack.
          threat landscape, organizations will need to unify visibility   As  a  result,  in  2018  we  expect  to  see  a  surge  in  the
          and  centralize  management.  Gaining  seamless  visibility   adoption of automated solutions, particularly for integrated
          across physical IT and OT networks, as well as virtual and   analytical  workflows.  These  can  deliver  actionable
          cloud  networks,  will  give  them  a  holistic  foundation  on   intelligence to security practitioners of what to focus on —
          which  to  build  a  security  program  ready  to  address  an   such as vulnerabilities posing an imminent threat — what
          agile threat landscape.                         tools are at their disposal to take action and tracking the
           While different technologies, processes and teams may   workflow to ensure tasks are carried out to completion.
          be involved to secure various types of networks, attackers
          don’t  pay  attention  to  such  divisions.  If  anything,  they   ThE SCalES TIP TO ThE ClOUd
          exploit these divisions in security management, and simply   At  present,  most  firms  are  in  a  transition  phase,  with
          follow the path of least resistance to reach their intended   networks  made  up  of  a  hybrid  of  physical,  virtual  and
          target, no matter where the attack originates. In 2018, we’ll   multi–cloud environments. 2018 is set to be the tipping
          likely see attackers leverage hybrid network connectivity   point, as corporate networks become predominantly or
          to  infiltrate  cloud  and  OT  networks  where  traditional   entirely virtual or cloud–based.
          cybersecurity measures are still being fleshed out.  Organizations will need to be sure they understand and
                                                          can support the shared responsibility model of the cloud,
          ONGOING EvOlUTION Of dISTrIBUTEd aTTaCkS        in that the cloud service provider is responsible for security
          While  NotPetya  was  originally  dubbed  a  ransomware   of  the  cloud  while  the  organization  is  responsible  for
          attack,  seemingly  a  new  iteration  of  WannaCry,  it  was   security in the cloud. The assumption that cloud networks
          pretty lousy at the ransom part. What it and WannaCry   are inherently secure needs to be overcome, and security
          demonstrated, though, was the distributed attack model   teams need to have the means to understand how traffic
          on which modern ransomware relies. It targets as many   moves into, out of and within cloud networks to put the
          victims possible, looking for low–hanging fruit, so attacks   proper security controls in place.
          can be carried out easily and automatically, maximizing   The  importance  of  automation,  as  mentioned  above,
          the  attacker’s  ROI.  Ransomware  is  a  perfect  fit  for  this   becomes  even  more  important  in  cloud–networks.  The
          model,  in  that  any  target  can  be  extorted  for  payment.   elasticity of clouds makes their security management too
          Now  that  the  distributed  attacks  have  proven  global–  much to handle via manual processes. If organizations are
          reach  capabilities,  we’re  sure  to  see  more  mass–scale   aiming for a complete move to the cloud, they need to
          attacks in 2018.                                ensure that security programs are poised to support the
           The  good  news  about  the  distributed  attack  model?   approach.
          Cybercriminals sell or share proven attack methods, such
          as vulnerability exploits, to carry out distributed attacks.   INCrEaSEd aTTaCkS ON OPEraTIONal
          Again, this practice gives them a better ROI than developing   TEChNOlOGy
          new, native exploits or exploits for a specific target. It also   The convergence of IT and OT networks presents several
          means a relatively small number of vulnerabilities exploits   advantages in terms of productivity, ease of management
          are being used and reused. If vulnerability management   and  cost–effectiveness.  But  it  has  also  introduced  new
          programs can take a threat–centric approach and focus on   cyber risks to critical infrastructure organizations such as
          this subset of vulnerabilities, they’ll have a greater impact   utilities, energy producers and manufacturers that could
          on their organization’s security than if they targeted only   have very real impacts on uptime, human safety and the
          CVSS critical vulnerabilities.                  environment.

                                   |  A CyberMedia Publication   www.dqindia.com          January, 2018   |  17