The ubiquity of risk in the digital age


The ubiquity of risk in the digital age

1998 was the year, driven by the idea to sell books online, that gave birth to unprecedented Internet cataloguing that we now so well relate to web-market places like Amazon. At that time however, the boundary between the product – books, and the platform – the Internet - was clear.

But fast-forward to 2020, we can find ourselves increasingly living in between merged dimensions of our physical and digital worlds.

Our need for instant self-gratification and real time solutions, has led us to be connected onto a web of sensors that is constantly ‘awake’, with a sea of devices linked to it at any given point. That itself is the start of our vulnerability.

Therefore, in this age, hallmarked by a network of Internet enabled sensors, the most important point to consider across all the discussions surrounding security is the ubiquity of risk.

The invisible web

Today’s hyper-connected environments are experiencing a deluge of data, sensors and security apps. Despite this, incidents of data breaches and cyber-attacks continue to haunt organizations.

While this has created worry and concern about individuals’ privacy; for larger establishments it has become an operational and financial nightmare, as in the case of British Airways, where the malicious hack affected nearly 380,000 passengers, back in 2018, causing chaos and panic across the city, and bringing the airport to a standstill.

Now let’s go a step further and transpose these scenarios onto mission critical infrastructure, like national power grids, banks, healthcare networks, gas lines, rail systems, and start imagining the possibilities. The impact could be life threatening, and sometimes, deadly.

And as we transition into the next phase of conveniences, the era of Smart Homes and Smart Cities, a growing number of our critical infrastructure, is also moving on to the digital grid, being monitored and controlled by wireless, digital sensors, and other devices. While the benefits of this automation and connectivity are evident, we may still be oblivious to the depth of the pitfalls.

Connectivity multiplies risk

Not only does our constant state of connectivity open up an entire universe of malicious cyber-attack possibilities, but it is also a potential seat for what could be catastrophic human error. Which means we need to protect ourselves and our networks not only from “outsiders”, i.e. willful, malicious hackers, but also from human errors.

Many of the technologies in proliferation today were conceptualized at a time where IT was still traditional in its approach. The aim then was for them to be reliable and safe, not necessarily cyber secure.

This is the greatest challenge facing organizations and critical infrastructure - that it wasn’t built with cyber-security in mind. IoT is a perfect case in point to talk about.

Analyst Gartner, predicts that the enterprise and automotive sectors will account for 5.8 billion devices this year, up almost a quarter on 2019. Utilities will be the highest user of IoT, thanks to the continuing rollout of smart meters.

Fascinating as it seems, sensor technology presents many with scientific excitement and possibilities. But now, with this type of scale, these humble sensors will be right in the middle of an interconnected web, which renders them as potentially exploitable endpoints.

It’s critical therefore to have an ongoing security hygiene maintenance by building an inventory of IoT devices connected to the system and ensure security protocols are in place. It is imperative to disconnect devices seen as high-risk.

The balancing act

Today digital transformation is causing many a sleepless night, and this is because of a lack of visibility into the layers of technology being deployed. What organizations can’t see; they cannot secure. Therefore, visibility is key to securing your cyber-front against attack.

Security has always been about the tightrope balance between the need for businesses to move fast and the need to be secure. So, managing security in the current landscape requires us to look inwards before we move outwards.

Reference: https://sharedassessme.wpengine.com/wp-content/uploads/2018/04/2018-IoTThirdPartyRiskReport-Final-04APR18.pdf

Kavitha Rajasekhar, Managing Editor, CXO Connect ME