By Oscar Visaya, Country Manager at F5 Networks Philippines
Cybercrime is evolving in ways we could never have imagined. Attacks are increasingly becoming more sophisticated, new attack vectors are opening, and criminals are becoming more persistent. Organizations that wish to safeguard their data should not content themselves with tools and security measures currently in place. After all, staying ahead of cybercriminals is a continuous uphill battle.
There is another angle to cybersecurity in Southeast Asia. The region’s fragile geopolitical situation, increasingly important role in the world, and rising technology usage and adoption have turned Southeast Asia into an attractive cyberattack target. The Philippines alone witnessed a major cyberbreach last year: The data of 55 million voters were compromised when cyberattackers hacked the nation’s voter registry. The Philippines’ widespread lack of cybersecurity awareness has caused the country to become the world’s “botnet haven” and a “disproportionately large” source of banking Trojan malware.
As private corporations and governments alike struggle to adapt amidst a risky and on-demand environment, there is a greater urgency to understand the nature of new threats, reevaluate security strategy and find the right resources and processes to ensure integrated, intrinsic protection.
With the following three simple processes, companies and governments can be assured of having all the pieces of the cybersecurity puzzle to confidently protect customers and secure their data:
- Clarity – Can’t protect what you don’t know. To “know,” you first must be able to “see” into all your application traffic.
The Internet of Things (IoT) has created infinite possibilities and revolutionized operational processes. However, the sheer number and volume of connected devices has also created an unprecedented number of potential vulnerabilities that cybercriminals can exploit. These devices—and the applications that run them—typically do not undergo vulnerability testing, and are not designed to enable secure remote management. This is the blind spot that needs to be addressed when it comes to protecting application traffic.
- Context – Seeing is meaningless without an understanding of all applications and the external factors that can affect your ability to secure them.
As the number of devices multiplies, so do the ways in which users interact with them. Increasing mobile connectivity is resulting in higher app usage. Future generation workers use apps for nearly every task and even prefer to bring their own devices in the workplace.
Mobile connectivity has contributed to the introduction of new threats into secure perimeters in the form of sophisticated attacks such as Mirai, the Hajime IoT worm and Gemini, which are nearly impossible to detect all at once. These attacks can debilitate entire organizations through compromised devices by spreading ransomware, malware, and extracting sensitive data—consequences that cost far more to remedy than to prevent.
- Control – Without the ability to apply the right security control, it doesn’t matter how much visibility or context you have.
Maintaining the visibility of one’s security environment is important, but it is only half the security picture. Far too often, application front doors are left open with a web application vulnerability or access keys placed in the hands of untrained employees highly vulnerable to simple spear phishing attacks.
Organizations focus too much on implementing a full-scale security program and spending time and money on areas that aren’t at risk (low likelihood of exploit and low impact), while failing to devote enough time to areas that are frequently targeted, possess the highest security risks, and have the greatest impact during cyberattacks.
Given the dynamic and shifting threat landscape today, the focus should remain on prescribing security control correctly. Threat intelligence should be the evidence that drives the implementation of security controls and the formation of an all-inclusive security perimeter.
The digital economy is upon us, yet the cybersecurity landscape remains fragmented. This leaves businesses feeling inadequate in their ability to tackle cyberattacks confidently. The trick lies in learning how to best apply security controls in ways that enable visibility without hindering an application’s safety or performance. Hence, it is important to understand how adding context, clarity and control to existing architecture can combat the threats of tomorrow, today.