by Andy Ng, Vice-President and Managing Director for Asia South and Pacific Region, Veritas Technologies
According to Gartner, cybercriminals will have weaponised operational technology environments to harm or kill humans by 2025. While this might be mistaken for a science fiction movie plot at first glance, it is plausible with the new cyber threats that are growing in tandem with the advancement in technology.
In November 2022, the emergence of ChatGPT has taken the world by storm. As the use of AI gains momentum and becomes increasingly common, there is a gnawing fear that it would pose a threat to humanity if it is exploited by bad actors – we are at the stage where we can no longer easily distinguish between the real and false photos, videos or news. Clearly, AI tools will be adopted not only for business efficiencies but also by cybercriminals to increase the scale and sophistication of the cyber-attacks, such as using ChatGPT to steal credentials or poisoning the AI system itself with inaccurate data.
As we approach Cybersecurity Awareness Month, it is timely for organisations to consider how they can enhance their cyber resiliency and safeguard their data, with the rise in multi-cloud adoption and the growing use of AI tools and platforms. As a starting point, adopting a zero-trust mindset is a must. This means continuously monitoring and validating users and their devices, to ensure that they have the right privileges and attributes and locking out unauthorised users. This approach means protection on all fronts, beyond the network perimeter, within the network itself and giving users access only on a need-to-know basis. With that in mind, here are a few best practices:
Limit access to backups and segment your networks.
With the growing risks of malware penetrating the network perimeter and infiltrating backup data, it is critical that only privileged users should have access to backups and remote access should be restricted. Different tiers of protection data should have different access permissions and should be air gapped.
Introduce identity and access management (IAM).
Using multi-factor authentication (MFA) and role-based access control (RBAC), administrators can determine which users and machines can access specific data and what actions they can and cannot perform. This prevents hackers from using a single credential to take over the system.
Adopt immutable and indelible storage.
Immutable write-once-read-many (WORM) storages ensures that your data cannot be changed, encrypted or deleted for a fixed timeframe, or at all, making your data impervious to ransomware infection. You can store immutable data on different mediums, such as purpose-built backup appliances, enterprise disk arrays or the cloud.
Encrypt data in-transit and at-rest.
Encrypting in-transit and at-rest data further ensures that it cannot be compromised within the network or exploited if hackers or ransomware gain access to it. This means that without a decryption key, even if a criminal is able to transfer or copy the data from your system, they will not be able to use it for financial gain, sabotage or reputational damage.
Implement security analytics.
AI-driven anomaly detection and automated malware scanning can help your IT team monitor and report on system activities to mitigate threats and vulnerabilities. A sophisticated solution, such as the use of autonomous cloud data management, will be able to detect deviations in data access patterns to identify accounts that might be used to run malware and analyse changes in backup attributes to identify the possible subtle signs of intrusion.
Today, we are seeing traditional tactics like phishing used alongside more sophisticated methods of social engineering. With technology forming only part of the equation, it is important for organisations to train their employees on the policies and tools that are deployed on a regular basis. This will reduce any potential breaches and ensure that employees know how to access and retrieve data that is lost, corrupted, or compromised in a timely manner. By effectively managing data security and cyber resiliency with the right tools and people in place, organisations can unleash the potential of new or emerging technologies to achieve transformative business outcomes.