What we learnt from recent events like Sunburst or Log4jShell exploits?
In recent times we all observed series of events, where unknown vulnerabilities in the known and commonly used software or software components, are been exploited by the bad actors. These kind of events create massive global impact. And the worst part of it is, in many cases for a substantial time frame organisations do not even know, that they are been hit or exploited. And by the time they come to know, substantial amount of damage is done; most of which is irreparable.
I believe, there are two fundamental reasons behind it.
First, we rely a lot on our vendors and technologies that we use. Most of us expect vendors to know the vulnerabilities of all the components used in the software or application delivered by them. We forget the fact that almost all of them use some or the other (in many cases multiple) open source components. And no one invests on identifying vulnerabilities in those open source components, other than the bad actors. We only come to know about those, when some hackers group exploit them and announces.
Second, in this cloud era where perimeters are dissolved; we still invest a lot in reactive security approach, which is not good enough. Most of the time, just cause we feel comfort in following market trends, we shy from investing in technologies which might be better fit for us and are need of the hour. Most of us do not buy anything which is not recommended by likes of Gartner, Forrester, Frost & Sullivan, etc. Or we prefer to bet on something which is used and recommended by our industry peers. Are we really afraid of believing in our own analytic skills and decision making abilities?
领英推荐
To deal with cyber security challenges in these changing landscapes, we need to elevate our cyber defence approach by introducing some of the fundamentally disruptive, but preventive technologies and tools. Technologies which provides us inherent security against any such exploits. Adaptive tools which helps us fortify our changing IT landscapes. Traditional, legacy approaches like encrypted tunnelled connectivity, role based access control, token based authentications, detection & response, virtual patching are not going to save us in coming days. Especially when we don't even know the number of vulnerabilities present in our environment.
Global cyber war is already started. Various hackers groups are launching series of cyberattacks against targeted countries and their businesses, to break financial backbone of their opponents. unknown vulnerabilities in commonly used open source components, can be easily targeted by these cyber attackers or cyber terrorists. Do not wait for storm to hit your enterprise. Build better defences now and be ready to deal with it.