Here are the key learnings along with some of my favorite quotes from the CERT-RO (Romanian National Computer Security Incident Response Team) recent cybersecurity conference:
Global Cybersecurity Context
- Top cyberthreats listed by FBI are: hacktivism, crime, insider, espionage, terrorism and warfare.
- We’re no longer witnessing an era of changes; it’s actually the change of an era, as security becomes cybersecurity.
- Internet of Things has become the Internet of bad things, the Internet of threats…the Internet of everything.
- The most important threats seen by Antivirus Vendors in 2015 are related to ransomware attacks, spyware and Potentially Unwanted Applications.
- What we were used to see as emerging threats on Windows are now targeting Android devices, turning mobile security into a high priority.
- All infrastructure that’s being widely used is inherently vulnerable.
- Adaptive security solutions are considered a real trend in the industry.
- SDL (Security Development Lifecycle) should be mandatory for all software developers in order to enforce centralized security management.
- Cyberspace has been officially declared the 5th territory of War as the next 9/11 will most likely not happen physically but it will only involve a keyboard on the other side of the world.
- There’s a lot of work to do but not enough people: there are 1 Million unfilled jobs worldwide in the Cybersecurity industry.
Bad guys aren’t using magic but the same technologies we all have access to – @ramsesgallego @CERT-RO event
Companies should focus on increasing their security more than ever
- According to FBI, there are two types of companies: those who get hacked and those who don’t know they got hacked.
- Every year, cyberattacks produce a $445 Billion damage on the global economy.
- Cybersecurity has become a competitive advantage for businesses: users tend to choose not only the best service but also the provider that’s best at protecting any data exchanged by his users.
- The new perimeter of any company is its data. Physical boundaries have become almost irrelevant as a framework.
- Best practice: when a company suffers a breach, it should assume it immediately and fix it, focusing on threat detection and analysis.
Think you could never be a victim of cyberattacks?
- It takes about 280 days until the victims detect a sophisticated attack targeting their devices.
- One highly sophisticated attack needs only 1-2 days to take control over the victim’s network.
- 60% of successful attacks don’t use malware at all, making it even more difficult to detect them.
- The level of complexity is also heavily increased, there is even a specific type of malware capable of shutting itself down when it’s being detected and analyzed.
- The way users manage their Windows applications is very important: make sure you choose the least allocation of privileges during the installation process, only run trusted apps on your computer and patch the apps you own on a regular basis.
After getting valuable insights from certified Security experts during this 2 day event, it became more obvious to all attendees that critical infrastructures can turn into a country’s soft spot when they are not being properly managed .This is one of the reasons why cybersecurity rules should apply to every link in the organizational chain.
Raising awareness on cybersecurity issues has to become a priority for every public organization. CERT’s activities (the Romanian CERT along with all other International CERTs and NATO) prove to be crucial in an era where cybercrime is targeting an alarming number of companies, institutions, governments and individuals.