Why sophisticated cyber threats require a dynamic response?

Alaa Bawab, General Manager, Lenovo Infrastructure Solutions Group (ISG), META talks about how the landscape of cybercrime has evolved and how organizations need to put themselves in a more prepared position.

Cybercrime is changing. A couple of decades ago, it was limited to individual hackers who attempted to compromise systems using a single PC, but now the landscape has serious players with near-unlimited resources. It’s impossible to predict what will happen to a business and where they will be targeted, which means preparation is crucial. Organisations need to put themselves in a position where they can recover, even if the worst happens.

The World Economic Forum’s 2022 Global Risks Report says that ransomware attacks increased by 435% in 2020 and that cyber threats are outpacing society’s ability to effectively prevent them. By 2031, it’s predicted that a ransomware attack will strike every two seconds somewhere around the world, according to CyberSecurity Ventures.  According to a Kaspersky, in the Middle East, Qatar had the highest number of users affected by online threats in 2022, closely followed by Bahrain, Saudi Arabia, UAE and Kuwait, which is mainly attributed to the hyper-connected nature of today’s world. The Cost of a Data Breach Report by IBM also showed that the cost of a data breach in the GCC is AED27.4m, with the healthcare industry averaging the highest breach cost of any industry.

Businesses understand they need to be investing and doing more when it comes to cybersecurity, with Lenovo research showing that 59% of leaders are likely to invest in security tools in the next five years. However, given the complexity of the threat landscape, companies must embrace a dynamic security response and ensure they safeguard their data by selecting devices and implementing IT infrastructure solutions which have been built with security front and centre. They must also ensure that staff understand the complexity of cyber threats and have the resources to deal with them. People say that data is gold, so it must be protected like gold.

Understanding the threat landscape
When creating an effective cybersecurity strategy, it’s important to understand that threats have evolved to come from all angles. In the past, we’ve thought of security as a fence in which data can flow freely across the business. As you move the compute capability closer to where the data is, the threat surface gets bigger. When it comes to PCs, hybrid working has led a growing number of employees to use their work device in a coffee shop or a hotel, which exists outside of the ‘four walls’ of a company fence. People still don’t realise the implications of that.

In terms of the data centre, companies must ensure their defence is on a completely different level. You don’t take your server or storage system to the coffee shop, thankfully, but if an attacker can get at the amount of data that is in a server, they can access all the operations in the business. It’s potentially an existential threat. Leaders therefore require built-in security systems that can handle this problem.

It’s also important to recognise the reputational damage caused by a cyberattack. It’s not just the loss of data; if you can’t get it back quickly, it can be massively impactful for customer trust and loyalty. In the eyes of the public, transparency is also a crucial element. If a company is hit by a cyberattack, it must be clear about what’s happened, communicate it with its customers, and outline what actions have been implemented to resolve the issue.

Infrastructure with built-in security   
Modern IT infrastructure must be built to handle increasingly sophisticated security threats – and that means built-in recovery capabilities. It’s becoming more essential that there is an audit trail through the whole lifecycle of machines. Servers are incredibly valuable objects to a business: leaders ideally need tamper-detection and monitoring embedded into the actual chip design. Server monitoring, the systematic tracking and measurement of processes and operations on a server, can be used to collect insightful data and draw conclusions about the health and condition of servers. This ensures they are reaching an optimal level of performance.

Companies must assume they will lose data and create a situation where they can recover it. No matter if it’s in the cloud, or on the edge, they need a system to back it up. If businesses put data in a safe place, they can get hit and still come back. A robust data protection plan improves security and protects company assets by helping to prevent breaches and data leaks. This means that organisations can avoid the financial impact of a security breach, protect assets, safeguard customer data, and uphold the company’s reputation and brand.

To adapt to today’s rapidly shifting cybersecurity environment, business leaders also need to take a longer view and adapt to current and future threats. Data must be protected from a machine’s inception, through its life, to the point where it is securely deleted in a compliant way. For maximum peace of mind, leaders should opt for suppliers that have secure supply chains and knowledge of every component back to its original manufacture. Outsourcing infrastructure and software to third parties effectively spreads a company’s threat surface, which means it’s important to run regular assessments of security risks in the supply chain and understand the procurement standards of each supplier. This will empower businesses by identifying exactly which areas are most vulnerable and consequently which require the most investment.

Secure by design in PC hardware
Security must also be upheld throughout the design process when it comes to PC hardware. Business leaders must opt for hardware that has been built with security at the forefront, incorporating innovative features such as unified endpoint management, by which a device can be monitored, controlled, and locked down.

Devices can also be integrated with unique privacy alert features that provide additional layers of security when working remotely, such as activating a privacy blur when an unauthorised user’s face is detected viewing the laptop screen. Added features like safe browsing, sandboxing and data encryption are all aspects which can be integrated into the core design of a laptop, helping leaders rest assured that they are doing everything to keep their company data safe.

Zero-trust architecture is also an effective way of safeguarding hardware to ensure data is only accessed by trusted users. It works by assuming that no one from inside or outside an organisation is trusted, with access to network resources layered with strict identity verification gateways. Using multi-factor authentication (MFA) is a key feature of zero-trust and helps create a more dynamic approach to security, regardless of where the end-user is operating beyond the four walls of an organisation.

When it comes to selecting PC hardware, and even servers, it is critical that companies select products and solutions that incorporate security from the outset, not as an afterthought or add-on. Implementing security from the start of the product lifecycle ensures it’s a fundamental aspect and can be enhanced or tweaked in line with product updates. Vendors can even use third parties to make sure their hardware or software is tested and approved before being incorporated into products.

Looking to the future
Business leaders need to think carefully about their hardware from PCs and the edge to the cloud, and from the beginning of its lifecycle to the end. Choosing the right hardware and the right layers of software to defend it will be increasingly crucial as cyber threats continue to grow more complex.

Perhaps most importantly of all, business leaders need to fully understand the value of their data, and communicate this both within their organisation and with partners. Raising awareness of the value of data is the single most effective defence any organisation can have, and it’s time businesses start making this their priority.