Gadget

Cyber Attacks: Tech’s natural disasters

The SolarWinds attack was stunning in its scope and scale. If it were an earthquake, it would be 9.9 on the Richter scale. As digital transformation accelerates in 2021 and beyond — and applications accelerate as central enablers of business and all manner of digital life — cyberattacks have become technology’s natural disasters. Both have the power for profound devastation, threaten our sense of safety, and are (sadly) the reality of our world today.

There is, however, one notable difference between a natural disaster and cybercrime. It is within our control to reduce the devastating impact of cybercrime. We can learn from the weaknesses the SolarWinds attack exposed and use this event as a catalyst for behaviour changes that will materially reduce the impact of future attacks. We cannot prevent cybercrime. But unlike natural disasters — we can mitigate more outcomes by changing our ways of working.

I have always been passionate about environmental issues as part of my agricultural work in Africa. As a result, I’m a steady consumer of environmental studies and research. As the CEO of F5, I believe there are practices and learnings we can glean from environmental study that can be applied to application security innovation. Our natural environment and enterprise applications are both essential for humans to thrive—and both are constantly at risk. I recently read a study in the International Journal of Disaster Risk Reduction about natural disasters as an “opportunity for improved environmental conditions.”

This particular paper presented cases where natural disasters provided a window of opportunity for change. As I read devastating stories about disasters around the globe and how response and recovery were managed, one particular case stood out: the “triple disaster” that hit Japan in 2011 (earthquake, tsunami, and resulting damage to the Fukushima nuclear plant). The paper contends that what the Japanese government did in response to the triple disaster (and I’m paraphrasing) was to use that devastating series of events as an opportunity to improve environmental conditions through a philosophical shift in practices and policy. In essence, learn from the weaknesses exposed by disasters and commit to change for the betterment of all.

The SolarWinds supply chain attack was a cybersecurity “triple disaster”—a sophisticated nation-state attack, and exposure of an entire digital supply chain that struck during pandemic – a time when we are heavily reliant on digital supply chains. As of late December, SolarWinds stated that its customers included 425 of the U.S. Fortune 500, the top ten U.S. telecommunications companies, the top five U.S. accounting firms, all branches of the U.S. Military, the Pentagon, and the State Department, as well as hundreds of universities and colleges worldwide.

This triple disaster is our opportunity to drive a fundamental change as business leaders. Because how security is prioritised and deployed in two fundamental ways has far-reaching implications for the long-term health and safety of the business.

  1. Application development, deployment and management must include corporate security standards and traditionally siloed NetOps, SecOps and DevOps must collaborate like never before. Today, applications are developed by centralised and decentralised teams. Security features are often subjective decisions, making 53 the entire application portfolio potentially vulnerable.
  2. Prioritising cybersecurity at the corporate level. Specifically, following three information security practices that address the primary ways enterprises are targeted and breached most commonly:

The SolarWinds attack clearly demonstrated that until cybersecurity is a top priority we remain as vulnerable as the weakest link in the digital supply chain. Best practices dictate that cybersecurity is viewed and deployed as an ecosystem, not a single solution. Each of the programs noted above have components that address digital supply chain risks, including restricting and monitoring privileged service accounts assigned to vendors, testing and applying security updates, and monitoring the performance and behaviour of all systems and accounts in your network. If your supply chain vendors get these three core programs right, you can increasingly trust them with the risk you are transferring to them.

Despite the very real cyber threats and risk, there is good news. We can make something positive come from this triple disaster with a commitment to change for the betterment of all. With these cybersecurity changes in place, our applications, customers, companies, and communities will be far (far) better prepared and more resilient when the next big one strikes.

Exit mobile version