We've had the Atomic Age, the Space Age and the Information Age, and now we're on the cusp of what could be called the culmination of all those – the Fourth Industrial Revolution, in which data, devices, and advanced technologies like biotech and nanotech are already bringing major changes to how we live and work. And, we've got a front seat for the action.
How this revolution plays out will depend on the industry you're involved in. For corporations, business people and entrepreneurs, it means a major push to digital transformation, in which business goes largely online. By taking advantage of cloud technology to leverage sales, marketing and reach, companies and entrepreneurs, for the first time, have an opportunity to play on the same global playground as the big boys.
Whether your company has 1,000 employees or just one, digital transformation means being able to leverage the cloud's most advanced technologies to expand your business, and the ability to collaborate with clients, colleagues and experts around the world.
- Digital transformation is putting security at risk
- Getting to the “how” of digital transformation
- Digital transformation needs security built-in – five steps to succeed
Threats to digital transformation
All this is possible thanks to fast internet technology, but it's that same internet that poses the greatest threat to digital transformation. Hackers have proven very resilient in the face of the many defenses we've developed to protect ourselves. It seems that almost as soon as a remedy for the latest virus is developed, hackers have moved onto the next attack – with the business world locked in a seemingly endless arms struggle where the hackers who seem to be winning.
Unfortunately, the traditional security systems that companies have relied on – anti-malware systems, firewalls, sandboxes – just don't do it anymore. Those systems were developed for an environment where there were few points of entry for malware – an open port on the network, or via email (even though phishing remains an extremely effective way for hackers to hijack a system; as many as 95% of security breaches (opens in new tab) have their origins in socially-engineered phishing attacks). Additionally, with digital transformation comes larger amounts of data, and security solutions must be equipped to be able to scan all of the data, without negatively affecting the user experience.
Today, there are many more ways for hackers to invade a company – from messaging to shared drives to mobile devices to collaborative apps (Dropbox, Slack, Salesforce, etc.) - and the traditional solutions are no longer able to prevent attacks via those channels.
For example, a study that we conducted with 500 IT professionals found that virtually all organizations have between two and 20 communication applications in use in their company, 80% believe these apps are highly vulnerable to cyber-attacks, and 66% have been attacked at least once in the last year via these channels. In addition, attacks are becoming more sophisticated (opens in new tab), and more frequent (opens in new tab). The 2018 Cybersecurity Breaches Survey (opens in new tab) found that a staggering 43% of businesses had reported cybersecurity breaches or attacks in the last 12 months, while fewer than three in 10 businesses even had a formal cybersecurity policy.
Focusing on exploits instead of threats
If the current defense models aren't working, logic tells us that we should be examining new ones. One that could be very effective is a model that examines not the threat itself (i.e. the malware), but its source, the exploit. There are probably millions of pieces of ransomware, viruses, keyloggers, and more out there, but in order to have an effect, they have to either rely on a computer bug coupled with a hacking technique to enable them to execute, or influence the normal process wrongfully later in the attack chain. By keeping an eye on those vectors for anomalous activities, companies can defend themselves against any threat – regardless if it's a standard off-the-shelf piece of malware sent out by a script kiddie, or a sophisticated APT (advanced persistent threat) or zero-day attack.
An automated security system that examines anomalies in a holistic manner across channels could catch malware even before it raises its ugly head. With a system like that, companies no longer have to cross their fingers hoping that no file that comes in, no online transaction or communication, nor any message received in the organization is a potential system-killer (or debilitator, at least). It lets them concentrate on doing business - and more importantly, it lets them confidently take advantage of the full range of digital tools available to help them advance their business. Digital transformation requires cybersecurity transformation – and by moving to a holistic and automated security solution, companies will be able to take full advantage of digital transformation.
Yoram Salinger, CEO of Perception Point (opens in new tab)
- Help protect your business from the latest cyber threats with the best antivirus