In this Help Net Security interview, Pedro Cameirão, Head of Cyber Defense Center at Nokia, discusses emerging cybersecurity trends in 2024 and advises businesses on their preparedness strategies.
Mr. Kamiran will be speaking at GISEC Global 2024 in Dubai. GISEC Global 2024 is a conference and exhibition that brings together the brightest minds in cybersecurity.
What new cybersecurity trends should businesses be aware of in 2024 and how should they prepare for these new threats?
We are observing threat actors increasingly leveraging new techniques and technologies to circumvent security measures and exploit vulnerabilities at an unprecedented rate. The threat landscape is further complicated by the rise of advanced persistent threats (APTs), phishing-as-a-service, ransomware-as-a-service models, and state-sponsored cyberattacks. Emerging technologies such as artificial intelligence and machine learning are now being employed to perform more precise, automated, and sophisticated attacks.
For example, relying solely on multi-factor authentication (MFA) may not be sufficient to prevent identity theft for network access. MFA must be complemented with additional conditional access policies.
New phishing tactics (such as quiche) are also being used to circumvent increased user awareness and bypass email system filters.
It is critical that enterprises adapt quickly, implement threat intelligence programs that facilitate vulnerability remediation, and put in place appropriate security controls as the dynamic threat environment evolves.
How will the rise of AI and machine learning technologies impact the cybersecurity landscape, and what new risks and opportunities will they bring to businesses?
In 2023, artificial intelligence (AI) and machine learning (ML) have moved from mere buzzwords to widely accessible technologies. Cybercriminals are now widely using AI to gain insights into a victim's IT systems and the existence of vulnerabilities, evade detection methods, and launch automated attacks with unprecedented speed, scale, and accuracy. is starting.
Traditional approaches to security and incident response are no longer sufficient. Defenders must also leverage AI and ML to predict threats, strengthen their security posture, and automate detection and incident response functions.
Supply chain attacks are on the rise. What steps should companies take to protect their supply chains and reduce the risk of such attacks?
The SolarWinds cybersecurity incident that came to light in 2020 revealed the significant impact that supply chain attacks can have. The effects of this attack are still ongoing, and it is impossible to assume that mitigation measures will be fully implemented. This incident served as a wake-up call for many organizations regarding the potential impact of supply chain attacks.
Cybersecurity programs must consider supply chain attacks as a key source of risk. This includes not only the risks inherited from suppliers, but also the potential downstream impact on customers from vulnerabilities introduced in the products and services provided.
To reduce the risk from supply chain attacks, companies should implement supplier and third-party assessment programs to evaluate compliance with cybersecurity best practices, regulations, and industry standards. Vendors with unknown or poorly managed risks should be rejected if risks are identified as unmitigated.
Additionally, the use of open source and third-party software poses significant risks from supply chain attacks. Good management should verify the authenticity of third-party software and ensure that they receive regular updates and patches. Security assessment must be integrated into all phases of the software development lifecycle (SDLC) and his CI/CD pipeline for applications and products.
All of the above must be complemented by an effective IT security program. This includes regular risk assessments, robust access controls, system hardening, regular patching and vulnerability remediation, and employee training. Continuous security monitoring, incident detection, response, and remediation supported by threat intelligence are also key elements of an effective security program.
As data privacy regulations evolve, how should companies adapt their cybersecurity strategies to ensure compliance while protecting against breaches?
Over the past few years, several new cybersecurity regulations have been introduced around the world to address emerging threats and enhance data protection. As cyber threats evolve, we can expect regulations to become more stringent, with heavier fines and potential criminal charges for executives who fail to meet their regulatory obligations.
As cyber threats evolve, complying with IT security regulations is paramount to maintaining trust, integrity, and legality in digital operations.
By implementing a comprehensive cybersecurity program, organizations are better prepared to adapt to the evolving regulatory landscape. You can proactively reduce risk, increase resilience to cyber threats, and protect your digital assets and reputation.
Insider threats remain a major concern for businesses. What steps can organizations take to effectively detect and prevent insider threats?
Not all companies are the same, and insider threat risks vary. The first step to effectively managing insider threats is to conduct a comprehensive assessment to determine the potential for employee fraud to disrupt normal business operations or compromise IT systems. The goal is to identify all potential areas where there is potential.
Appropriate IT security and human resources management must be designed to mitigate the identified risks. Security policies should include security measures tailored to a company's unique insider threat risk appetite. This includes thorough vetting processes for employees in sensitive roles, systematic implementation of least privilege access, implementation of privilege management systems, network isolation, data loss prevention (DLP), security monitoring, and more. It will be.
Third-party risk management is equally important. Subcontractors and vendors with privileged system access are a significant source of risk. Regular third-party evaluations are essential to ensure third-party suppliers comply with your company's security policies.
