Accenture: Build a cyber resilient business
The unprecedented global health and humanitarian crisis - triggered by COVID-19 - has opened the door to innovative cybercrime, report Accenture Security.
According to the new paper, 2020 Cyber Threatscape Report, organisations can take steps towards a more flexible and secure future if they follow the mantra think "anytime, anywhere,” suggest Accenture who identify five frontline trends currently in the cyber threat landscape.
According to figures from Accenture, there has been a 60% increase in the average ransom payment (US$178,254) from the first quarter to the second quarter of 2020.
“Rapidly accelerated digital transformations, opportunistic phishing campaigns, discontinuity of information security operations and financial constraints are creating the perfect storm in a COVID-19-disrupted world. CISOs who understand these challenges and can pivot their security approach can help their organisations to emerge stronger,” comment Accenture.
“Sophisticated threat actors are employing new tactics, techniques and procedures (TTPs) to help achieve their long standing objectives of regime survival, economic acceleration, military superiority, information operations and cyber espionage… Criminals will still work to monetise access to data or networks, perhaps more frequently than before as the economy continues to be vulnerable.”
“Since our report in 2019, our cyber threat intelligence and incident response teams have gained first-hand visibility of the TTPs employed by some of the most sophisticated cyber adversaries,” says the report.
Accenture identify the five steps organisations can take to build a cyber resilient future:
- Think “anytime, anywhere”
Secure all users, devices and network traffic with the same degree of effectiveness
- Be transparent
Give users access to what they need when they need it
- Inspire calm and confidence
Make security leaders the catalyst for change, using compassion to deliver an agile response
Consider managed services and automate where it makes sense
- Build for resilience
Make business continuity and crisis management plans fit for purpose
“By putting such measures in place, organisations have an opportunity to out-manoeuvre uncertainty, emerge stronger from crises, and gain greater cyber resilience,” says Accenture who highlight the five frontline trends that are influencing the global landscape this year.
“These insights can enhance the work of security teams and put security technology investments, security processes and the business strategy on a firm footing to help achieve the desired level of cyber resilience.”
The five frontline trends include:
- COVID-19 accelerates the need for adaptive security
COVID-19 led to social engineering opportunities and pressured organisations struggling with business continuity, travel restrictions and remote working.
As data is a high value, sought after commodity, security leaders should consider embracing adaptive security - putting the right controls in place to help create a safe and secure working environment for their enterprise recommends Accenture.
New TTPs target business continuity
Sophisticated threat actors have been observed targeting platforms such as Microsoft Exchange and OWA, to conduct malicious activities.
Such compromises are a breeding ground for malicious activities. Web-facing, data-intense systems and services that communicate externally can make it easier for adversaries to hide their traffic in background noise, while authentication services could open up a credential harvesting opportunity for cybercriminals.
“Such capabilities and detection evasion approaches underline the importance of identifying and tracking priority adversaries and then threat hunting against the specific behaviours employed by the priority adversaries,” said Accenture.
Masked or noisy cyberattacks complicate detection
Cyberthreat actors routinely chain together off-the-shelf tools with living-off-the-land techniques, complicating detection and attribution.
These activities have occurred in Europe, North America and Latin America, and there has been significant activity directed towards emerging economies and India. And threat actors - increasingly, organised cybercriminal groups - continue to try to compromise their victims’ supply chains.
“Organisations should ensure they understand the commonly used tools and techniques, especially those involving malicious use of native systems and penetration test tools and validate they can be detected in their environment,” says the report.
Ransomware feeds profitable, scalable business
Alongside finding new ways to infect businesses with ransomware, threat actors are finding new ways to influence victims to pay.
In November 2019, a new, game-changing strain of ransomware known as Maze infected a large security staffing company, stole company data and notified the media - eventually publicly releasing 700MB of data when the ransom was not paid. “This “name and shame” approach adds pressure on victims to pay up, even though law enforcement and the cybersecurity industry have always advised against paying ransoms,” says the report.
Accenture expects threat actors employing these tactics to continue to evolve and proliferate for the remainder of 2020 and beyond.
Connectedness has consequences
Powerful technologies and the Internet enable greater connectivity and expose critical systems that attackers are finding new ways to exploit.
“Increasingly, businesses are using unpatched and untested devices - which pose a much more realistic and accessible target. Cloud and Internet connected devices are far more widespread. Security leaders are fighting back, using public bug bounty programs and detection frameworks, but Operational Technology (OT) threats still prompt the need for more effective security controls,” comment Accenture.
The pandemic has opened the door to opportunistic threats that put unprecedented pressure on organisations as they struggle with business continuity, travel restrictions and remote working.
“As data continues to be seen as a high value, sought after commodity, security leaders should consider embracing adaptive security - putting the right controls and monitoring in place to help create a safe and secure working environment for their enterprise,” concludes Accenture.
GfK and VMware: Innovating together on hybrid cloud
GfK has been the global leader in data and analytics for more than 85 years, supplying its clients with optimised decision inputs.
In its capacity as a strategic and technical partner, VMware has been walking GfK along its digital transformation path for over a decade.
“We are a demanding and singularly dynamic customer, which is why a close partnership with VMware is integral to the success of everyone involved,” said Joerg Hesselink, Global Head of Infrastructure, GfK IT Services.
Four years ago, the Nuremberg-based researcher expanded its on-premises infrastructure by introducing VMware vRealize Automation. In doing so, it laid a solid foundation, resulting in a self-service hybrid-cloud environment.
By expanding on the basis of VMware Cloud on AWS and VMware Cloud Foundation with vRealize Cloud Management, GfK has given itself a secure infrastructure and reliable operations by efficiently operating processes, policies, people and tools in both private and public cloud environments.
One important step for GfK involved migrating from multiple cloud providers to just a single one. The team chose VMware.
“VMware is the market leader for on-premises virtualisation and hybrid-cloud solutions, so it was only logical to tackle the next project for the future together,” says Hesselink.
Migration to the VMware-based environment was integrated into existing hardware simply and smoothly in April 2020. Going forward, GfK’s new hybrid cloud model will establish a harmonised core system complete with VMware Cloud on AWS, VMware Cloud Foundation with vRealize Cloud Management and a volume rising from an initial 500 VMs to a total of 4,000 VMs.
“We are modernising, protecting and scaling our applications with the world’s leading hybrid cloud solution: VMware Cloud on AWS, following VMware on Google Cloud Platform,” adds Hesselink.
The hybrid cloud-based infrastructure also empowers GfK to respond to new and future projects with astonishing agility: Resources can now be shifted quickly and easily from the private to the public cloud – without modifying the nature of interaction with the environment.
The gfknewron project is a good example – the company’s latest AI-powered product is based exclusively on public cloud technology. The consistency guaranteed by VMware Cloud on AWS eases the burden on both regular staff and the IT team. Better still, since the teams are already familiar with the VMware environment, the learning curve for upskilling is short.
One very important factor for the GfK was that VMware Cloud on AWS constituted an investment in future-proof technology that will stay relevant.
“The new cloud-based infrastructure comprising VMware Cloud on AWS and VMware Cloud Foundation forges a successful link between on-premises and cloud-based solutions,” says Hesselink. “That in turn enables GfK to efficiently develop its own modern applications and solutions.
“In market research, everything is data-driven. So, we need the best technological basis to efficiently process large volumes of data and consistently distill them into logical insights that genuinely benefit the client.
“We transform data and information into actionable knowledge that serves as a sustainable driver of business growth. VMware Cloud on AWS is an investment in a platform that helps us be well prepared for whatever the future may hold.”