By Dr Moataz Binali
In cybersecurity, we are struck by the similarities between Covid-19 and the evolving threat landscape, writes Dr Moataz Binali, Vice President, Trend Micro MENA
The worldwide Covid-19 pandemic has left no individual or organization untouched, putting global economies under siege while upending the daily routines of billions.
Now that lockdowns are easing, we have started to consider the aftermath. What does the post-Covid world or what could the ‘new normal’ look like? It is reassuring to see that many of us are looking for lessons, to make the previous months count for something.
In cybersecurity, we are struck by the similarities between Covid-19 and the evolving threat landscape. Both hurt economies; both strike without warning; but both can be beaten with the right strategy.
Cyber-attackers have cynically leveraged the health crisis to their benefit. In the first quarter of 2020, the GCC ranked highly among its regional peers for Covid-19-related attacks, with more than 9,773 incidents recorded by Trend Micro solutions. The vast majority (8,984) were email spam attacks – the fourth highest count in Asia. A tally of 772 URL attacks ranked the Arab Gulf sixth in Asia for this type of threat. And 17 malware threats were the eighth highest total in Asia for the period.
Across the region, governments have moved quickly against the pandemic, instituting rigorous strategies that have kept us safe while allowing the economy – where possible – to keep on ticking. We can see a commonality in governments’ approaches of prevention, detection, response, and prediction, with those applied in the cybersecurity world, where we adopt a holistic strategy that rests on the same four pillars.
Any good Covid-19 strategy starts with preventing people from being infected in the first place. Raise awareness about the importance of hygiene and social distancing, and you have the foundations of a sound approach. In cybersecurity, you protect your digital estate by addressing possible points of failure, most often by ensuring applications are up to date with the latest vulnerability patches. This strategy requires effective triage, filtering the everyday threats out from the more advanced, and the unknown.
During pandemics, contact tracing is crucial, as the very nature of SARS-CoV-2 means an asymptomatic host can infect many others unwittingly. Cyber threats follow the same principle. The ability to detect a breach has a huge bearing on the scope of damage. Through an approach called connected-threat defense, endpoints, network devices, servers and more come together to provide a bird’s-eye view of an ecosystem and help threat hunters to chase down incidents.
False positives and false negatives are the bane of those trying to contain threats, be they biological or digital. Just as some may test negative for the coronavirus now but develop symptoms the following week, so can a network appear clean only to be compromised at a later date.
Constant vigilance, supported by context-rich information, allows professionals to adapt their response to fit the needs of the moment, routing resources to where they are best suited, rather than being blinded by a blizzard of alerts. An approach called XDR (extended detection and response) can really help in prioritization of response, by connecting data, applications, communications and endpoints into a single hybrid brain.
Epidemiologists the world over have teamed up with data scientists to give governments projections of the shape and nature of curves, and if (and when) a second curve may emerge. In cybersecurity, we are always aware that our ability to predict upcoming data breaches may be the difference between snuffing out a campaign or losing millions of dollars in down time and damage to brand reputation. Worth mentioning, that our 2020 predictions posited that home offices and other remote-working spaces would redefine supply-chain attacks at the cause of a vulnerable ecosystem.
Much as the approach of governments to the pandemic dictated the extent of damage the disease inflicted on their population – so could our approach to cybersecurity be the difference between business as usual and a costly lesson. Is it not better to learn the lessons ahead of time and be prepared?
Dr Moataz Binali, Vice President, Trend Micro Middle East & North Africa
Brand View allows our business partners to share content with Arabian Business readers.
The content is supplied by Arabian Business Brand View Partners.