The past year marked the end of the 2010’s and a dynamic period in cybersecurity’s growth from espionage tools, to massive data breaches, to ransomware impacts, to government, law enforcement and regulators taking notice of the development in the sector.
To mark the end of this year and decade, Infosecurity talked to a series of people from around the globe, each from a different continent, to gauge their perspective on which trends affected their region, and how cybersecurity impacted local businesses and culture in their view.
Representing the USA and the Americas was Siddhesh Patel, program manager for cyber solutions at Lockheed Martin. We asked if, in his view, cybersecurity got better or worse in 2019? He said that from a Lockheed Martin standpoint, certain trends have continued, one of which was supply chain which he called “a critical factor in what we are looking at.” This was because attackers moved from large organizations to smaller corporations, and a result have a higher success vector.
“On the same trend, we’ve seen attackers go after smaller government entities and local governments getting attacked with ransomware,” and he called this a “shift in the mentality over the past year” which he believed will continue into the future.
Is this because of the spotlight on the USA? “I think so, as cybersecurity is paramount in the US and as more focus is placed on it with the different types of attacks that are occurring.”
Supply Chain
On the theme of supply chain, we’ve seen a number of attacks where a third party was leveraged to attack a greater entity, and not just with US retailer Target as the sole subject. Has this been a bigger problem in 2019, or is it something we have been dealing with for a number of years? Patel said that it is becoming more evident that supply chain is going to become more and more critical.
He claimed that the emphasis should be on how to leverage the capabilities that Lockheed Martin and other defense organizations have, and can pass down the supply chain. “How do we support them in ensuring that they can be as secure as possible and prevent attacks from coming up that way?”
Patel said that another challenge is about which policies should be put in place to ensure that companies are doing their due diligence to ensure that their products and systems are secure, and what can Lockheed Martin do to prevent things from happening outside of our control? “What security limitations are we putting in place to ensure that we should prevent that from occurring?”
Nation State and APT Attacks
The conversation moved on to advanced persistent threats (APTs) and nation state attacks, common trends of the last 10 years. Patel said he did feel they were being taken more seriously, and between the current ways that policies are being implemented and current politics, there is a lot more visibility of these.
“I think this is something that the defense industry has tracked for more than 10 years and certain high profile attacks have come to light over the past few years, certainly Stuxnet and things of that nature, but there is more focus on nation states and the types of attacks they are using and the infrastructure they are going after,” he said.
Specifically, he named critical infrastructure as a target, and “facilities that may not utilize traditional software.”
Is this the same conversation as with third party security? “Absolutely, as Lockheed Martin is a huge systems integrator, one thing we have noticed is that components are developed and manufactured at many levels and when you talk about integrating these systems together, it is definitely a third party supply chain issue that we’re facing,” he said.
“That is where critical infrastructure is going to play a big part as well. At certain points in time you’re not going to be able to control all of the components. So how do you secure a system holistically after the fact? There is a lot of work going into that too.”
He added that there is increased attention on vulnerabilities, and “patchable vulnerabilities” where there has been a “general historical lack of cybersecurity implementation.”
Security Culture
Looking more generally at security attitudes, is there a different attitude in the USA towards risk and threats? He said that there was, especially as cybersecurity “is a personnel issue as much as a technical issue when it comes to training personnel so they understand their responsibility as part of this for cyber-hygiene.”
He called this “critical” as being in the defense industry, training is something they see on a day-to-day basis, but it needs to be considered in the private industry too.
2020 and the Future
Looking forward, does he see the next year and decade to be more positive than the last? Patel believed that we will continue to have threat actors using advanced techniques and technologies, but to counter that there is a move to leverage Big Data, AI and Machine Learning, which he said are trends moving forward.
“Allowing analysts and cybersecurity professionals to use the data that we have gathered over years and years and leverage them against the attacks that are occurring will be a critical first step in combating these advanced techniques,” Patel said.
In terms of skills, Patel highlighted cyber-analytics as a key skill set that continues to grow, as “to be able to disseminate information to ensure we keep up with situational awareness and security posture of all organizations, whether it be private or government, will be something that will be critical.”
He also flagged reverse engineering as a critical skills set, and deep data learning will be a trend for the next few years, “as Big Data is an opportunity for cybersecurity professionals to be able to understand correlations and make links between attacks that are not new.”