The advancement of technology happens every day and those who follow the technology news know this very well. For those with an eye on the subject of security, however, it is also clear that the speed of innovation is even higher in the field of cybercrime, where new scam alternatives, highly sophisticated malware and offensive alternatives are emerging all the time. It’s a cat and mouse race that seems to have no end on the horizon.
For industry experts, it’s a constant battle, with many enemies to be faced and aspects to be taken into account, from the curious employee who clicks on a link he shouldn’t, to the complexity of hundreds of devices connected to the network without proper visibility and monitoring.
Employee behavior on a day-to-day basis can change suddenly, as can systems and infrastructure. The speed of business is law, as is the ever-faster exploitation of security vulnerabilities by cybercriminals. All are elements that lead to open doors that result in data leaks, ransomware attacks and virus installation, which are catastrophic for those involved, from CEOs of large companies to customers who have their information as a bargaining chip in these incidents.
Rodrigo Garcia, sales director at the cybersecurity company Trend Micro, is adamant: there is no such thing as 100% security. And this is not a recent finding, but a constant in the business. “The attack surface is always increasing. Protection is a daily game, which never stops and always needs to be looked at carefully, ”he said.
“An ongoing security attack kept teams up at night, wanting to understand how the criminal accessed the network from an IP in Pakistan. The vector was the login of a researcher who died three years ago, but whose account was still active at network. He used to travel and the system did not identify the ‘impossible trip’ as a risk.”
On the stage of the “World Tour Risk to Resilience” event, held last week in Curitiba (PR), the executive joked that there is always a date set for the increase in the surface of attacks: every second Tuesday of the month. That’s when Patch Tuesday happens, Microsoft’s traditional release of security updates that leads to the disclosure of a series of new vulnerabilities. Thus, a race begins between cybercriminals, who try to take advantage of the loopholes while they are available, and companies, who must update their systems quickly.
“These are times when the risk goes up there. Each company has its methodology for applying patches and must respect its windows of change, all this while employees need a new application or an unprecedented technology appears”, explains Garcia, in an interview with Canaltech. “At the same time, bad guys are also coming up with new methods of attack. We have different peaks, but the reality is that the danger is constant.”
It is also worth mentioning that these are just a few examples in a seemingly endless list that also appears in the stories that serve as inspiration for this complex article. In the same way that investments in security become a priority and grow every year, criminals also continue to evolve to circumvent unprecedented protection technologies. Phishing emails become more convincing and the stealthiest scams and today’s weapons, as you read this, may cease to be fully effective just days from now.
Battling the Digital Risk Monster
For outsiders, the scenario can resemble a hydra, which gains two heads for each one cut off by the hero. And that’s exactly how the day-to-day life of a cybersecurity professional works. “Normalizing risk is essential for it to be properly identified. Thus, we are able to communicate with the team, speak the same language throughout the organization and, above all, act”, adds Garcia.
“Every time we do a network survey, we have a bet: we ask how many devices will be found. The reality is always double the answer, with a multitude of unmanaged devices at risk.”
Although the surface is wide and attacks can come from anywhere, there are elements inherent to each field of action and also clear behaviors that can be visualized. Just as workers act in a certain way during their daily lives, so too do cybercriminals, who prefer the fastest and most devastating ways to carry out an attack and, above all, to obtain financial profit.
Today, 92% of attacks still happen via email. In Brazil, where the data of all citizens has been leaked numerous times, there is a preference for ransomware scams, which makes our country the largest in Latin America in number of attacks and one of the preferred global targets. “The world of strikers is rich. Every victim who pays the ransom contributes to the attacks continuing”, points out Trend Micro’s sales director.
Quantifying the risk, then, is key to preventing and proactively looking at the cyber-attack landscape. More than having technologies such as firewalls, email protections and identity control systems, it is important to know where to apply them and how, in order to cover the whole. “Security is never 100%. There is always residual risk, but it needs to be as such: minimal and, above all, known”, completes the sales director.
During the event, Trend Micro representatives presented some paths to safety that, like the danger itself, are multiple. Garcia himself states that there is no silver bullet when it comes to digital protection, but he also endorses the technologies and methodologies presented, such as zero trust or the integration of systems under a single umbrella of digital protection, generating a broad and unified visibility of networks.
“The superior of an executive new to the digital security industry comes to his attention after promising 100% security to a potential client. In the first attack, he would learn that the risk never goes away.”
Such an approach also solves another inherent problem in today’s security industry: the lack of qualified professionals. Again, we return to the opening theme of the Trend Micro event and Garcia’s quick chat with Canaltech, since, faced with a terrifying creature full of tentacles, the hero can feel frightened and even unmotivated in the face of a threat that seems to never be able to be defeated. Garcia’s response, however, is almost philosophical and involves the ideal of making the world safer.
“Seeing people’s lives being directly affected by a cyberattack is very painful. Being able to contribute to that does not happen, however, is what causes passion in those who enter this market”, completes the executive. “People become better because of technology and the exchange of information. Being able to help keep that flow going is what motivates me.”
