Tag Archives for " Enterprise – network security "

IoT Medical Devices Security Vulnerabilities on Wi-Fi Networks

IoT medical devices security

IoT Medical Devices Security Vulnerabilities  on Wi-Fi Networks

IoT medical devices security vulnerabilities

IoT medical devices security vulnerabilities affects many different types of in-hospital equipment including diagnostic equipment (e.g., MRI (Magnetic Resonance Imaging) machines and CT (Computerized axial Tomography) scanners), therapeutic equipment (e.g., infusion pumps and medical lasers) life support equipment (e.g., heart support machines), internet-connected devices for monitoring patients vital signs (e.g., thermometers, glucometers, blood pressure cuffs, wearables), as well as novel, intelligent and disruptive devices which can keep track of medication schedules (e.g., GlowCap outlets and AdhereTech wireless pills).

The Internet-of-Things (IoT) is gradually realizing a radical transformation of healthcare services based on the deployment of numerous medical devices, which already represent a considerable segment of the billions of internet-connected devices that are nowadays available.  

These devices are used in conjunction with mobile terminals (e.g., tablet computers, smart phones) which enable health professionals both to configure them and to visualize their data. Moreover, several IoT applications integrate RFID tags, as a means of uniquely identifying and associating with each other devices, patients, doctors, drugs, prescriptions and other artifacts engaging in the care service provisioning process. While several of the above listed devices can be deployed in the patients’ homes, the majority of them are deployed in the hospital environment.

In principle, IoT technologies enable the processing of data and the orchestration of services from all these devices in order to facilitate health professionals to access accurate and timely information about the patients’ status, but also to configure disease management processes for prognosis, diagnosis and treatment. Beyond disease management, the deployment of medical devices in the hospital can be also used to boost the efficiency of hospital operations.

As a prominent example, the continuous monitoring of medical devices can serve as basis for reducing their downtime. Likewise, devices emit notifications that can trigger proactive maintenance and replenishment of supplies. Furthermore, information from medical devices can be exploited in order to optimize resources utilization and patient scheduling. Based on these processes, healthcare will become a setting that will annually contribute over $1 trillion to IoT’s business value by 2030, as projected by a recent report of McKinsey Global Institute.

IoT Medical Devices Security Risks

The expanded use of IoT medical devices in hospitals raises serious privacy and security challenges, given the proclaimed and widespread vulnerabilities of wireless devices. IoT medical devices security vulnerabilities has always been a concern for applications, but in the case of healthcare it is a matter of life and death. Indeed, beyond compromising patient’s data confidentiality, security vulnerabilities can have life-threatening implications, as IoT devices are used to control medication or even to drive surgical interventions and other therapeutic processes.

Since commands to several devices are transmitted wirelessly, hackers can invade the wireless network in order to gain control over devices and transmit unauthorized commands with fatal results. For instance, a malicious attack against an insulin pump can lead to a wrong dose to a diabetes patient. As another example, the hacking of an electrical cardioversion device could instigate an unnecessary shock to a patient.

There is a host of different IoT medical devices security vulnerabilities  easily include a non exhaustive list of common attacks includes:

  • Password hacking: It is quite common for medical devices to be protected by weak passwords that can be hacked. This is the case when the built-in passwords provided by the device vendors are maintained.

Hackers can easily discover such passwords in order to gain access to device configuration information. Moreover, in several cases, hackers are also able to control the device and use it to launch more advanced attacks.

Poor Security Patching: Some medical devices are poorly patched, either because some patch has not yet been deployed on the device or because the device runs an “old” operating system (e.g., an older version of Windows or Linux). Poorly patched devices are vulnerable to malware and other attacks, which makes them an easy target for hackers.

Wi-Fi: The weak link in IoT Medical Devices Security Vulnerabilities 

Denial of service attacks: Medical devices are usually lightweight and resource constrained, which makes them susceptible to denial of service attacks. The transmission of simultaneous requests to the device can cause it to stop, disconnect from the network or even become out of order.

 Unencrypted data transmission: It’s quite usual for attackers to monitor the network in order to eavesdrop and steal passwords. The transmission of unencrypted data can therefore ease their efforts to gain access to the device in order either to extract information or even exploit the device for transmitting malicious commands.

Most of the medical devices are Wi-Fi enabled, which renders Wi-Fi the technology that carries the vast majority of the traffic that is exchanged between medical devices. However, Wi-Fi networks are conspicuously associated with IoT Medical Devices security vulnerabilities , which make them the weak link.  For example, the WEP (Wireless Encryption Password) mechanisms that empower Wi-Fi security are weak, as WEP passwords can be easily stolen.

This can accordingly enable hackers to launch attacks based on the sniffing of unencrypted traffic. In order to alleviate WEP problems, IEEE and the Wi-Fi community have specified and implemented Wi-Fi standards and protocols (e.g., WPA2, WPA2-PSK (TKIP/AES)) with much stronger encryption capabilities. Nevertheless, not all medical device vendors provide proper support for these standards, putting the operation of devices and their interoperability with others at risk.

In recent years, special emphasis has been given in producing standards and best practices for securing wireless medical devices, on the basis of the implementation of appropriate authentication and encryption mechanisms.

This has led to the specification of IEEE 802.1X, which is a ratified IEEE standard for network access control. 802.1X is flexible and supports a variety of Extensible Authentication Protocol (EAP), including EAP with Transport Layer Security (EAP-TLS) and Advanced Encryption Standard (AES) encryption. The latter provides two-way authentication between devices based on the installation and use of X.509 certificates.

IoT medical devices security challenges

Alleviating IoT Medical Devices Security Vulnerabilities 

IoT medical devices security deployment considerations

The vision of IoT enabled hospital care cannot be realized without very strong security. CIOs and IT managers of healthcare services providers cannot therefore afford to treat security investments with caution, in an effort to reduce budgets which could ignoring low-probability risks.

Rather, they should adopt a holistic approach to securing medical devices and their operation, spanning technology, processes and security policy aspects.

At the technological forefront, latest Wi-Fi technologies offering strong security and encryption features should be deployed and tested.

This may involve purchasing technologically advanced equipment and testing it in terms of security features, configuration problems, wireless stability and more. There is also a need for medical engineering processes in order to ensure that IoT-enabled process provide high security levels.

IoT medical devices security vulnerabilities is particularly important in the case of the trending BYOD (Bring Your Own Device) services, which involve the deployment and use of third-party devices as part of healthcare processes.

Moreover, as part of the holistic security approach, hospitals must tweak their security policies in order to keep up with IoT-related technological developments.

The right technology, the proper processes and an IoT-aligned security policy provide a sound basis for hospitals to adhere to security and privacy regulations, to avoid relevant liabilities and ultimate to maximize returns on their IoT investments.

The Next Generation of Medical Devices Recruitment

The NextGen Executive Search medical devices recruitment team is intimately familiar with the newest FDA regulations, market trends, and the design of EMR / EHR clinical integrated systems, diagnostics, imaging, IV infusion therapies, in-hospital monitoring, and implantables. Our executive search firm also leads in IoT and wireless recruitment services. We identify and develop candidates so that in the shortlist we deliver to clients those who not only meet, but exceed your expectations. We target only "A players" who produce 8 to 10 times more than "B players, backed by an industry leading 12 to 36 month replacement guarantee. For more information on medical devices recruitment process or to speak with the medical devices executive search practice lead, click on the image below.

Medical Devices executive search firm

Industrial Robotics Cyber Security Challenges for IIoT – Internet of Things

Industrial Robotics cyber security in IIoT

Industrial Robotics Cyber Security Challenges in IIoT

The line is blurring between information technology (IT) and operational technology (OT). As more industrial robotics equipment is connected to the industrial internet of things (IIoT), the vulnerabilities increase. Among the many devices being added to networks are robotic machines. That’s raising red flags for some experts. And it has many people worried. What are the risks associated with connecting an army of robots? It’s the stuff of science fiction.

Industrial Robotics Cyber Security Concerns on the Rise

The World Robotics Report 2016 gives us some insight into the scope of global automation growth: “The number of industrial robotics deployed worldwide will increase to around 2.6 million units by 2019.” It says that the strongest growth figures are for Central and Eastern Europe. The report cites China as the market for growth, and says that North America is on the path to success. “The USA is currently the fourth largest single market for industrial robots in the world,” according to the report.

TechCrunch contributor Matthew Rendall says “Industrial robotics will replace manufacturing jobs — and that’s a good thing”. He writes that the “productivity growth” behind 85% of job losses is all about machines replacing humans. Luddite and famous poet Lord Byron would not have been pleased. But Rendall is not bothered. He says that “more is getting done” by industrial robotics that are safer and more reliable than human beings.  And he believes that this robotics revolution will be beneficial to workers and society in the long run.

All this rush to automation might be the best thing since jelly doughnuts. But one question could make all the difference between abysmal failure and glorious success:  Can we keep them secure?

Challenge in Industrial Robotics Cyber Security

We probably don’t need to worry about robots taking over the world any time soon. (Let’s hope, anyway.) What concerns security experts is that our computer-based friends can be hacked. Wired Magazine reports how one group of researchers was able to sabotage an industrial robotics arm without even touching the code. That’s especially worrying when you think that most industrial robotics have a single arm and nothing else. These devices are made to make precise movements. Hackers can change all that.

Industrial Robotics cyber security challenge

German designer Clemens Weisshaar addressed the issue in a form at Vienna Design Week in 2014.  “Taking robots online is as dangerous as anything you can put on the web,” he said. In a video from the forum, Weisshaar talked about how even his company’s robot demonstration in London had been hacked within 24 hours. They even tried to drive his robots into the ground.  “If everything is on the internet,” he said, “then everything is vulnerable to attack.”

Industrial robotics cyber security challenges are only one part of what many are calling Industry 4.0. It’s a trending concept -- especially in Germany -- and it’s another way of referring to the Fourth Industrial Revolution. To understand what this is about, we should first reach back in the dim recesses of our minds to what we learned in history class in school.

The Industrial Revolution, as it was originally called, took place in the 18th and 19th centuries. It started in Great Britain and involved the harnessing of steam and tremendous advances in production methods - the 1st.  Next came the 2nd roughly from 1870 until World War I in the USA. This involved the use of electricity to develop mass production processes. Th 3rd brought us into the digital age. Part four is upon us now.

A video from Deloitte University Press introduces us to the Fourth Industrial Revolution -- Industry 4.0. It gives a good summary of the four “revolutions”, and it talks about some of the new technologies that now define our age:

  • Internet of Things (IoT)
  • Machine Learning
  • Augmented Reality
  • Mobile and Edge Computing
  • 3D Printing
  • Big Data Processing

“These technologies,” says the narrator, “will enable the construction of new solutions to some of the oldest and toughest challenges manufacturers face in growing and operating their business.” They also make up the environment in which hackers flourish.

Industrial Robots Cyber Security Challenges for IoT Data and Devices

In this space we have already discussed the security vulnerabilities of IoT devices. We told you how white hat hackers proved that they could commandeer a Jeep Cherokee remotely by rewriting the firmware on an embedded chip. Imagine what hackers with more sinister motives might be planning for the millions of robotic devices taking over the manufacturing shop floor -- supposing they are all connected.

Some researchers tackled the issue in a study called “Hacking Robots Before Skynet”. (You will remember from your science fiction watching that Skynet is the global network that linked robots and other computerized devices in the Terminator movie franchise.) The authors had a lot to say about the current state of cybersecurity in the industrial robotics industry.  We can borrow directly from the paper’s table of contents to list what they call “Cybersecurity Problems in Today’s Robots”:

  • Insecure communications
  • Authentication issues
  • Missing authorization
  • Weak cryptography
  • Privacy issues
  • Weak default configuration
  • Vulnerable Open Source Industrial Robotics cyber security Frameworks and Libraries

Each of these topics could probably merit a full article on its own. The researchers explained further: “We’re already experiencing some of the consequences of substantial cybersecurity problems with Internet of Things (IoT) devices that are impacting the Internet, companies and commerce, and individual consumers alike,  Cybersecurity problems for industrial robotics could have a much greater impact.”

What might that impact be? Well, to start with, robots have moving parts. They tell how a robot security guard knocked over a child at a shopping mall. A robot cannon killed nine soldiers and injured 14 in 2007. And robotic surgery has been linked to 144 deaths. It’s not Skynet yet, but connecting robots has its risks.

How we communicate with machines and how they communicate with each other are matters that require significant attention. Arlen Nipper of Cirrus Link Solutions talks about MQTT, which is a protocol for machine-to-machine (M2M) messaging. Manufacturing designers and operators send instructions to one-armed industrial robotics, who work in a variety of industries from automotive to aerospace to agriculture to packing and logistics. All this talking back-and-forth with industrial robotics cyber security has to be regulated. NIST’s Guide to Industrial Control Systems (ICS) Security has a few references to robots. But maybe not enough.

Personal Cyber Security Has Now Become More Personalized

Personal Cyber Security Has Now Become More Personalized

Rubica personal cyber security

Cyber-attacks are amplifying across the globe.  Personal cyber security is important as not only have they becoming more frequent, but they are also impacting a wider band of digital terrain. A single worm, like WannaCry is capable of infecting countless systems in numerous ways, from email accounts to personal data to service disruptions and other critical disturbances. The impact and frequency has led to billions of dollars’ worth of damage, to include lost productivity. Damage to an organization's reputation is not even calculable.

Budgets are growing tight due to the continued cost of cyber security protections and investigations. While this regularly effects large organizations, small to mid-size businesses are also seeing an increase in cyber-attacks. Hackers are turning toward smaller targets because they are less likely to have secure infrastructure and even less likely to know they are under attack. A worm or virus can sit in a computer system for months and without an in-house IT team, small businesses are especially vulnerable.

Personal Cyber Security Thwarts Hackers

A target that is even smaller than a small business is you. Personal cyber security is becoming more relevant as hackers seek out any vulnerability. But if small businesses can't even afford an IT team, and if large organizations are finding their budgets shrinking due to cyber security costs, then how can an individual protect themselves?

Personal Cyber SecurityCompanies like Rubica are offering personal cyber security options that protect individuals, and the businesses they own or work for, from cyber-attacks by providing easy-to-use and affordable cyber security options.

Personal Cyber Security for executives

I rarely recommend any company's products or services, but Rubica has options and features that warrant a serious look by executives and Board members alike.

Far too often individuals do not adhere to security protocols because the protocols are too complicated or time-consuming. People take short-cuts to avoid tedious passwords or log-in requirements.

Doing so on your personal device is risky, but when your personal device is also synced to business applications results can be catastrophic. By providing employees with personal cyber security features, Rubica protects individuals and businesses.

Some of Rubica's defining features include its mobile ready app that can be downloaded on desktops, tablets and smart phones. There is no need to install hardware or receive staff training on its use. The app is backed by Rubica’s signature concierge service. The cyber ops team is on call at any time. But users rarely need to contact Rubica since the security app and service does its work without the user even knowing.

Personal Cyber Security Solution by Rubica

Rubica’s cyber ops team provides personal cyber security to any user who has downloaded the application. Once downloaded, the cyber ops team is able to monitor your data, identify threats and alert you when necessary. By paying attention to personal behavior patterns, the team is able to deduce when an imposter has entered a network.

If the idea of data and behavioral monitoring is not a price you are willing to pay in exchange for personal cyber security, then don't worry. Rubica can be turned on and off. Users are able to access the app and view activity graphs, review investigated events and ask Rubica staff questions about their data or any ongoing threats. Rubica’s personalization means that your personal cyber security choices just got more personal.

Require the rolodex and expertise of an executive search team?

NextGen has a solid track record in identifying and recruiting "A players" - the top 14% of the workforce that produces 8 to 10 times more than even "B platers" - AND these "A players" exist at every level from lead software developer to cyber analyst to Director of business development to VP of Cyber Counterintelligence and much more.  We recruit for red, blue, and purple teams for cyber defense contractors and DoD as well as private sector cyber security needs.  

Cyber security executive search firms

Healthcare Industry Unprepared for Cyber Attacks and here’s why…

Healthcare Industry Unprepared for Cyber Attacks

Healthcare Industry Unprepared for Cyber Attacks and Here’s Why…

Healthcare industry unprepared for cyber attacks as the cybercrime threat landscape for medical devices and electronic health records is evolving at unprecedented rates.  The malicious intent of financially motivated or state-sponsored cyber-criminals was best served by victimizing financial institutions, power infrastructure and the business sector. The sheer wealth of profitable consumer information stored within the servers and IT networks powering these industry segments attracted attacker interests for decades. At the same time, these industries are investing vast resources to strengthen their security posture. Cybercriminals pursuing easier targets are aiming for the healthcare industry instead, where a similarly vast deluge of sensitive personally identifiable information powers increasingly digitized healthcare services from less-secure network infrastructure.

Inherent Loopholes as Healthcare Industry Unprepared for Cyber Attacks

Healthcare institutions excel in medical practices but are inherently prone to security attacks. 2017 might have seen only a limited number of successful attacks, but make no mistake that the healthcare industry unprepared for cyber attacks is a very real threat, and here’s why:

The future of healthcare centers is paperless medical practices. Digital patient information stored in network-connected servers is a recipe for disaster unless strong security defense capabilities are in place to ward off sophisticated cyber-attacks. And that’s precisely the problem with the healthcare industry unprepared for technology adoption.

healthcare industry unprepared for cyber attacks and here is why

While the government and the industry is pushing to embrace Electronic Health Record (EHR) systems, the same attention is not given to invest in strong security solutions, technologies, and processes across the widening industry of healthcare institutions, hospitals, surgery centers and EMR/EHR management providers.

Equating Compliance to Security: Global regulatory authorities enforce strict laws to ensure security of digital health records and electronic systems used in the healthcare industry. However, these laws are designed to establish and maintain a minimum standard of security capabilities and practices. The risks could be far worse and varied. Therefore, the healthcare industry unprepared for cyber attacks by maintaining compliance standards such as HIPAA do not translate into strong security capabilities.

Lack of Security Awareness: A significant proportion of life-threatening spearphishing and ransomware attacks are designed to exploit the human element. Random clicks to malicious links by unsuspecting workforce in the healthcare industry cost millions of dollars in damages. Inadequate workforce education and training on maintaining security of digitized records and new healthcare technologies is prevalent in the industry considering the simple root causes of these costly attacks.

Lack of Resources: Many healthcare institutions do not operate on the same IT security budget in comparison with financial and business organizations. A recent conducted by The Ponemon Institute finds healthcare organizations rate their ability to defend against cyber-attacks at a meager 4.9 out of 10.

Outsourcing May Alleviate Healthcare Industry Unprepared for Cyber Attacks

Healthcare institutes work to excel in the services they have to offer, and tend to outsource critical healthcare IT operations. These IT service providers are subject to strict regulations including HIPAA, whereas healthcare organizations cannot accurately assess the risk of business associates or ensure security of Protected Health Information (PHI) shared with them.

Medical Devices executive search firm

Mobile Threat Exploits Are You Prepared to Defend Against Malicious Apps?

Mobile Threat Exploits

Mobile Threat Exploits Are You Prepared to Defend?

When we think of cyber threats to endpoints, typically what comes to mind is the need to protect our PC’s and laptops. Many more businesses are adding comprehensive security solutions and user policies administered to include mobile threat exploits.

But it’s unquestionable now that mobile phones are just as likely (if not more likely) to be targeted by cyber criminals. There are a few reasons for that.  The first reason that mobiles are now a legitimate target is the sheer number of them. It’s estimated that there will be over 6 billion smartphones in use by the year 2020. That’s around 70% of the world’s population using a smartphone in 3 years’ time.

Modern smartphones are now small computers. The processing power, functionality, and the way we’ve integrated them into our lives make them a treasure trove of valuable information and easy food for hackers wishing to use mobile threat exploits. And IoT Botnets further increases the vulnerability of cloud based data and mobile devices.

Many people today use their mobile phones to access online banking and as a physical payment method in store. Cybercriminals tend to follow the money and so are putting resources into targeting mobiles. Last year, security vendor ESET discovered a form of malware that presented a false version of online banking login screens to steal credentials.

Exposing Vulnerabilities of Mobile Threat Exploits

Like any operating system, there is a continual process of discovering vulnerabilities and attempting to patch them before hackers can take advantage.  

This can be complicated on the Android OS. Android is open source, allowing stakeholders to modify and redistribute it to fit their needs.

This means that when mobile threat exploits and vulnerabilities are fixed at the source, it doesn’t always translate to the problem being resolved for the user.

Mobile Threat Exploits 2018

The most famous example of this is the Stagefright vulnerability. This was mobile threat exploits in the code library associated with media playback. If a hacker sent malicious code within a video via MMS, the attack could be successful without any interaction from the user.  This vulnerability was said to affect 95% of Android users making patching a nightmare. Although there had been previous serious vulnerabilities in Android, such as FakeID, TowelRoot, and PingPong, this was the first exploit of this scale that could be successful without any user input.

No OS is Safe

Typically, we see most of mobile attacks targeted at Android devices. But iOS is not completely bulletproof. XcodeGhost was a copycat version of Apple’s development environment, used for creating apps.  Developers that used the rogue version of Xcode to create their apps unwittingly delivered their product to the App Store with the malware in tow.

Mobile Threat Exploits Protection Starts with Education

So clearly, we need a robust plan in place to protect mobile devices from mobile threat exploits. But how do we go about this? The first thing to consider is user education. When using a laptop, most people know not to open attachments from unknown sources.  But mobile users are not always as careful. Educate them to apply this same level of caution to mobiles; only downloading apps from trusted sources and giving the application, the minimum permissions required to perform its task.

Management is Not Security

Your company likely already has an Enterprise Mobility Management (EMM) solution in place. This is useful for managing a fleet of mobiles and preventing opportunistic crimes by enforcing passcodes, for example. But EMM is not sufficient to protect against more advanced threats, and most suites don’t have the functionality to detect, analyze and respond to cyber attacks. For this reason, it’s important to supplement your EMM with a Mobile Threat Defense (MTD) product.

MTD has far greater mobile threat exploits threat-detection capabilities and can help to prevent man-in-the-middle attacks, detect non-compliant or malicious apps, and spot jailbroken devices. It’s important to have this level of security on your mobile devices due to the amount of corporate data that can typically be accessed via mobile now.

User-Based Access Controls

A cloud-based Identity as a Service (IDaaS) solution can also help to increase security. The benefits of this to a business are two-fold: For the user, all their corporate systems can be accessed via a single sign-on (SSO). This eliminates the need to remember multiple login credentials.

It’s likely to be a multifactor sign-on process which is more secure than a static password. IDaaS also allows users to be automatically granted certain access rights or privileges based on their role. Employees get the right tools to complete their job function and no more. This means that in the event of a mobile threat exploits, the compromise, the amount of accessible information can be limited.

Effective Patching

As mentioned, patching mobile devices is not always straightforward, particularly in Android ecosystems. Updates can be blocked by Google, the handset manufacturer, or the mobile operator. However, this situation has improved since Stagefright. Even given these difficulties, it’s important that you have a process for keeping your operating systems up to date. This should be easy to configure in your EMM solution.

Ultimately, we don’t need the statistics to tell us that mobiles are here to stay in the business world; we see evidence of this every day. Mobiles are now integral to huge chunks of our working lives. And because of this, the threat from hackers will continue to grow.  

What steps are you taking to ensure that mobiles aren’t an easy attack vector into your business?  
And do you feel that your users are as educated on mobile threat exploits as they are about conventional PC-based malware?

Cyber security executive search firms

Cyber Security with Artificial Intelligence Elements and Ai Platforms

Cyber Security with Artificial Intelligence

Cyber Security with Artificial Intelligence Elements and Ai Platforms

Cyber-security has always been a major concern for providers, vendors and operators of IT systems and services. Despite increased investments in security technology, this has not changed, as evident in several notorious cyber-attacks and related security incidents that have taken place during the last couple of years.  It’s time to revolutionize cyber security with artificial intelligence.

For instance, earlier this year, the global “WannaCry” ransomware attack has severely affected the operations of numerous organizations worldwide, including major organizations such as Britain’s National Health Service (NHS). “WannaCry” has manifested the potential scale and physical consequences of cyber-crime incidents, while confirming the importance of proper cyber security measures.

Beyond their financial and business implications, cyber-attacks have a significant socio-economic impact as well, as they reduce citizens’ and businesses trust in IT systems and services. This lack of trust is a major issue in an increasingly connected world and in an era where IT systems are a primarily vehicle for increased competitiveness and productivity.  It’s therefore important to understand the factors that increase the number and scale of cyber security attacks, along with options for alleviating security incidents against IT infrastructures, such as phishing, botnets, ransomware and DDoS (Distributed Denial of Service) incidents.

Drivers of Advanced Cyber Security

Effective cyber-protection requires modern, advanced and intelligent cyber-security systems. The scale, complexity and sophistication of these systems are driven by the following factors:

Technology Evolution: The evolving technological complexity of cyber infrastructures renders their protection more challenging. For example, the rise and expanded use of Internet-of-Things (IoT) technologies provides cyber-crime opportunities based on the hacking of individual devices. Such hacking was hardly possible before the advent of the IoT paradigm. This is evident in the emergence of large scale IoT attacks, such as last year’s IoT-based massive Distributed Denial of Service (DDoS) attack that brought down the Dyn’s Domain Name System (DNS) and affected major internet sites like Twitter, Amazon and Spotify.

Complex Regulatory Environment: Nowadays, IT infrastructures’ operators and IT service providers need to adhere to quite complex regulatory requirements, including sector specific requirements (e.g., regulations for financial institutions) and general-purpose regulations such as EU’s general data protection regulation. The implementation of security policies and controls that address these regulatory requirements contributes to the rising complexity of cyber-security systems.

Convergence of Physical and Cyber Security: IT systems are increasingly becoming connected and interdependent to physical systems and processes. This is for example the case with most industrial organizations, which converge their cyber physical infrastructures as part of their digital transformation in the Industry4.0 era. Industry4.0 infrastructures in sectors like energy, manufacturing and oil & gas form large scale cyber-physical systems. This cyber-physical nature leads gradually to a convergence of physical security and cyber-security measures and policies towards greater effectiveness and economies of scale. Converged cyber and physical security measures are more appropriate for identifying and mitigating complex, asymmetric security incidents, which are likely to attack both cyber and physical systems at the same time. Overall, while this convergence is beneficial for industrial organizations, it leads to a widening complexity for the respective security systems.

New Business Models and Opportunities: The increased reliance of products and services on cyber infrastructures provides new business opportunities for providers of cyber-security solutions and services. As a prominent example, a new wave of cyber-insurance services is currently designed to support the emerging connected cars and semi-autonomous driving paradigms. These include for example, insurance business models that consider IT-derived information about the driver’s behavior as a means of adapting the car insurance fees. Supporting these opportunities implies additional security measures concerning for example the secure and trustworthy transmission of information that supports them.

Novel Approaches and Paradigm Shifts in Cyber Security​​​​

Confronting the recent wave of sophisticated cyber-attacks requires new approaches to threat identification, assessment and mitigation. Some of the main characteristics of these approaches, include:

  • Integrated and holistic nature: Instead of protecting specific devices and IT systems, there is a need for holistic, cross-cutting mechanisms that span all the different layers of modern cyber-security infrastructures, including individual device, fog/edge computing nodes, as well as cloud infrastructures. The implementation of holistic, cross-cutting mechanisms must be driven by integrated approaches to threat modelling, which identify, assess and rate vulnerabilities/threats across all different layers of a cyber-infrastructure. Assessment and rating is a key to prioritizing the deployment of specific security measures at the most appropriate places of the infrastructure. This is very important given that organizations operate based on quite constrained budgets for IT security, which makes it impossible to provide full protection against all possible vulnerabilities.
  •  Intelligence and dynamism: To cope with the emerging complex, large scale, dynamic and asymmetric attacks, there is a need for intelligent and dynamic mechanisms that can correlate information from multiple sources to timely identify security incidents and vulnerabilities. In practice, this requires the deployment of advanced data-driven techniques to security identification and assessment, based on machine learning and data mining models that implement a data-driven approach to cyber-security.
  •  Adherence to latest security standards: Fortunately, security standards have been evolving in-line with the rising sophistication of cyber-security attacks. This means that adhere to standards can be a safe path to designing and deploying systems that support the above-mentioned holistic approach to cyber-security. Organizations are therefore implementing security standards from the popular ISO/IEC 27001 on Information security management to the Security Framework of the Industrial Internet Consortium for securing cyber infrastructures that support industrial processes.
  •  User Friendly and Human Centric: Novel approaches to cyber-security should consider the human factor, to alleviate the need for end-users to understand security systems and processes. This is particularly important for organizations (such as Small Medium Businesses), which lack the knowledge and equity needed to invest in security training of their personnel.
  •  New delivery models: Organizations are increasingly adopting new delivery models for security services, such as Managed Security Systems and Security-as-a-Service. These models obviate the need for on premise installations and enable enterprises to leverage security services in a flexible pay-as-you go fashion.

The implementation of solutions with the above-listed characteristics signals a paradigm shift in the way security is designed, deployed and provided. This shift is destined to increase the cyber-resilience of organizations, including large enterprises and SMBs.

How to Revolutionize Cyber Security with Artificial Intelligence

In quest for dynamic, intelligence and holistic cyber-security mechanisms, security experts are nowadays considering the employment of AI based mechanisms. This consideration is largely motivated by recent advances in deep neural learning and AI, which facilitate the identification of very complex patterns based on human like reasoning.

Relevant technology advances have empowered Google’s Alpha AI to defeat grandmasters in the Go game, which is considered a milestone in the evolution of AI technologies. Likewise, AI techniques can be used to detect and assess complex attack patterns, as a means of preventing or alleviating large scale security incidents such as “Wannacy”.

The idea to deploy  or revolutionize cyber security with artificial intelligence can provide some compelling advantages, including:

  • Detecting complex attacks: Deep learning techniques based on advanced neural networks enable the detection of non-conventional, non-trivial security incidents that can be hardly detected based on commonly used rules and conventional reasoning.
  •  Predictive Security Analytics: AI is a perfect enabler for predictive security, through employing predictive data analytics based on deep learning. This can enable a paradigm shift from reactive to predictive security. Based on predictive security, organizations can anticipate the occurrence of threats to timely prepare and apply proper mitigation strategies.
  •  Security Automation: AI systems can increase the automation of security measures, through triggering mitigation actions automatically, upon the detection of cyber-security threats. While human involvement is always necessary and desirable, one way to revolutionize cyber security with artificial intelligence is to increase security automation, while delivering advanced protection functionalities at a lower cost.

Current and Future Status to Revolutionize Cyber Security with Artificial Intelligence

Despite these benefits, AI security implementations are still in their early stages. This is because there are several challenges to be addressed towards effective AI deployments. For example, there is a need for collecting and using large amounts of data, which are not always readily available. Therefore, AI systems are usually supported by the deployment of additional security monitoring probes, at the device, fog, edge and cloud layers of the cyber-security infrastructure.

Likewise, the effective deployment to revolutionize cyber security with artificial intelligence requires domain knowledge to avoid failures of the deep learning networks, such as failures due to overfitting on the training data. Such domain knowledge requires the collaboration of security experts, data scientists and experts in field processes, which is not always easy to achieve. Finally, there is also a need for aligning the operation of AI-based security systems with the business objectives and security policies of the organization, which can be extremely challenging.

In order to alleviate these challenges, enterprises need to consistently collect and manage security datasets, while at the same time assembling a security team with proper skills including both data science and security expertise.

Moreover, they need to leverage emerging AI-based tools in order to revolutionize cyber security with artificial intelligence for extracting knowledge from datasets, such as TensorFlow and H2O.ai.

Finally, it’s good to adopt an incremental deployment approach, which boosts the acquisition of knowledge and experience in the AI field, while gradually meeting business objectives.  As enterprises face unprecedented security challenges, new approaches are required. AI will be certainly among the most useful tools in organizations’ cyber-resilience arsenal. Despite early challenges, the best means to revolutionize cyber security with artificial intelligence are still to come.

Cyber Security Recruitment for Enterprise - Network - Mobile - Cloud - IoT - Ai

Many companies that develop machine learning platforms and utilize artificial intelligence are discovering potential issues with cyber security within deep learning networks, especially within FinTech, AdTech, and augmented reality for consumers. If you need help to identify and recruit key cyber security or Ai engineers, sales management, functional leaders, or senior executives, take a look at NextGen Executive Search.  For further information on our cyber security executive search firm or to contact us directly, click the image below.     

Cyber security executive search firms