Attack overload
As we close out what has been the most unforgettable year in the lifetime of most of us, I am taking some time to reflect back on what has occurred from a technology standpoint and what we may see as we move into 2021. Being able to reflect back over the past year, there have been great challenges for organizations of all sizes to overcome. Starting in March we are wall making the mad dash to remote work, while some organizations were prepared for this event most were not. This has lead to an increased opportunity for cybercriminals to take advantage of gaps in organizations' infrastructure. Ransomware attacks increased by 148% and the average payment increased by 33%. (Source: Fintech News)
This activity places increased pressure on security teams to ramp up their vigilance all while operating in a remote environment. The teams had to face the challenges of the organization’s accelerated moves to the cloud to support the remote workforce. In early March we saw suspected nation-state attacks from China, Iran, and North Korea against several countries. These types of attacks continued throughout the year according to The Center for Strategic and International Studies https://www.csis.org/programs/strategic-technologies-program/significant-cyber-incidents.
The rush to remote work
Security professionals began seeing security become a top of mind issue for the executive’s not just in word but deed. The organization’s realized that in the rush to the remote work and cloud infrastructure that security was not a primary business driver, but the very survival of the business. Once the smoke cleared business leaders understood that they had made themselves even more vulnerable because proper security controls were not put in place. Being able to help businesses make risk-based decisions has become more of a focus in 2020. When the business leader’s understood that security is not just a technical problem but a business risk that they own and not the CISO and security team, they became more vested in the security posture of the organization.
One of the biggest impacts for me personally has been missing all of the in-person security conferences I would get to attend yearly. Like many others, I always look forward to connecting with new people and seeing old friends at these events. While many of these events went remote, the video event will never replace real live interactions with your colleagues. I am hopeful to see some of these events return in 2021.
Cybersecurity Maturity Model Certification (CMMC)
One of the big items I have been following this year like many is the rollout of the Cybersecurity Maturity Model Certification (CMMC). This is a program related to ensuring the cybersecurity of the supply chain within the Department of Defense (DOD). The program is gaining speed and the rollout is underway with over 100 initial accessors trained and the assessment guides for level 1 and level 3 have been released. CMMC will help ensure that both prime and subcontractors within the Defense Industrial Base (DIB) have the appropriate security controls and policies in place when handling Controlled Unclassified Information (CUI). Organizations will no longer be able to self-attest to compliance but will be undergoing assessment by CMMC certified assessors. All DOD contracts will have CMMC requirements by 2025, but I suspect it may be sooner based on recent events which I will talk about next.
The world most impactful cyber-espionage event
Last but not least what may go down as the largest cyber-espionage event in history the FireEye/Solarwinds cyberattack. Based on what we know the attackers were able to comprise Solarwinds and insert malicious code into the update software of their Orion software update starting March of 2020. This went unnoticed until December when FireEye observed a compromise within their environment and some of their advanced hacking tools were stolen. As FireEye, Microsoft and the FBI begin investigating this event it was then that the Solarwinds vulnerability was discovered. We know that the Pentagon, Treasury Department, Homeland Security, and the National Nuclear Security Administration are among the federal agencies that were compromised. We also know that Microsoft source code was accessed as well. https://www.reuters.com/article/us-global-cyber-microsoft/solarwinds-hackers-were-able-to-access-microsoft-source-code-microsoft-blog-post-idUSKBN2951M9. The extent of this incident may never be truly known, but I believe this incident has driven cybersecurity to the forefront of government officials and business executives alike.
As we move into 2021, I expect more challenges ahead for us all. The key to overcoming these challenges is to be resilient and approach the new year with a confident and positive mindset. With this in mind, we will be ready to take on anything coming our way in 2021 and beyond.
댓글