With an increasing number of enterprises, corporations, and small businesses getting their businesses, including a majority of their operations such as sales, marketing, and delivery online, the dependency on IT is higher than ever before. Critical data is stored on remote servers and this coupled with the concept of work from home, popularized by Covid, further increases the risk of cyber-security. Home offices are vulnerable in terms of firewalls, routers, and secure devices compared with enterprise IT infrastructure which is protected by professional security experts. This places a huge emphasis on cyber-security which has to identify and mitigate new security vulnerabilities, improve systems and implement security controls to ensure safety and security of the IT ecosystem. Here are the emerging areas of focus when it comes to cyber-security.
The Internet of Things (IoT) - IoT creates several opportunities for cyber criminals. IoT helps connect devices other than computers, phones and servers, things such as audio systems, microwaves, OTGs, refrigerators, smart watches etc. this amplifies the potential possibilities for cyber-attacks. And this needs a new look at security, besides the existing firewalls, antivirus and other security applications.
Ransomware - There are several high profile cases involving ransomware and extortion involving criminals that steal a corporation’s data and encrypt it so it cannot be accessed. Victims are then blackmailed for a ransom. This threat is significant considering critical data is at stake and there are huge cost and reputation implications for the victim.
Cloud security threats - Extensive adoption of remote working has increased the demand for cloud-based services and infrastructure, and vulnerability to the cloud environment is one of the biggest cyber security threats - an industry trending issue. While cloud services offer a range of benefits, they are a key target for attackers. Care has to be taken with proper security settings and sufficient IT expertise to handle the demands of cloud computing.
Social engineering attacks - Attacks like phishing are threats that are increasingly widespread due to a growing remote workforce. Individuals connected to their employer’s networks from home are targeted since they are vulnerable. There has also been an increasing number of whaling attacks and SMS phishing called ‘smishing’, gaining prominence due to the growing usage of messaging apps such as WhatsApp, Skype and WeChat. Also growing is voice phishing, ‘vishing’ where hackers posing as customer service representatives trick customers into providing them with valuable information.
Data privacy as a discipline - Among the important trends is the aspect of data privacy as a discipline in itself. High profile cyber-attacks have resulted in the exposure of millions of personally identifiable information records (PII). Organisations are now having a bigger emphasis on data privacy with access control, encryption and multi-factor authentication.
Artificial Intelligence (AI) – With the volume of cyber security threats growing in volume, organisations are turning to AI to strengthen their security infrastructure while also achieving cost savings. AI can contribute towards building automated security systems, NLP, face detection and automatic threat detection. AI also makes the analyzing of massive quantities of data possible, at a faster pace. Of course, criminals are also leveraging AI to automate their attacks!
Mobile cyber-security – With remote working, there is a visible growth in mobile usage. It is common for workers to use tablets and phones on public Wi-Fi networks and remote collaboration tools which result in threats in terms of mobile usage. The recent announcement of 5G also creates security vulnerabilities which need to be patched as and when identified.
Mobile cyber-security also broadly covers back-end/cloud security, network security and the connected objects (Internet of Things), such as wearables. Security specialists are bringing together mobile software security solutions with traditional hardware-based security solutions to protect sensitive data.
Dayananda Sagar University (DSU) offers a B.Tech program in Computer science & Engineering with specialisation in cyber-security, designed to address the industry’s increasing need for skilled security professionals in data security and network/ cloud security spaces. The program covers fundamental subjects in computer science and subjects specific to cyber-security, equipping students with the knowledge and skills required to detect, analyse and respond to attacks, and develop security policies standards. The four-year undergraduate curriculum covers subjects in cyber security, cryptography, network security, secure programming and ethical hacking. Successful individuals can pursue lucrative careers as cyber-security experts in various industries.
Copyright © 2023 DSU. All Rights Reserved