Collaboration Is Key to Combatting Cybercrime
Contributed Commentary by Matthew Grulke
April 9, 2021 | The global pandemic ushered in a new world of work, and the wakeup call regarding how challenging this new world was going to be different for each of us. For one chief information security officer (CISO), the realization came during the first of what has become an interminable series of video calls. It happened when the Amazon Alexa virtual assistant belonging to one of the meeting’s participants was inadvertently triggered by something said in the meeting.
Suddenly, it was evident: having everyone working at home was going to be a new adventure.
Labs and Hospitals at Risk
Cybersecurity challenges have only escalated during the COVID-19 crisis, particularly in the fields of science and healthcare. The past year has seen a dramatic increase in the number of breaches and ransomware attacks for the enterprise networks of labs and healthcare facilities. Some attacks have been aimed at gathering personal data; others have sought payment in return for freeing data held for ransom.
The spike in cyberattacks can be partially attributed to the circumstances surrounding the crisis. Attackers—whether they be state actors, criminals, or predatory activists with ideological agendas—recognized that a crisis equals opportunity. When lives are on the line, a clinic or hospital has no time to seek help to counteract a ransomware attack; they are forced to quickly pay up and get back to work.
The pandemic also brought a massive increase in remote computing. Virtually overnight, most organizations had no choice but to send employees home to work, creating an exponential increase of what CISOs like to call the attack surface. Suddenly, everyone not deemed essential was working remotely, with no time to implement virtual private networks or train people to avoid bad behaviors like loading non-business apps on laptops. Network edge points were at risk like never before.
As the pandemic raged, a pair of cybersecurity incidents grabbed headlines.
In December 2020, FireEye, a renowned cybersecurity vendor, was hit by hackers, who stole proprietary software the company uses to test its customers’ defenses. Then, in early March, US government investigators learned that at least 30,000 Microsoft Exchange servers had been breached using a chain of vulnerabilities.
These high-profile intrusions illuminate two truisms in cybersecurity: No organization—not even a successful data security company like FireEye—is immune; and no one can afford to be less than vigilant.
Effective cybersecurity is never a “set it and forget it” process. Veteran CISOs believe the most sophisticated cybersecurity best practice has a shelf life of about five years. By that time, hackers have built new tools and found new ways to exploit enterprise networks. If an enterprise, or their software vendors, are not running faster than the bad guys they will lose the cybersecurity race every time.
Collaboration a Possible Cure
One of the most important trends in the battle against attackers is the move toward information sharing between organizations and their software vendors.
From the early years of cybersecurity, control was typically maintained by the central organization. When that company was looking to add software to its network, security parameters were included in the request for proposal that was circulated to qualified potential vendors. Recently, though, CISOs have realized an important element of effective data security is to work with software vendors to ensure the proper tools and protocols are in place when implementation begins, and stay in place as long as the software is being used. Increasingly, they are looking for vendors who not only take cybersecurity seriously but who also walk their talk by adopting a culture of cybersecurity throughout their enterprise.
When considering a vendor, there are a few critical things to look for:
Partners who embrace Security By Design: Effective security begins at the code level, and those suppliers who really get it are using tools like SonarQube to ensure vulnerabilities are detected before they get into your network.
Partners who test: Developers are well-versed in testing code for processing flaws, but the software vendors who take cybersecurity seriously are now also employing their own IT personnel and/or outside suppliers to come at their products with everything they have got. Penetration testing and employing “white hat” hackers are vital approaches to ensuring solutions will not break under real assaults.
Partners who live cybersecurity: A vendor’s commitment to safety should not only apply to what they sell; if they do not embrace best practices within their own ranks, how can you fully trust them to deliver a breach-resistant addition to your technology stack?
Being secure in the Digital Age requires commitment and continual vigilance. Bad actors continue to look for new methods to breach networks, but, like all thieves, they look for the easy targets. Hardening your defenses and working with vendors who take cybersecurity as seriously as you do will help ensure you do not become a target.
Matt Grulke, Vice President, Research & Development, oversees R&D at LabVantage Solutions, a provider of integrated, web-based lab informatics solutions including laboratory information management systems, electronic lab notebook, lab execution system, scientific data management system, and advanced analytics. Reach him at mgrulke@labvantage.com to discuss cybersecurity.