Skip to main content

Intelligence assured

Subscribe to future blog posts featured in our newsletter

Read more about how we handle personal data

Advenica

The world is changing. Established truths just a few years ago are no longer relevant. The means to carry out cyber attacks that used to be reserved for a few, or were mere academic ideas, are accessible to more and less competent attackers. At the same time political development has dramatically increased exposure. An increasing number of businesses therefore need the kind of effective protection previously only used by defense forces and intelligence agencies. Threats that recently were unlikely are likely now.

Vulnerabilities in standard products

Fact: vulnerabilities are implanted in standard products. These vulnerabilities can be exploited for criminal and military purposes. Statistics on detected malicious code show they currently exceed 700 million versions (https://www.av-test.org/en/statistics/malware/#tab-6913-1). Beyond the statistics, unexplored threats are just waiting to be used.

Taking this into account, continuing the prevailing patch and update strategy will not lead to any improvement as it is unlikely that all holes can be patched this way. By definition, only detected holes can be patched – undetected ones remain as latent threats regardless how rigid the patch and update strategy.

radar

Logical or physical separation?

By utilising logical separation with for instance VLAN, and otherwise sharing hardware for storage, networking and firewalls, logical separation is achieved. This is positive – but can lead to a false sense of security.

Systems solely based on this kind of logical separation pose a high risk. Just one small mistake, intentional or accidental, in one of the components gives the attacker the go ahead to create havoc inside the system. In a world where vulnerabilities are actively implanted in many systems, this design philosophy offers too large a risk.

A major difference between logical and physical separation is that the latter also provides protection against undetected vulnerabilities. And in an environment where undetected threats are highly likely, it is necessary to use physical separation as part of the protection.

Combining logical and physical separation

By subdividing systems into zones, VLAN can be used in the zones and physical separation can be used at zone borders. This way, the attacker has to break through zone border protection – instead of simply entering the back door. Furthermore, risks are significantly reduced when zone border protection is based on white listing information – i.e. import and export of data is controlled and without packaging (= without transport protocols).

Security is always a balance between function and safety. It is easy to build safe systems without function – and vice versa. The real art is creating systems that deliver both.

Advenica

Advenica’s CTO Jonas Dellenvall and CEO Einar Lindquist talk about what’s happening in cybersecurity in 2018.

What are the biggest cybersecurity challenges in 2018?

Jonas Dellenvall: Basically, the work is the same as it has always been. You need to work systematically based on your assets, threats and risks. What has changed is that the attacker's motivation and capacities have increased, while the value of assets has increased. Today's work is more crucial than ever before.

Einar Lindquist: It’s still about insight and understanding from decision makers, board members and owners who need to understand that the threats are greater and more prevalent than we realise. And that the known threats are mild compared to the threats and attacks that come from well-organised and well-funded organisations as well as state powers. It is much easier to manipulate, destroy and acquire sensitive information via the Internet and at a distance than having someone work on the inside.

challenges

What will be crucial for improving cybersecurity in 2018?

Jonas Dellenvall: The increased ability of attackers means you need to be stricter in segmentation. Combine logical separation (e.g. VLAN), with physical separation (Cross Domain Solutions). Otherwise there is a risk that you build protection that does not help. There are three new laws you need to address and plan for during 2018,: GDPR, NIS, in May 2018 and the new Security Protection Act, which will come into force on 1 January 2019.

Einar Lindquist: Take it seriously. All companies have been, will be, or are under attack.

What’s your best tip for a first step for companies who feel information security is overwhelming?

Jonas Dellenvall: Take stock of and understand your information assets. What are the consequences if the respective asset is destroyed, corrupted or becomes common knowledge? If you start there you can decide how to proceed. There is of course help from authorities and suppliers. But you have to start by understanding the value of your own assets. Without that knowledge you can’t understand why or how to protect yourself.

Einar Lindquist: Turn to experts, not to your existing vendor of systems, firewalls and antiviruses. Anyone who wants to do you damage knows everything about the hardware and software you have installed, as it is known and already open. So my advice is: Do not go to a general practitioner, turn to a specialist.

What’s the business benefit for an organisation to put cybersecurity/information security high on the agenda?

Jonas Dellenvall: Today information is often the most valuable asset of any business. Either because the information as such is worth so much, or because a business would simply stop working without it. The people who are best at processing and managing information create the most business value. Previously, information was often handled as an IT issue. That’s no longer the case. Today , the issue has moved into management and board level. That change has taken place for a good reason.

Einar Lindquist: You reach customers and markets in a safe and controlled way if you get help segmenting and classifying your access points. That means you get a competitive advantage.