SolarWinds hack

SolarWinds hack: CISOs need to revisit cyber resilience?

by | Dec 23, 2020 | IT Security

The SolarWinds hack has highlighted the threats caused by third-party vendors and challenges the cyber resilience position of enterprises.
Share to lead the transformation

What many organizations feared came true! The year 2020 brought another shock to the business community last week with discovering a new cyber-attack, SolarWinds hack’ in the United States. The attack is an opportunity for enterprises and CISOs to reflect on their cyber resilience strategies. (See: Top enterprise cybersecurity trends of 2020)

For the unversed, California-based cybersecurity company FireEye uncovered the SolarWinds hack last week and estimated that the cyberattack campaign might have started as early as Spring 2020 and remained undetected for months.

The cyberattack emerged as one of the largest ever targeted against the U.S. Government and several other global companies, threatening organizations’ cyber resilience levels. To date, dozens of emails from the U.S. Treasury Department have been confirmed as compromised.

The attack was hurled by cybercriminals who hacked the infrastructure of an American I.T. Software company, SolarWinds, and then used illegitimate access to insert malicious code in the software updates that the company sends out to its 30,000 plus clients that also includes several departments of the U.S. Government. SolarWinds stated that the updates issued between March and June 2020 were contaminated.

Several industry onlookers have also slammed SolarWind’s lackluster approach to conquer its shortcomings. For instance, the Chief Information Security Officer’s (CISO) longstanding vacant position from its board and notifications issued to customers around deactivating antivirus tools before installing SolarWinds software.

Far-reaching effects

While the timelines of the SolarWinds hack are still unfolding, the SolarWinds breach is disturbing to the whole of the I.T. industry as it can have a far-reaching effect on many big organizations’ networks, questioning their cyber resilience levels.

The SolarWinds breach reflects that most organizations are appallingly unqualified to detect and prevent such kinds of software supply chain attacks. SolarWinds boast that it has been working with 425 of the U.S. Fortune 500 companies and hundreds of universities and colleges globally. This means that the severity of the attack can be severe in the coming days.

Top tech companies, Intel, Microsoft, Cisco, and NVIDIA, have all confirmed their exposure to the malicious software and undertaking necessary investigations to gauge the impact.

In a column published in the New York Times, Thomas P. Bossert, a former domestic security adviser to President Trump, notes that supply chain attacks of such magnitude require significant resources and sometimes years of execution.

Bossart also opined that a foreign state might have launched SolarWinds hack in a well-orchestrated way. These evaluations, if proved correct, can be more hazardous. For instance, in war-like situations, confidential data of governments can be modified or erased by hackers instantly to cause financial loss or take undue strategic advantage.

Stresses lack of preparation of organizations

As we move into 2021, the Solar Winds hack event has once again reiterated nothing is completely secure in this ever-evolving threat landscape. Indeed, no vendor or solution can fully guarantee to protect the networks of an enterprise. Perfect information security is a myth, but the key is resilience. (See: How COVID-19 has changed cybersecurity focus for 2021)

The last few weeks must have been more strenuous for CIOs and CISOs who would need to spend long-hours evaluating the impact on their networks, systems, and data from the SolarWinds cyber-attack. It’s time for enterprises to seek responses to some of the key questions more vehemently:

  • Do you have a contingency plan to combat accidental breaches and unknown threats?
  • Do you depend upon a single security vendor (say, for VPN, network monitoring, and network slicing) or want to onboard different security vendors to safeguard our networks?
  • Can you change our defense approach to strengthen our cyber resilience levels?
  • Are you regularly testing our multiple endpoints and operating systems and keeping them secure?
  • Have you evaluated the risks of third-party software vendors and analyzed their ability to combat sophisticated threats?
  • Is your service-level-agreement updated?

The SolarWinds hack event could be a catalyst for technology leaders to rethink and analyze all their security solutions and potential gates of network vulnerabilities in the context of modern-day technologies. There might be many undisclosed portions, and more details around the impairment from the breach is likely to continue to come out in the next few weeks.

 

 

 

MORE FROM BETTER WORLD

Tech M to use AI-based upskilling to build a ‘Fit for Future’ workforce

Tech M to use AI-based upskilling to build a ‘Fit for Future’ workforce

Tech Mahindra, a leading provider of digital transformation, consulting, and business re-engineering services and solutions, said it would leverage artificial intelligence (AI)-based learning platform to create a ‘Fit for Future’ workforce. The initiative aims to accelerate new-age skill development for over 60,000 employees globally.

Powered by New Age Delivery (NAD), this upskilling-as-a-service (UaaS) program is aimed at enhancing employee competencies across emerging technologies like 5G, cloud, big data, and robotic process automation. The learning platform leverages AI to provide interactive, on-demand, contextual, and hyper-personalized upskilling to employees in self-service mode to make them fit for future. UaaS enables employees to access world-class content and assessments from across 30+ partners along with cloud-based practice platforms and deployment avenues. The platform empowers employees for seamless transition to digital jobs. The platform is also helping Tech Mahindra tide over the Covid pandemic by facilitating more learning interventions accelerating skill development as per changing business landscape.

Harshvendra Soin, Global Chief People Officer and Head of Marketing, Tech Mahindra, said, “As a global digital transformation leader, we continue to leverage digital technologies to enhance human experiences and talent development to meet changing business and market requirements. Upskilling as a Service platform is empowering our associates to identify and pursue their career aspirations at a speed of their preference, while also giving the tools to work with renewed passion and confidence to create future-ready workforce ‘today’.”

UaaS deploys Skill Knowledge Unit (SKU), a set of related skills cutting across various roles, aimed at providing holistic learning for employees across multiple technical as well as functional (domain), behavioral, and professional skills, thus grooming well-rounded professionals with entrepreneurial and solution-oriented mindset. The platform further recommends relevant career paths and SKUs to the employees based on their current skillset, time to upskill and opportunities available.

Vaishali Phatak, Head – Technical Learning Services & Global Head of Diversity and Inclusion (D&I) said, “UaaS (upskilling as a service) is enabling our employees to continuously upskill and take charge of their growth and relevance to business throughout their journey with Tech Mahindra. The platform is helping us deliver value to our customers by grooming employees in full stack/ end to end professionals for current projects as well as future assignments. We plan to extend the platform to academia, thereby helping college students become future ready by the time they graduate.”

Tech Mahindra developed this upskilling platform in-house to create an ecosystem for higher scale and speed of skill development and fulfil people supply chain needs of the organization amidst dynamic business environment. As part of its TechMNxt charter, Tech Mahindra is betting big on next gen technologies to solve real business problems of the customers by delivering innovative solutions and services. The organization plan to leverage Upskilling as a Service platform along with aggressive industry-academia partnerships, Fit for Future re-skilling and research programs to develop digital capabilities like AI, IoT, AR/VR, and cloud to create workforce of the future.

(To read more industry news, click here.)

Here’s how the new Cyber Security Policy could reshape CISO roles

Here’s how the new Cyber Security Policy could reshape CISO roles

Gone are the days when cyber security was considered a poor cousin of IT. It has gained a strategic national importance today. The fact that India’s Prime Minister Narendra Modi spoke about it in his Independence Day speech is a testimony to that. In his statement, PM Modi said that the country would soon introduce a new Cyber Security Policy.

Indeed, it’s been seven long years when the first Cyber Security policy was brought into effect in 2013. The cyber security and IT security landscapes have phenomenally changed in these past years. In the last few years, India has made rapid strides in the digital technologies, and as such, cyber security has become an essential part of national security.

From a technology perspective, internet of things (IoT) and artificial intelligence (AI) are on the verge of seeing a burst in adoption in the coming years. Once 5G spectrum auctions happen and the services get rolled out, there is bound to be a flooding of IoT and AI applications.

Strategic shift from MeitY to NSC

Notably, National Cyber Security Strategy 2020 was being prepared by a task force set up under the aegis of the National Security Council (NSC) Secretariat. NSC is a high-powered government agency that was first brought into existence during the tenure of late Atal Behari Vajpayee, and has evolved significantly in its role under the leadership of PM Modi. Ajit Doval is currently the National Security Advisor.

On the other hand, the National Cyber Security Policy of 2013 was prepared by the Department of Electronics and Information Technology (DeitY), Ministry of Communication and Information Technology (MeitY).

The shift from MeitY to NSC has clearly been prompted in the wake of a steep rise in state-sponsored cross-border cyber attacks from India’s adversaries. Concerns have been raised regarding the growing potential of attacks on government agencies as well as business establishments. A recent attack on e-mail servers of National Highways Authority of India (NHAI) is a case in point.

National security linkages

With Lt. General Rajesh Pant taking over as the Cyber Security Chief in 2019 from Dr. Gulshan Rai, the role of NSC in steering cybersecurity frameworks became all the more pronounced. While Dr. Rai had transitioned from DeitY, Lt. Col. Pant is a veteran specializing in defense IT and telecom matters.

In future, Better World expects the new Cyber Security Policy to define a framework where enterprise information security goals could have deeper linkages with the overarching theme of national security.

This could drive some fundamental shifts in the enterprise infosec landscape and also require CIOs and CISOs to have some working understanding of cyber laws, which are expected to undergo some modifications to align with the new Cyber Security Policy.

For example, it would be important for CISOs to better comprehend the policy constructs. This way, they could meaningfully provision that information security policies at their respective organizations have well-defined linkages with the broader national security frameworks.

The opportunity for CISOs to broaden their horizons and up the value chain could be around soon. Keep watching!

New Dropbox features could make pro remote workers more sticky

New Dropbox features could make pro remote workers more sticky

Dropbox has launched a host of new features for its premium subscribers, a move aimed at facilitating better real-time collaborative work experience amidst the new work-from-home normal. The cloud storage provider has introduced three new Dropbox features: a password manager, a secure vault, and an automatic storage feature for its Dropbox Professional and Plus users. In June this year, Dropbox had made these features available to beta users.

According to Dropbox, the password manager will help its users save their different credentials in one safe place and autofill them so that users can instantly sign into various websites and apps. The new password manager works on Windows, Mac, iOS, and Android OS.

This service, though not exclusive, will help Dropbox users put strong and unique passwords for different web-apps without any hurdle of remembering them.  There is already a flurry of free password managers such as Lastpass, Myki, KeePass, Dashlane, among others, in the digital marketplace today. Dropbox mentions that the feature will allow users to sync their passwords automatically from the desktop to mobile devices and vice versa.

The new Vault feature provides an extra layer of security for relevant documents to Dropbox users. According to the company, users can store files such as insurance cards, passports, and housing documents in the Vault and provide access to their trusted friends and family members in case of an emergency. Currently, the service is available to Dropbox Plus users only.

The last feature that the company has introduced is the computer backup feature. The feature eliminates the need for manual backup and automatically syncs folders on the PC directly with Dropbox. This service is available to all Dropbox users.

Eying new opportunities

With over 600 million registered users and around 15 million paid customers across 180 countries, Dropbox is undoubtedly one of the most significant players in the cloud storage segment. The San-Francisco headquartered company is competing closely with the likes of Google Drive, Microsoft’s OneDrive for Business, Box, Zoho Docs, ShareFile, and Apple’s iCloud in the market. Besides these, the industry is also witnessing the entry of several newbies who are chipping away the market share.

Dropbox’s new feature announcement is in line with the company’s strategy to increase its user base and become profitable by the end of 2020. During the last couple of years, Dropbox has taken aggressively steps to bolster its proposition in the digital collaboration space. In September last year, the company launched Dropbox Spaces, a machine intelligence-enabled smart feature that lets teams reorganize and bring all their documents together in one place so that multiple users can access everything from one central location. Besides, Spaces also enables Dropbox users to scan and find their records immediately by inserting keywords.

Earlier, Dropbox’s strategic partnership with Zoom Video in 2018 was aimed at helping its users to seamlessly communicate and discuss content in real time.

Dropbox ended the second quarter fiscal 2020 on June 30, with US $1.931 billion in revenue and over 15 million paying users. According to Dropbox, it witnessed a revenue increase of $67.3 million quarter-on-quarter and 17% year-on-year. During the last one year, the company has also been able to increase its average revenue per paying user from $120.48 to $126.88. 

Tough competition ahead

The cloud storage market is gaining enormous traction today. Given the ongoing Covid-19 pandemic, the remote work environment has become a new reality. As such, the traditional way of storing data is becoming obsolete, and cloud storage companies are exploring new opportunities to benefit from the work-from-home trend.

Enterprises and professionals are rapidly moving towards collaborative workspaces and prefer storing data in a way that can be accessed and shared anytime with anywhere digitally. As such, players like Dropbox, who have strong fundamentals, will continue to gain market share. However, even with the growing opportunity, the market is expected to see significant consolidation in future. Tech giants like Microsoft and Google are speedily enhancing their digital portfolios with an eagle’s eye on cross-selling opportunities. As such, industry observers expect the document cloud storage market to consolidate into four to five major players in the next 12 months. It will be exciting to see if players like Dropbox can maintain the momentum with new pathways for growth or decide otherwise.

LinkedIn forgoes SlideShare to focus on more premium services

LinkedIn forgoes SlideShare to focus on more premium services

In a significant development, SlideShare, LinkedIn’s presentation-sharing service platform, has been acquired by Scribd, a digital library giant, for an undisclosed amount. As LinkedIn forgoes SlideShare, it also undoes the acquisition done eight years ago. The deal with Scribd is likely to be completed by September this year.

SlideShare has been part of LinkedIn since May 2012 and has helped LinkedIn users increase knowledge and share best practices in areas such as marketing, sales, and digital transformation, among others.

“On September 24, Scribd will begin operating the SlideShare business, its 100 million users, along with its presentation upload and hosting tools, and tremendous archive of presentations and documents,” said LinkedIn in an official statement.

Launched in October 2006, SlideShare has been considered as the YouTube of slideshows by the tech industry. LinkedIn acquired the SlideShare platform in 2012 for $119 million. At that time, LinkedIn said that the acquisition would enable it to deliver more value to its users who can share their experiences and knowledge in the form of various documents, videos, and presentations. Later, Microsoft acquired LinkedIn in 2016 as part of a wider UC&C strategy.

Through its blog post, LinkedIn has informed that existing SlideShare users can continue to access their account with the current login information. Post transition, Scribd will manage the existing SlideShare accounts as per their terms and conditions.

­­

A good fit in Scribd’s portfolio?

Scribd has been on an expansion spree for the last few years. The company was launched in 2007 with a sole focus on document-sharing service and then added an e-book subscription service in 2013. Over the years, it started sharing almost everything under the skin on its digital platform.

By acquiring SlideShare, Scribd will be able to further diversify its offerings to users. The company currently has over 100 million digital assets, including audiobooks, music, e-magazines, podcasts, and e-books, hosted on its platform. Now, with SlideShare purchase, it will further expand its portfolio in professional content and presentation space as well.

Last year, the company had raised $58 million from growth firm Spectrum Equity for its expansion and growth plans.

“Our acquisition of SlideShare is a major step towards creating the world’s largest digital library,” said Trip Adler, co-founder and CEO of Scribd. He further elucidated that the acquisition will enable Scribd to continue to diversify offering while driving even more readers to the books, audiobooks, magazines, and other professionally published works in its digital library.

LinkedIn does away with a misfit?

As LinkedIn forgoes SlideShare, the move seems to be in line with its future strategy of focusing on its premium services for the next level of growth. For the first few years, the professional networking site wanted to build a repository of contacts senior executives, enabling real-world professional relationships. At that time, it offered almost everything for free without concentrating on revenues. However, with over 700 million registered members in 150 countries, it is now majorly focusing on premium services with a monthly subscription model. Some of the key services it has been offering under its premium plans include In Mails, premium insights, online training, among others.

SlideShare, for all the reasons, has not been aligning well with LinkedIn’s long-term plans. First, it was a free service where everyone could share and distribute professional content, which may or may not have been attributed to genuine authors.

Second, through its verified training courses and downloadable resources, it can strategically focus on building exclusive content repositories for its premium users. In future, virtual platforms will likely become more mainstream mediums to learn, collaborate, and share.

Embee launches VirtuaPlace for SMBs in India

Embee launches VirtuaPlace for SMBs in India

Embee Software Pvt. Ltd. has announced the launch of VirtuaPlace business continuity solution aimed at small and medium businesses (SMBs) in India. The solution is aimed at facilitating SMBs in cloud adoption. VirtuaPlace for SMBs runs on Microsoft Azure and brings together offerings across Azure, Microsoft 365, Octane HRMS, SAP Business One, and Windows Virtual Desktop.

The launch comes amidst a growing assumption that remote work scenario is here to stay even beyond the pandemic situation, and seamless teamwork, collaboration, data security and more at controlled prices is going to be a need for the SMBs.

Embee has been a partner of Microsoft India for more than 30 years and has empowered 2500+ organizations of all sizes with customized digital solutions in the IT services market. It also has one of the largest cloud consumption and adoption of portfolios in India, with more than 2 million entitlements in Microsoft 365 and 70% growth in Microsoft 365 business in FY2019.

Sudhir Kothari

Sudhir Kothari, MD & CEO, Embee

“This COVID-19 adversity can inspire organizations to rethink their digital strategy and adopt the offerings to transform their businesses. VirtuaPlace is designed to empower small-medium businesses and enterprises with business continuity, robust security, and productivity while scaling their operations at reasonable costs. Businesses can choose from a variety of solutions and services, curated to their needs, at an attractive monthly subscription. Embee is eager to be the partner in growth for organizations in the digital age,” Sudhir Kothari, MD & CEO Embee Software Pvt. Ltd, noted.

With VirtuaPlace, Embee is focusing not just on smooth onboarding but also on ensuring customer adoption of the new technologies on a foundation of successful digital transformation. To its credit, Embee has onboarded more than 200 schools to utilize Microsoft Teams as a remote learning tool during the Covid-19 pandemic.

Krishna Sai

Krishna Sai, CTO, Embee

“With the solution, schools have found themselves equipped with a digital platform to ensure continuity in learning. The swift implementation, taking as little as 3-days per school, establishes Embee’s credentials to empower organizations digitally. We are looking to replicate this success with VirtuaPlace across the country,” Krishna Sai, CTO, Embee Software Pvt. Ltd, said.

Venkat Krishnan, Executive Director, Commercial Partners, Microsoft India said, “Small and medium businesses form the economic backbone of our country. Bringing together the power of the Microsoft cloud and other offerings in a secure and scalable environment, VirtuaPlace by Embee can helps SMBs transform digitally and be future-ready in a world of remote everything.”

Apart from creating a virtual place for business to overcome remote working challenges, Embee offers a secure environment and advanced threat protection to its partners so that they can adapt to remote work environments, more smoothly.

Combating cyber threats in the new normal

Combating cyber threats in the new normal

The Covid-19 pandemic has impacted the information security priorities of enterprises drastically. With remote working becomes a new normal, IT and cybersecurity risks have grown manifold. The go-to-market needs of users have also transformed, and meeting client expectations in real time have become a challenge in the new environment. Combating cyber threats now needs a multi-pronged approach.

Despite stressed technology budgets, there has been a massive surge of optimism in the cloud and managed services solutions market due to organizations’ innate need to drive agility and scale. Businesses are continually looking at new-age solutions that could help their workforce deliver exceptional results even in the work-from-home environment.

Since millions of people are working remotely, there has been a deluge of new cyber and IT security threats that organizations are witnessing. According to a recent cyber threat report by SonicWall, a leading cyber security player, ransomware continues to be the most concerning threat to corporations and the preferred tool for cybercriminals, increasing a staggering 20% (121.4 million) globally in the first half of 2020. Moreover, 7% of phishing attacks capitalized on Covid-19 pandemic while there was 50% rise of IoT malware attacks. The report said it analyzed threat intelligence data gathered from 1.1 million sensors in over 215 countries and territories.

According to the Covid-19 Threats Report by McAfee Labs, the first quarter of 2020 saw significant increases in several threat categories. During this time, cybercriminals seem to have exploited the vulnerabilities caused by the pandemic and tried to make a substantial impact on the networks. The report states that the new mobile malware increased by 71%, primarily due to trozons, and total mobile malware grew by about 12% over the previous four quarters. Interestingly, new IoT malware saw a 50% increase.

This emerging threat landscape has compelled organizations to aggressively focus on disruptive technologies and solutions that could enable them to innovate confidently and provide consistent value to their clients without breaching trust.

Let’s look at how organizations can enhance their security architectures during these unprecedented times and reduce IT security risks.

Focus on threat lifecycle management

A continuous focus on the entire threat lifecycle management (TLM) provides much-needed assurance for tackling any unforeseen scenarios. Organizations need to evaluate the information assets that they need to protect continually, and then take advanced measures for detecting and mitigating cyber threats.

The depth and quality of threat intelligence softwares can help enterprises achieve the much-needed IT security resilency, even for employees who are on their home networks. Some of the major companies that are providing robust threat intelligence management solutions in the market are: IBM, Dell, Trend Micro, Symantec, Check Point, F-Secure, McAfee, and Juniper.

Upgraded tools and methodologies

As cloud deployments become more and more intricate, organizations should ensure to assimilate multiple ways of inventory classification and include them in overall asset management strategy. In the multi-cloud environment where organizations want the best of public and on-premise worlds, the list of cloud applications can change very quickly. Hence, enterprises should have the necessary tools and methodologies to know:

  • List of cloud inventory on their network
  • Why they exist
  • Are they still important?

Incident response automation

By employing security automation in cloud environments, organizations can control the damage at the right time. Automated incident response tools enhance the detection capabilities of vulnerabilities and threats. It accelerates the response time in the event of a security alarm and free up the time of security teams to focus on high-impact alerts. Some of the leading players in this segment are: FireEye, IBM, AT&T, Symantec, Verizon, and DXC Technology.

Browser isolation technology

Enterprises have been using sandboxing, a software management technique to isolate various enterprise applications from critical resources, as part of their efforts to strengthen security against new-age threats. However, in the current environment, information security practitioners consider web browsers as a chief target for cyber attacks and recommend to implement isolation technologies to physically isolate an employee’s web browser and related activities from the local machine and the network.

This model enables enterprises to track and identify the routine infiltration points on their networks and take remedial measures immediately.  Major vendors operating in this segment include Symantec, Cyberinc, and Web Gap.

There are also other tools available through which organizations can quickly isolate affected systems and analyze the breach methodology to prevent such instances in future.

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *