Every CISO has his/her own list of what’s shaking up the Cybersecurity space. Farooq Naiyer is the CISO at ORION. More accurately, he is the shared resource across the 5 universities and 3 colleges that make up ORION. The Ontario Research and Innovation Optical Network, simply known as ORION, is a high-speed optical research and education network in Ontario, Canada. It connects virtually all of Ontario’s research and education institutions including every university, most colleges, several teaching hospitals, public research facilities and several school boards to each other. It connects this network to the global grid of R&E networks using optical fibre. For those familiar with PERN in Pakistan, ORION has been many years in the making and like most networks, is a constant work in progress.
Farooq, who has experience in banking and finance, hopped through a few jobs before finding himself in his present position. Never having formally worked in education, it didn’t take long for him to find his footing. It’s ensuring that the network and everything surrounding it is aligned with IS best practices – something that is more common sense and sector-agnostic. “The thing I really found different in this ecosystem was how open everything was. Information sharing was so real here. And when you’re dealing with so many different sub-systems, sharing information is so critical.”
Farooq was recently visiting Pakistan and stopped by the TNS studio to talk a bit about some top trends in cybersecurity today, and also about how the field of IS has changed in Pakistan over the years. There is absolutely no doubt that technology influences our lives so immensely at every level and ensuring an organization’s readiness is the key to its survival.
Cloud Computing and Cloud Security
The digital world is fast embracing the technology of shared resources which are mostly cloud-based. The biggest catch with cloud-based resources is that they are cost-effective and can be easily optimized. But as the world is swiftly shifting towards cloud-based technology, it is opening up for greater security risks than ever. While opting for cloud technology there remains a concern about confidentiality and protection of data which needs to be addressed or taken into consideration.
Blockchain is an incorruptible digital ledger of economic transactions that can be programmed to record not just financial transactions, but virtually everything of value. Blockchain technology is reshaping the internet by allowing digital information to be distributed but not copied. It gives internet users the ability to create value and authenticates digital information. Originally devised for the digital currency, Bitcoin, the businesses are now finding other potential uses for the technology.
Ransomware is a type of malware that essentially takes over a computer and prevents users from accessing data on the computer. These cyber-extortionists infect computers and then demand money in return for the data they have held ‘hostage’. Experts believe that Ransomware attacks will only increase in the future and more organizations will continue to be targeted. The ransomware encrypts data on the computer using an encryption key that only the attacker knows. If the ransom isn’t paid, the data is often lost forever.
Cyber Threat Hunting
Cyber threat hunting is the next generation of cyber security which is being more proactive in identifying vulnerabilities than are the traditional security solutions. The solution iteratively searches through data to detect cyber threats in advance, based on historical data. It enables organizations to do reconnaissance, research the dark web and get advance intelligence about any upcoming threat. The focus with this trend is more towards prevention than protection.
It’s important to realize that cyber attackers are now targeting humans instead of machines. They focus on people, study their habits and preferences, and then dope them into clicking a link or opening a file which leads to infection. This increases the need for a more careful approach coupled with latest cyber security solutions. Your information on social media platforms make it possible for critical information about you to be readily available to such threats.
Shared Critical Resources
Sure, everyone wants their own dedicated resource, but sometimes the shared resource structure just works. Especially when there are companies with similar ecosystems, needs and challenges. According to Farooq, the concept of the shared CISO surprises people, but when explained, just makes more sense for everyone involved. An increasing number of companies that require the expertise and support of skilled personnel who are just not easily available, shared resources makes more technology, business and overall practical sense. “This is definitely a trend you will see more of, especially in the developed economies.”
What’s on your list of Cybersecurity trends you are following? Write to us and let us know!