Get the insights and action you need to improve your security postureRead more
Although innovation is by no means a new concept, over time it’s evolved to include more than just product and service innovation. It’s become a new way of thinking, working, and living, and a valuable means to accelerate an organisation’s digital transformation journey, ensuring they remain competitive in their marketplace.
Today, the ever-evolving threat landscape, and increasing compliance requirements and security risks are driving greater levels of cybersecurity innovation. More businesses are seeking to implement emerging solutions to bolster their cyber-resilience.
To illustrate this point, let’s create an analogy between an organisation’s technology environment and the automotive industry. Car manufacturers know that robust safety features are a major influencing factor when you’re purchasing a new vehicle. For this reason, they invest significantly in the latest innovative safety features. However, the risk factors associated with driving a car remain the same. Doing business on the Internet inherently involves risks, in the same way that driving cars on public roads does.
I believe that legacy methods and tools are still relatively effective at providing a solid foundation to help organisations mitigate the challenge of cybersecurity. Most attacks can be prevented with basic security controls. But tactics change, and malicious actors are constantly developing new attack methods.
Business leaders should ensure that their basic controls remain effective, but also embrace innovative solutions if they provide a good fit and deliver true business value. In addition, they should keep improving security capabilities for the following reasons:
It’s also important to remember that legacy methods and tools are only effective if they’re properly deployed and operated. Challenges associated with deployment and operation are escalating due to the increased complexity and size of organisations’ IT environments, as well as the shortage of skilled security experts. For these reasons, I believe that innovations in automated security operations will become ever-more critical.
Ongoing digital transformation and advances in the Internet of Things technologies, blockchain, and cloud – which extend a business’ traditional security perimeters – are only increasing the pressure on, and the complexity facing, IT security teams.
In addition, according to Dimension Data’s Executive Guide to the NTT Security 2019 Global Threat Intelligence Report, new compliance regulations, and an increase in illicit coin mining, web-based attacks, and credential theft, have also emerged as new challenges to organisations over the last year, and will likely continue into 2019.
As attackers continue to expand and refine their tools and capabilities, NTT Security continues to hone the existing and emerging cybersecurity technologies that underpin our security services, and develop groundbreaking new cybersecurity innovations.
Dimension Data and NTT Security, along with our extended NTT affiliates, are seeking to push the boundaries of cybersecurity innovation. As a tier 1 backbone Internet carrier, we’re in a unique position to drive the development of these innovations, as we have the access required to analyse much of the traffic that flows across the Internet.
Let’s take a closer look at three of our most promising innovations and how they’re helping our clients to identify and mitigate threats more quickly, and make doing business across the Internet safer for everyone:
NTT Security is leading the way in botnet detection by analysing our own substantial Internet backbone traffic and drawing on the power of machine learning. Our botnet monitoring capabilities can detect command-and-control (C&C)1 servers weeks before commercial vendors locate them. This enables us to identify attacks on clients’ Internet-connected devices in real time and help affected organisations react more quickly, minimising any disruption to their businesses. These C&C servers are subsequently added to NTT Security’s ‘blacklist’, where the threats are analysed in further detail.
We’re also currently working on botmaster detection, which will ultimately provide us with the ability to ‘take down’ botnets. This will go a long way to giving organisations an additional layer of Internet security. We’ll be applying this innovation to bolster the existing threat intelligence capabilities we offer our clients, including threat intelligence services based on botnet analysis.
Our recently developed Cyber Threat Sensor provides location-agnostic, holistic, software-defined threat detection. Using software-defined networking (SDN) and container technologies, our Cyber Threat Sensor enables clients to orchestrate security features and define and enforce network policies across globally distributed edges in a flexible, timely, consistent, and centralised manner.
While our current application of this innovation allows us to deliver a more streamlined Managed Security Service to our clients and make updates using containerised ‘all-in-one’ solutions, there are some exciting additional future use cases for the Cyber Threat Sensor. These include zero-touch deployment of security services to clients and/or to cloud environments, through integration with SDN technologies.
San-Shi enables the calculation and analysis of data, such as statistics, from multiple sources without the disclosure of any confidential information, through the use of end-to-end encryption technologies. It allows you to obtain, for example, the average blood pressure readings of patients from a number of different hospitals in a country or region, without any personal details pertaining to the patient being decrypted or revealed. San-Shi is currently the world’s fastest confidential computing technology available and it’s also natively compliant with strict compliance regulations.
While this innovation is currently being used to securely analyse vast amounts of clinical data for medical research, we see the potential for it to be applied in a range of other areas, for example, privacy-protected analysis of consumer marketing data.
Security is inherently an interdisciplinary practice, as it’s a common concern across all sectors . However, collaboration and the sharing of deep domain expertise in vertical industries is a fundamental requirement, if we want to accelerate our innovation efforts. For instance, expertise in industrial control systems is needed for operation technology security. In terms of research, security professionals need to unite and co-innovate with experts in other areas such as hardware device manufacturing, software engineering, mathematics, and human-centred design.
Security providers also need to co-innovate with their clients to help them solve real-world business challenges by leveraging intellectual property that can be re-used and, if necessary, customised in line with the organisation’s specific requirements.
Keeping an eye on and investing in cybersecurity innovations will ensure that you remain agile and that your business is geared to adapt to the ever-evolving threat landscape. But organisations who do so need to adapt and change their mindset. Security must be embedded into the business’ strategy upfront, not as an afterthought. I also recommend that business leaders establish DevSecOps processes that are focused on continuous improvement, and consider a ‘zero-trust’ security architecture on cloud-native environments, as their future reference architecture.1Command and Control (C&C) are communications channels used by bots in a botnet to receive instructions.