This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.
2016 was a challenging year for organisations particularly as cyber adversaries achieved high-profile success, mainly with ransomware. Organisations in Asia-Pacific are no exception. The year also taught a valuable lesson that no industry vertical is safe; if there is a hole in your security, a determined adversary will find it.
2017 should be an opportunity for organisations to instigate a regular program of security risk assessments to stay ahead in cybersecurity. New technologies and ever-increasing levels of connectivity are transforming businesses and unlocking business development opportunities across the region.
Being aware of security concerns doesn't mean avoiding new technology altogether. It's about being sensible and trying to stay ahead of cybercriminals by understanding current and potential threats and what can be done to mitigate the risk.
What are my predictions for Asia-Pacific in 2017?
1) Industrial control systems may turn against you
Industrial control systems (ICS) are an integral part of any business, especially in Asia-Pacific. These include building management systems, heating ventilation and air conditioning (HVAC), and security doors, just to name a few.
Most businesses outsource their building management requirements so they don't necessarily know whether the third-party provider has adequate security in place. It's not impossible for a malicious actor to execute an attack that could cause significant damage.
For example, an attacker could turn the heating up in a company's server room or data centre to 50°C and then disable all the building access points so no one can get in to physically remove hardware to a safer location. The hardware would eventually overheat, causing significant disruption to a business, its customers and its partners.
What you need to consider:
- When you think about it, nearly all businesses could be at risk of an attack like this. Business leaders have to consider security beyond the basic steps of protection. Organisations need to gain an overarching view of their potential weak spots through third parties as well as their own network. Additionally, they need to put a plan in place that would help counter any potential attacks.
- Have you checked what non-IT equipment your business depends on and what security they have enabled? Are they connected to the internet, managed by a third party?
- When outsourcing to a third party, what level of security assurance do they have in place? Are they able to provide information to you on how they secure themselves and, ultimately, how they secure and manage your network and systems?
2) The Internet of Things (IoT) devices will be a target for cybercrime