Why Expanding Threat Surfaces Need Holistic Security

Since the onset of the pandemic organizations have been accelerating their digital transformations, moving quickly to the cloud, artificial intelligence (AI), IoT and other areas that offer the promise of greater efficiencies and innovation. In fact, according to new research from IDC, investment in digital transformation technologies is expected to remain aggressive through 2022.

However, as digital transformations expand, so too, are the threat surfaces for cyberattacks, like ransomware. In other words, the same digital technologies that enable efficiency and innovation can also lead to new vulnerabilities if not considered as part of the transformation.

While standard security tools for things like Identity Access Management (IAM), Perimeter Access Management (PAM), Security Event and Incident Management, backup and immutability tools, exist today and go a long way toward protecting data and thwarting intruders, more vigilance is needed.

The development of digital supply chains, for example, can introduce malware buried deep in third-party code like Log4J. And IoT can introduce operational technology (OT) devices to networks which may have no experience with the type of security that the OT devices require. And when it comes to AI and machine learning (ML), which can greatly enhance business processes, the accuracy of the results and outcomes of each depend greatly on the data that is used to train the models, demanding that greater care is taken in the selection, conditioning and parsing of the data.

These nuances can add up quickly, but especially during a massive digital transformation. It’s the reason that experienced services are needed at the ground level to design and audit the implementation and management of cybersecurity within the transformation projects. This work includes providing the ability to facilitate and automate quick and safe recovery in the event a transformation project becomes compromised.

But Where to Begin?

One of the first services to consider is a Compromise Assessment, which explores an enterprise’s systems in search of clues to breaches and anomalous behavior and activity. The goal is to officially determine if any compromise, via malware or some other form of attack, has occurred, for which they are not aware. This type of assessment can identify things like malignant/dormant payloads, activity that would not be detected via traditional means such as antivirus software programs.

This is a facet of cybersecurity that’s near to our work at Hitachi Vantara, and across the Hitachi family. In fact, we routinely partner and collaborate on solutions with Hitachi ID and Hitachi Systems Security to attack problems with a technology-agnostic approach to help organizations prepare, harden and, if needed, remedy their landscapes quickly and effectively.  

Not long ago one of our customers was notified by a federal agency of a potential internal bad actor. Our Hitachi Vantara specialists, who had been working with the company on backup and ransomware protection, were asked to conduct an audit for the organization.

The specialist brought in Hitachi System Security, which ran a two-week Compromise Assessment – one week spent on-site, and one week virtual. Although the audit found no compromises, it did provide several key recommendations for better physical security, including optimal camera placements, locks on racks, posting notices, and more. Interestingly and seemingly out-of-scope, the audit also noted that the customer’s data center was located in a flood zone, which was something the organization had not considered.

It's a simple reality to an increasingly complex situation: as digital transformations continue to flourish, so too will the risk of new vulnerabilities. But the consideration of holistic security plans that leverage the necessary expertise to support all facets can help secure the enterprise for the long haul.