With hybrid work firmly in place for most organizations in Asia Pacific, the dynamic and ever-evolving cyber-threat landscape poses some critical challenges.
Corporate infrastructure, workflows and processes are evolving as organizations in the region accelerate their adaptation to a hybrid workforce and a hybrid IT environment.
Inadvertently, new threats and risks evolve to exploit this accelerated transformation. So how should we secure the future of our hybrid workplace and infrastructure to keep business running?
CybersecAsia taps into some insights from Kumar Mitra, Director and Regional General Manager, Central Asia Pacific, Infrastructure Solutions Group, Lenovo.
How is the cyber-threat landscape evolving, and what are some major threats and risks organizations should expect in the next half of 2022?
Kumar Mitra (KM): The cyber-threat landscape is dynamic and ever-changing. The Asia Pacific region experienced a staggering 168% increase in cyberattacks between May 2020 and May 2021.The dramatic rise and increased sophistication in cyberattack can be attributed to the accelerated shift to remote working, which prompted companies to adopt a host of new technologies to address their evolving business needs.
As organizations progress in their digital transformation journeys in 2022, they must implement innovative measures to protect themselves from evolving cyber threats, essentially:
The evolution of malware and ransomware attacks
Ransomware remains one of the most common types of cyberattacks where using more complex extortion tactics such as exfiltrating data to weaponize it. The fact that 75% of organizations in Asia Pacific and Japan (APJ) suffered ransomware attacks, make it one of the single biggest causes of downtime. Even commonly used attack vectors like VPNs, spear-phishing emails, and exposed RDP ports will remain in play, but more importantly cloud will pose a threat as more companies migrate their data. Specifically, cloud and data center workloads will be the main playground for ransomware actors due to an increased attack surface from vulnerable remote working environments.
Third-party exposure & supply chain
As organization improve IT Environment security, malicious attackers have turned to target trusted third-party vendors and vulnerable supply chain links. Business leaders like myself are working with multiple vendors for a variety of services and cybercriminals see this as an opportunity to and target organizations’ network links to partners to achieve maximum disruption.
Cybercriminals are more adept than ever and can easily bypass security systems by hacking into less-protected networks belonging to third parties with privileged access to the hacker’s primary target. As such, cybersecurity specialists must constantly evolve their security strategies.
Are APAC organizations well-prepared to deal with today’s evolving threats?
KM: According to Sopho’s ‘The State of Ransomware 2021 Report’, Asia Pacific faces a higher cybercrime risk than EMEA (Europe, Middle East, and Africa) and the Americas. Specifically, APAC reported the highest number of organizations attacked weekly at 1,338 cases. Despite more companies improving their cybersecurity hygiene, cyberattacks in the region continue to grow exponentially due to growing connectivity and the accelerating digital transformation goals.
According to EY’s Global Information Security Survey in 2021, 73% of respondents saw an increase in the number of disruptive attacks, with 47% of respondents not confident that their organization’s budget is inadequate to manage emerging cybersecurity challenges. While security has considerably become a top of the mind concern for IT decision makers, lack of resource planning could pose a threat to business operations.
One way to ensure that an organization is well-prepared is to implement a Zero Trust approach. Zero trust allows for a variety of ways of working, such as securely collaborating with partners and customers in shared offices and hubs and ensures organizations are resilient to any form of cyberattacks, even from within.
As IT infrastructure grows more complex with hybrid and multi-cloud, what are the key challenges in integrating, securing, and future-proofing infrastructure?
KM: As companies migrate to the cloud to modernize their legacy infrastructures, they face a slew of security and integration challenges that can potentially affect performance and cost savings. One of the key challenges ITDMs face in integrating and future-proofing infrastructure is accidental data loss. In hybrid cloud environments where data travels between different cloud environments, the attack surface becomes more expansive with organizations wanting to build and deploy products at a faster rate. Migrating to the cloud can result in misconfigurations and the accidental exposure of customer data and mission-critical assets.
Therefore, companies must identify solutions to provide agile protection for the full hybrid and multi-cloud infrastructure to protect the applications from these vulnerabilities.
What can a zero-trust framework do for hybrid cloud security?
KM: Cloud offers businesses the flexibility and agility for faster product development which simultaneously increases management complexity for network and security teams, putting critical data at risk. The situation worsens when the tools used by security teams to protect their on-premises data centers are not designed or scalable to extend to cloud environments. As a result, an organization’s implementation of a comprehensive and adaptable methodology becomes imperative.
Effective in keeping cyberattacks at bay, Zero Trust architecture helps organizations ensure their employees can access and retrieve resources in a secure manner. Zero Trust secures an organization by eliminating implicit trust and continuously validating every stage of digital interaction. It can be used to address the inadequacies of traditional perimeter security methods and is intended to secure modern cloud environments. Fundamentally, it recommends secure authentication everywhere, from multi-factor authentication to persistent endpoint management, enhancing overall infrastructure security by providing better visibility and control in cloud-based environments to improve threat detection and mitigation.
Overall, zero-trust provides businesses the best defense against cybercrime and a sustainable security foundation for hybrid work. Zero-trust security frameworks have been designed to accommodate cloud resources, which have evolved to be more user-friendly than their legacy counterparts. I believe it is a framework that businesses should adopt in to safeguard themselves in the new Smart Normal.
How is Lenovo ISG helping organizations reimagine their zero-trust approach?
KM: Adopting a zero-trust security approach is a process that should be viewed as a journey rather than a destination. When it comes to transitioning to a zero-trust approach, legacy infrastructure often poses the biggest obstacle for companies. A common yet misguided course of action taken by most businesses is to overhaul their security infrastructure completely. Instead, companies should concentrate on achieving granular goals one at a time, such as enabling multi-factor authentication, remote access control, or even disabling file shares.
Edge servers offer essential cybersecurity capabilities, including key-encrypted storage and physical security features, such as a locking bezel, as well as intrusion and tamper-detection mechanisms.
Considering this, late last year, we introduced the new ThinkEdge SE450 Server, which helps secure edge computing by providing cybersecurity capabilities – including ThinkShield lifecycle security and key-encrypted storage and data confidentiality capabilities and adherence to regulatory, privacy and security requirements like GDPR, HIPAA and financial services by processing at the edge and not the cloud.
Rooted in our principle of “Trust Nothing. Verify Everything”, our teams developed customized IT infrastructure solutions for businesses set with a complete series of easy-to-use solutions and services to help companies build their zero-trust environment. This includes our ThinkSystem V2 servers with ThinkShield Security and award-winning ThinkSystem DM storage solutions with built-in automatic ransomware protection.
Going further and beyond to enable businesses with lean IT departments to build a more robust cyber-defense strategy, we also provide the Virtual Desktop Infrastructure (VDI), which enables enterprises to clone a desktop and host it on a central server, through which only authorized employees can access.