Technology has undoubtedly influenced various aspects of our daily lives. Online shopping, smart home devices, social media — there is not a single day where technology does not play a role. As our dependency increases, it is also important to focus on security and privacy. Organizations must recognize these technology’s threats and work towards safeguarding data and protecting the end user. Cybersecurity is no longer an afterthought. While businesses are focused on their clients, governments across the globe have taken matters into their own hands to lay down the foundation that helps these businesses create policies that protect everybody.
Cybersecurity has evolved into a movement in the last year as hacker groups have created havoc for businesses and sometimes countries, costing money and time. Two of the most threatening cybersecurity attacks in 2022 are the LapsusS extortion and the Conti attack on Costa Rica.
Lapsus$ attack
During the initial months of 2022, several prominent brands, including Samsung, Ubisoft, and Nvidia, were attacked by the infamous Lapsus$ group. The group subsequently infiltrated Microsoft Bing and Cortana with targeted phishing attacks to gain control and leaked portions of source code. By March, British police arrested a few possible group members and charged two of them in April. Although the group tried to revive their acts, they quickly became inactive.
Conti attack
Touted as one of the most disruptive cybersecurity attacks to date, the ransomware attack on Consta Rica’s Ministry of Finance was declared a national emergency. Performed by the cybercrime gang from Russia in April, the attack froze the import/export business. The group later attacked the Costa Rican Social Security Fund through Conti-linked HIVE ransomware, which had a catastrophic effect on the country’s healthcare system.
Global government security measures
SBOM – USA
Following the increasing number of cybersecurity attacks, US President Biden issued a cybersecurity executive order (EO) to organizations that had businesses with the government. One of the components of the EO was the Software Bill of Materials (SBOM) which could become the de facto guideline for all organizations to engineer, test, and secure their software applications. The SBOM will become the repository of all open source codes, licenses, and possible vulnerabilities. It is now a common and critical component in the software development lifecycle (SDLC) and other DevSecOps processes.
NSSC – Canada
Taking a leadership role in advancing cyber security, the Government of Canada is investing in shaping the international cyber security environment that protects critical infrastructure and ensures Canadians are safe online. Named the National Cyber Security Strategy, the initiative focuses on three aspects.
- Collaborating with partners to enhance cybersecurity and resilience that will protect Canadians from cyberattacks, respond better to threats, and protect government and private sector systems.
- Using advanced research that improves digital innovation initiatives and cyber skills to position Canada as a leader in cybersecurity
- Collaborate with provinces and territories to shape the international cybersecurity environment in the country’s favor
Through this initiative, Canada launched Canadian Cyber Incident Response Centre (CCIRC), which is helping over 1300 organizations. The country also witnessed a steady decline in the number of data breaches.
NIS2 – Europe
The Network and Information Security (NIS) Directive focuses on national cybersecurity capabilities among EU member states, regulations for cross-border cooperation, and general cybersecurity requirements for regulating providers of essential services. NIS2 is applicable to various sectors, including healthcare, energy, and public administration, among others. Evidently, General Data Protection Regulation (GDPR) and NIS2 are the most critical cybersecurity legislations.
NCSS – India
Conceptualized by the Data Security Council of India (DSCI), the National Cyber Security Strategy focuses on twenty-one business areas to ensure a safe, secure, and trusted cyberspace for India. As per this strategy, there is a major focus on security in the public services digitalization initiatives. Similarly, there will also be a stringent focus on developing institutional capabilities that allow timely reporting of cybersecurity vulnerabilities and cyberattacks. The Government of India is also focusing on developing state-level cybersecurity policies that offer guidelines for security architecture, governance, and operations.
Cybersecurity measures to follow
While it is the duty of the government to implement various cybersecurity measures to protect businesses and their citizens, it is also the responsibility of organizations to implement certain cybersecurity measures. Over the last few years, several new methodologies have come into existence, with each having its own advantages and purpose. Here are three security measures that are even more important in light of recent security attacks.
1. Deploy a zero-trust model
Using zero trust principles is considered one of the crucial steps in security planning. Businesses can limit user access within a network to ensure they cannot deviate from the intended task. Through this method, cybersecurity professionals can diminish the potential to identify and access points of weakness within an interconnected network.
2. Invest in ATT&CK
The MITRE Corporation’s Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework is a universal knowledge base of adversary tactics and techniques based on real-life observations of cybersecurity threats. By using ATT&CK to map the tactics, techniques, and procedures (TTPs), businesses can understand their security readiness and implement the relevant risk-based security measures to improve their defense systems.
3. Establish SSDF
The Secure Software Development Framework (SSDF) is a set of fundamental software development practices that offers a common language for explaining secure software development practices. SSDF helps reduce vulnerabilities in released software, minimizing the impact of exploiting existing threats, and addressing the root cause of cybersecurity vulnerabilities. SSDF is developed based on established secure software development practice documents from organizations such as the Open Web Application Security Project (OWASP), BSA, and SAFECode. The SSDF is classified into four steps – prepare the organization (PO), protect the software (PS), produce well-secured software (PW), and respond to vulnerabilities (RV).
If you have questions related to this topic, feel free to book a meeting with one of our solutions experts, mail to sales@amazic.com.
