Cyber crime is no boogieman that lurks in the dark

By Jordan Govender, Marketing Manager.


Johannesburg, 27 Feb 2019
Read time 11min 50sec

GTconsult loves success stories, particularly when they involve an issue that is pertinent and relevant to the industry in which it practices.

It is no surprise, therefore, that the company read with joy about a cyber security start-up that is thriving. In this week's blog, GTconsult will focus on how AI can change the game when it comes to cyber security, and how investing in cyber security will be the ticket to the game when it comes to the profitability of your business.

Happy days

An article on cisomag.com pointed out that cyber security start-up Medigate has raised $15 million.

The capital was raised in a series A funding round, led by the US Venture Partners along with the participation from existing investors YL Ventures and Blumberg Capital.

The Israel-based start-up stated the new investment will be used to accelerate its growth and increase the personnel across its research and development, marketing and sales units.

Important protection

The article points out that, founded in 2017, Medigate helps manage and secure connected medical devices like patient monitors, MRIs and CAT scanners from evolving cyber threats.

The company claims its security solutions platform allows healthcare organisations to identify all devices connecting to their network, manage security updates, and monitor for any suspicious activity.

"The trend towards connected medical devices poses two challenges to hospitals: protecting these devices, which treat people, and managing the large numbers of such devices on the hospital network. Medigate provides a solution for both problems. We identify the devices and also protect them very precisely," Medigate co-founder and CEO Jonathan Langer told cisomag.com.

"Every manufacturer of medical devices uses a different communications network protocol. We learned how to read hundreds of different protocols and to handle most of them. That is what enables us to be much more precise than our competitors. In order to understand how a protocol is constructed, it is necessary to decode it, reverse engineering. This requires very specific expertise. All of the company's employees worked in cyber during their army service and have this type of expertise," Langer added.

High trajectory

According to a market research report, the medical device security market is projected to reach US$6.59 billion by 2023 from $4.36 billion in 2018, at a CAGR of 8.6%.

The cisomag.com article points out that factors such as increasing instances of healthcare cyber attacks and threats, growing geriatric population and the subsequent growth in chronic disease management, government regulations and the need for compliance, growing demand for connected medical devices, and increasing adoption of BYOD and IOT are driving the growth of the medical device security market.

Important investment

Investing in cyber security, and doing business with companies such as Medigate, are critical business functions that all corporations should invest time and energy into. A recent article on fedscoop.com outlined how critical this investment is.

The article points out that if you're like many people in today's app-centric culture, whenever a technology-related challenge arises, your first instinct might be to throw more technology at the problem.

Think of when a new security policy is introduced, or a previously unknown virus or hack is discovered. It's understandable if your initial inclination is to look into procuring, or having research and development create, a new application to address the issue.

The article asked what if you already have the answer you need? Maybe it already exists in one of the applications that comprise your technology stack. Or perhaps it's baked into the operating system that you're currently using. It might be, but with an ever-growing technology stack, you may not realise that the tool you need may already be at your fingertips.

Let's take a look at how you can optimise your stack to make the most out of the technology you already have and strengthen your security posture.

What is a security solution anyway?

According to IDC, worldwide spending on security solutions was expected to reach $91 billion last year, and the federal government is one of the biggest spenders.

The article asks what constitutes security solutions in 2019? Certainly, standalone firewalls, virus protection software, and similar technologies fit the bill. But so do operating systems and other solutions that, 10 years ago, may not have been considered true "security solutions." Back then, security was often sold as a separate offering. Today, it's considered table stakes and often baked into many infrastructure technologies and operating systems.

And yet, per the IDC report, agencies are continuing to invest more money in additional applications to bolster their security postures. Perhaps this is because they do not understand the full capabilities of the solutions they have already purchased. Or, maybe their technology stacks have grown so big they no longer have a good grasp on which solutions are included within them. This can pose real issues when FITARA scorecards are introduced, which include regularly updated and maintained software inventories as a key metric.

The article adds that, fortunately, there are three things you can do to tame your security tech stack and help you get the best possible ROI for the technology you've already purchased.

Work with vendors to understand what you're already paying for

The article points out that modern operating systems can contain thousands of packages, many of which you may never use. But, if a certain need does arise, a new lock-down script and tooling for better security, for example, it's a good idea to first check to see if it's included in your current operating system. This could save you from taking the time to research and potentially acquire a new solution that ends up being a duplicate of an untapped feature you've already paid for.

Your first step should be to contact your vendor, who can help answer your questions and identify whether or not their software includes the capabilities you need. While any good vendor should willingly do this, those who offer their services as part of a subscription are particularly incentivised to help. These vendors have a vested interest in helping you get the most value from your software investment.

The article adds that many of these vendors offer free workshops and individual and group skills assessments. These are designed to help you familiarise yourself with their solutions and provide a baseline evaluation so you can understand where to focus your training. Take them up on these offers. Their experts and training materials can help you understand and uncover tools that you may not have otherwise known about.

Use outside resources and communities

The article points out that you don't just have to rely on vendors, however. There's a wealth of information and resources dedicated to government technology. Use them to help uncover the hidden features of your operating systems and applications or understand whether or not a particular solution is worth your time and money.

There are a number of communities comprising fellow federal IT professionals who can help answer your questions and guide you in making the right technology decisions. Gov-sec is an active forum in which government and systems integrator users discuss and explore the latest security best practices. Its purpose is to provide information regarding existing compliance and accreditation strategies so you don't have to duplicate efforts. You can also use the SCAP Security Guide to share best practices surrounding security. In each case, you can learn from your peers who are going through similar challenges as you, and lend your own voice to the community that is solving those challenges.

The article adds that NIST's National Checklist Program Repository is also a great resource. With the Checklist, you can receive low-level and authoritative government and vendor guidance on setting the security configurations of various operating systems and applications. It's a simple and direct way to discover how to implement the security features of the solutions you already have in your stack.

So, before you begin researching new applications and start filling out those requisition forms, do yourself a favour. Take a close look at what you've got at your disposal. Call your vendors and talk to them about the tools you've purchased. There's a good chance you may already have what you need.

Next-level protection

As you know, GTconsult is simply in love with AI, and AI can significantly benefit a company when it comes to cyber security.

The article points out that two hospitals in Ohio and West Virginia turned patients away due to a ransomware attack that led to a system failure. The hospitals could not process any emergency patient requests. Hence, they sent incoming patients to nearby hospitals. It is due to incidents like these that cyber threats are one of the top concerns for several industry leaders today.

However, such situations can be avoided with modern technologies such as artificial intelligence and machine learning. AI has already displayed limitless potential in various applications across different industries. Likewise, deploying AI for cyber security solutions will help protect organisations from existing cyber threats and help identify newer malware types too. Additionally, AI-powered cyber security systems can ensure effective security standards and help in the creation of better prevention and recovery strategies. Using AI for cyber security will give rise to data-driven security models.

Limitations of using AI for cyber security

The article adds that although there are many benefits of deploying AI for cyber security, the limitations of AI are obstructing the mainstream adoption of the technology. For starters, building and maintaining an AI-based system requires a tremendous amount of resources, such as memory, computing power and data. Since AI systems are trained with data, cyber security firms need to feed new data sets of malicious codes and non-malicious codes regularly to help AI learn. Besides, the data used for training needs to be accurate, as inaccurate data will lead to inefficient outcomes. Therefore, finding and collecting precise data sets can be a tedious and time-consuming task.

The article points out that, similar to ethical hackers and cyber security experts that use AI for cyber security, black hat hackers can use AI to test their own malware. With constant testing, hackers can develop advanced malware or maybe even AI-proof malware strains. Considering the malware risks we face today, one can only imagine how destructive an AI-proof malware could be. Using the same principles, hackers can develop their own AI system that can outsmart AI-powered cyber security systems. Such systems can learn from the existing AI systems and lead to even more advanced cyber attacks.

Solutions for overcoming the challenges

The article adds that, after knowing the limitations, organisations need to understand that AI has a long way to go before it becomes a standalone cyber security solution. Until then, using AI for cyber security along with the traditional techniques is the best option. Hence, organisations can follow the below guidelines to maintain effective security standards:

* Hire experienced cyber security professionals with niche skills;
* Cyber security professionals can test systems and networks for vulnerabilities and fix them preemptively;
* Use URL filtering and reputation-based security services to block malicious links that may contain viruses or malware;
* Implement firewalls and malware scanners to block malware and viruses. Further, hackers constantly redesign malware to avoid being detected by traditional signature-based systems. Hence, using advanced persistent threat protection and AI for cyber security can help detect malware based on malware behaviour;
* Organisations must pay close attention to the outgoing traffic and apply egress filters to restrict the outgoing traffic;
* Analyse cyber threats and security protocols to gain informative insights that would help create a more secure approach toward cyber attacks;
* Update existing systems in the organisation to integrate modern technologies such as AI and machine learning;
* Conducting regular audits of hardware and software to monitor the health of the systems must be among the top priorities;
* Organisations should consider training employees and educating them about cyber attacks; and
* Incentivise and promote the development of innovative applications.

Even after following all these steps, every organisation remains prone to cyber attacks.

The article points out that many tech giants use state-of-the-art security systems and still fall prey to cyber threats. For example, Yahoo has recently agreed for a $50 million settlement for a data breach in 2013. The data breach compromised e-mail addresses and personal information of approximately 3 billion users. Hence, organisations need to proactively work with cyber security experts to create recovery strategies.

"Cyber security is an important aspect of any company. By failing to prepare, you are preparing your company to fail; do not think that cyber security can be taken lightly. This is no childhood boogie-man that lurks in the dark," says Bradley Geldenhuys, CEO and Co-Founder of GTconsult.

Editorial contacts
GTconsult Jordan Govender jordan@gtconsult.com