Experts share biggest cybersecurity threats ahead of cyber trends event
"Businesses are becoming... dependent on software we expect to be engineered like bridges, but are more often than not hacked together like my childhood treehouse." - Alex Dow, Mirai Security
The past year has demonstrated the importance of technology and innovation to countless industries, ranging from healthcare to education to fitness. But accelerating digital transformation brings new challenges to light, as it increases cyber risk and vulnerability in businesses of every size in every sector.
To explore and discuss these issues, the Vancouver Entrepreneurs’ Forum is hosting “The OMFG Report” & What Software Developers Need to Know. It’s VEF’s final event of the season, taking place online this Tuesday, June 22, 2021 at 3:45pm.
In advance, Vancouver Tech Journal spoke with a number of cybersecurity experts about their thoughts on the biggest cybersecurity threats and trends for 2021. Here’s a sample of what they had to say.
Biggest cyber threats
Multiple experts identified ransomware as the biggest cybersecurity threat to people and organizations. Generally, in a ransomware attack, hackers employ encryption to hold or prevent access to a victim's information—and a ransom is demanded to provide access.
But lately, attackers haven’t just been locking down access, said Michael Argast, CEO of Kobalt.io, “but interrupting pipelines, meat distribution, and also stealing and blackmailing on the release of data. Unfortunately, this is being made worse by the fact that insurers are starting to get skittish about insuring against these attacks, with major insurers withdrawing coverage.”
Rob Masse, a partner at Deloitte focused on risk, agrees. “The game changer to organizations, big or small, will be the shift we’ve started to see with AXA (insurance) refusing to pay ransoms in France,” he said. “If this trend takes off, it can force attackers to change their monetization scheme and their attack patterns.”
Alex Dow, the chief technology officer at Mirai Security, said global cyber criminals are obvious cyber threats and points the finger at Russia and China. However, he believes there’s a bigger and more systemic threat to businesses: the businesses themselves.
Dow acknowledges that there’s a “criminal element actively targeting our businesses for profit.” However, he argued that businesses “need to self-reflect on why the proverbial barn door is so wide-open and hackers are pillaging our data.”
Most notable trends
“Companies are racing to innovate through Cloud adoption, SaaSification and in-house development,” he explained. “Blinded by pro-innovation and near-miss biases, leadership focuses on success and disregards potential weaknesses, indifferent to the evolving threat landscape and unaware of their growing legal and regulatory obligations. Businesses are becoming increasingly dependent on software we expect to be engineered like bridges, but are more often than not hacked together like my childhood treehouse.”
He fears leaders are making uninformed decisions for the sake of innovation, “building their critical business systems on sand, putting user’s data at risk and not appropriately preparing for the cyber threats of the future.”
On a related note, Argast, the CEO of Kobalt.io, believes there’s an emergence of supply chain risk management for any company working with data—SaaS companies, software providers, health tech, and fintech. This trend is impacting enterprise and government procurement and tech startup sales due to “increased scrutiny and a need for completion of compliance standards like SOC2.” (SOC 2 is a framework applied to SaaS companies that store customer data in the cloud to ensure that corporate controls safeguard customer data.)
“Compromises like the Solarwinds breach this year have only increased demand,” Argast added.
Interested in more cybersecurity insights? Join VTJ at Cyber Security: “The OMFG Report” & What Software Developers Need to Know, hosted by the Vancouver Entrepreneurs’ Forum on June 22, 2021.
Speakers include Erica Pretorius (Deloitte) Alex Dow (Mirai Security), Rob Labbe) Teck Resources), Robert Masse (Deloitte), Jennifer Strutt (Mirai), Charles Tong (heymate!), Michelle Li (Leafi Home) and Peter Kostka (Machinery Analytics).