Future-proofing data against hackers

future-proofing your enterprise's data against hackers

Despite many companies' best efforts to combat cybercrime, it persists and is increasingly costly. Some estimates show cybercrimes could cost the world $6 trillion annually by 2021, up from $3 trillion in 2015. With more Americans online than ever before because of COVID-19, cases have surged 300 percent, according to the FBI’s Cyber Division. It now receives between 3,000 and 4,000 cybersecurity complaints daily -- up from 1,000 per day before the pandemic.

The reason for the rise? As enterprise security moves into the home, hackers are exploiting weaknesses for big profits. Financial gain is the key driver for cybercrime with nearly nine in 10 (86%) breaches being financially-driven. Most of them (70%) are caused by external bad actors who steal credentials and use techniques like phishing to compromise businesses and individuals alike.

We must make our digital world safer, but doing that in a world where enterprises are being asked to make data more useful while adhering to regulatory requirements is a mounting challenge. What is needed is a new security paradigm for the future that goes beyond network infrastructure and network security. We need solutions that consider the full lifecycle of data at rest, in transit, and in use.

This new view of security encompasses everything from public and private networks to the cloud, to local servers and individual endpoints transmitting data over high-speed 4G LTE and 5G networks. Efforts are also looking at ways to harness the properties of quantum physics to create near provably secure encryption.

Here’s a look at some of the latest technologies that may be able to turn the tide against malicious hackers because they can still deliver performance and function at the necessary scale.

Start with the network

As network operations become more complex in the 5G era, they will revolutionize many aspects of commerce and our personal lives. From faster speeds to unlocking a proliferation of Internet of Things devices, the power of 5G requires more powerful security.

It also means additional hardware and software supporting security functions such as firewalls, intrusion detection, denial of service detection and network probes. Security is the foundation of any new 5G network to protect against threats to customers and ensuring the reliability and resilience of communications services against all manner of hazards, including cyber threats.

Who can you trust? Nobody

The future of cybersecurity has no trust, and that’s a good thing. The reality is that encryption has long been the common way to secure data and rest and in transit, but it’s far from perfect and largely ignores how to protect data while it’s in use. Imagine someone in your IT department managing a sensitive database. How can we ensure that your organization’s sensitive data is protected even from malicious internal users?

That’s why the evolving Zero Trust Architecture standard is so important. It offers an effective network security model where no person or device is trusted to access critical company assets without real-time authentication and authorization, whether they are sitting inside an organization’s network perimeter or remotely accessing the network from outside.

An example of a zero-trust approach is applying software-defined perimeters (SDP) to networks. SDP sits between users and servers and applies multifactor authentication to defeat credential theft. It also isolates servers to defeat server exploitation such as attacks on vulnerabilities and configuration errors and encrypts all traffic in impregnable tunnels to deter man-in-the-middle attacks. Finally, its ease of use reduces attempts to circumvent the system just to make daily operations easier.

Homomorphic encryption can also enable new services by removing privacy barriers inhibiting data sharing. For example, predictive analytics on shared data in healthcare can be hard to apply due to medical data privacy concerns, but if the predictive analytics service provider can operate on encrypted data instead, these privacy concerns are diminished.

Quantum physics to the rescue?

Advances in quantum computing have huge security implications and impact consumers and enterprises. With quantum key distribution (QKD), encryption keys are continuously generated; unauthorized attempts to see this data on the quantum channel can be immediately detected since any disruption to the channel breaks the quantum state of photons signaling eavesdroppers are present. Data can be better secured with keys generated using a Quantum Random Number Generator (QRNG) that creates truly random numbers that can’t be predicted.

These are just a few examples of the latest thinking in security as technology evolves to stay one step ahead of cybercriminals and protect your organization’s data.

Venkata Josyula is a Director in Verizon's Technology and Product Development team, driving emerging technologies to enable new products and services. He has 20+ years of experience working in various leadership and engineering roles and led teams on IP / MPLS network architectures, traffic engineering and routing protocols, SDNs, cloud infrastructure, large scale platform and application development. His current areas of focus include cybersecurity, A.I / ML and quantum communications.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.