How can we ensure business continuity in the face of cyberattacks?

Editor’s note: This content is sponsored by Radius Telecoms, Inc. and was produced by BrandRap, the sales and marketing arm of Rappler. No member of the news and editorial team participated in the publishing of this piece.

A multigenerational messaging platform, a technology giant, and a multinational financial services company have one thing in common, apart from their stellar contributions. They all have experienced cyber attacks. If even the most reputable organizations aren’t completely spared from this threat, is complacency even an option? 

Whether it’s a cleverly crafted phishing email or malware that steals information, recovering from headaches like this isn’t only laborious but also costly. What if, instead of constantly worrying about how to get back up when a crisis happens, you have the power to protect your company from being thrown into this situation in the first place – and even adapt to the quickly evolving digital landscape? The first-ever Cyber Resilience Summit by Radius Telecoms, Inc., together with VST ECS Phils., Inc., opened up this possibility.  

On November 18, company executives and experts across different industries, covering data management, cybersecurity, and technology, gathered for an afternoon of helpful advice on how to build cyber resilience, as well as how to perceive this concept as a member of your organization to later inspire action.

“Every connection we make, every device we deploy, every service we deliver depends on the integrity, visibility, and security of our networks. So as we begin today’s session, let’s take this opportunity to connect meaningfully to challenge perspective,” said Alfredo Solis, Jr., Vice President and COO of Radius.

Arlene Singzon, General Manager for Strategic Business at VST ECS Phils, Inc., also mentioned how cybersecurity leans more on prevention. “Cyber resilience, though, is way past prevention. We are here to adapt, to innovate, and to basically be ready,” she added.

To dig deeper into the significance of cyber resilience, we took quick notes from the invited industry experts and identified common threads among their advice.

Lack of visibility hinders cyber resilience

“People and data – they are moving. [They] could be across different cloud platforms and across devices. And one of the big concerns, I can say, is the lack of visibility. It means the data has been collected but not classified[…]” said Cyril Villanueva, Security Consultant at Forcepoint. 

Examples of these, according to Villanueva, are data that just exist in emails, messaging applications, or abandoned servers. Sensitive information may be lying around these servers that are no longer being used. 

“We cannot protect what we cannot see. But the attackers can. Remember, the attackers – they are very good [at] exploiting [the] blind spots.”

Because of this, it’s important to know our data well, which includes being aware of how big of a risk this is in our business. Some of the questions we can ask are, “Can the wrong people, devices, or apps access our data? Can the files be shared too easily? Are there redundant copies of the data that are exposed?”

Villanueva also unpacked the steps of contextualizing data through identifying (e.g., Tax ID, address, product codes), categorizing, classifying (e.g., sensitive, secret, private), and labeling (e.g., legal, source code, intellectual property).

Cyber resilience can thrive on consolidation and simplification

Ryan Shane Dagdag, Sales Engineer of Asia-Pacific at iboss, also mentioned “lack of visibility” as a problem starter, especially with the modern work setup’s hybrid arrangement. 

“Once you move outside your network, you are no longer [bound] with your security features. So we need a security that follows the user and follows the app architecture, so location is now irrelevant,” he said.

Dagdag mentioned how some companies still deal with the challenge of implementing different solutions, instead of having a simplified system: “How [can you] interpret security features with other platforms?”

This led him to discuss the benefits of iboss’ Zero Trust SASE Platform, where the complete legacy security stack is replaced with a single unified platform. 

“Right now, since we can simplify [and] consolidate, we can also reduce the risk of exposure. Because the zero trust SASE is a security that follows the location of every user […]We can deliver the platform securely and efficiently.”

Cyber resilience means security follows you everywhere

“Kapag lumabas na ng office ’yung employee, how can [they] be protected?” (Once the employee heads out of the office, how can they be protected?)

Being constantly connected to security wherever you go is also a point raised by Jon Louis Fernandez, Systems Engineer at Fortinet. “May instances kasi na, ‘Ah, dito naman sa firewall ko, naba-block ko. Pero dito with this other newly adopted solution, hind ko na siya ma-block.” (Because there are instances where someone notices, “Ah, when using this firewall, I’m able to block it. But with this solution we bought, I’m not able to.)

During his conversation with the audience, he highlighted the value of the Fortinet SASE solution and FortiGate, which isn’t just a firewall, but an all-encompassing security fabric. “There is a standardization of security policies,” he said. 

Fernandez also explained how, thanks to Fortinet, users can witness the principle of least privilege, or being given only the necessary security access depending on their function in the organization, reducing potential breaches.

The presence of backups doesn’t always guarantee cyber resilience

In our usual day-to-day, we’re often told to have multiple backups. But is it the end-all be-all of safety? Chee Wai Yeong, Area Vice President of Rubrik, argued that we should go beyond this thinking.

“In a normal disaster, the best copy is always the latest copy. If it’s a backup, it’s last night’s backup. If it’s a snapshot, it’s the latest snapshot. If it’s a replication, it’s the last replica. But in a cyber attack, the latest copy is almost always the wrong copy,” he explained.

The first crucial step to achieving cyber recovery, according to him, is determining the scope of the attack. “Without knowing the scope, you can’t recover because you don’t know what has been touched,” he reminded the attendees.

Afterwards, you should find and quarantine the malware, assess any data breach, and calculate the recovery point.

“Which file has been encrypted? Which system has been infected? All this discovery is then integrated into the recovery, so that within a few clicks, you start a mass recovery,” he stressed.

“Rubrik is responsible – and we see ourselves as a leader – to the last line of defense, which is the recovery part.”

In cyber resilience, don’t underestimate the power of AI

Brian Cotaz, a cybersecurity specialist from Cisco, showed the audience another case of artificial intelligence being a double-edged sword. 

“The threat actors – how are they using AI? Actually, they are not using AI to develop new attacks. No, they are not. They are using AI to enhance their current attack,” Cotaz said.

“[How?] First is that phishing email; second is that the code; and at the end of the day, a [piece of] malware is a code, right? [There] are malware that are working. They are malware that are not working. So now, they are now using AI to enhance their code. Next, hackers are human beings. There are hackers that are very advanced, there are hackers that are not so advanced. Now, you put in AI, [then] the not-so-advanced hackers become very advanced.”

But at the same time, AI can be used for incident analysis and threat handling through Cisco’s Splunk solution.

Cyber resilience is a multilayered process with rewarding benefits

This year, Exercise SG Ready discovered that 17 percent of 4,500 employees clicked on phishing email links, consequently failing the cybersecurity test. This is a story recalled by Ginnwann Teo, Senior Technical Director at Menlo Security, reminding people about how more work needs to be done in building resilient organizations. In his turn at the microphone, he spotlighted how cyber resilience is characterized by very intentional steps, which can be made easier through the help of Menlo Security’s browser protection and file sanitization functions.

Through Menlo Security’s Positive Selection Technology, businesses are shielded from malware infection right from when the files arrive in the system. They are later dissected for any important elements and privacy restrictions, among others. 

He mentioned a case we know all too well: receiving deceitful concert tickets through email.

“We create the ticket, we copy onto our clean template, you get your free QR code[…] This is exactly what we do for every single file you download, when it goes through our CDR (content disarm and reconstruction) solution.”

The prerequisite to cyber resilience is acceptance of rapid change

Of course, toughening up against cyber risks means fully embracing the quickly evolving world. Meralco vice president and chief information security officer Marilene Tayag, who moderated the panel discussion, set up this atmosphere by prompting a conversation about the most overlooked risks of the new hybrid multicloud reality, to which Fernandez mentioned are costs and a new environment.

Meanwhile, Radius president and CEO Exequiel Delgado tried jogging people’s memory by sharing how, in the 1980s when he worked as an accounts manager, all communications were centered in the communication room.

“But that’s not the case today. Communication is spread out. If the circuits that you’re providing to the telco provider goes down, everyone is affected. The productivity of all the employees are affected. That’s why the enterprise network of the future should be highly available.” 

According to him, two additional characteristics of an enterprise network are low latency—“even if your service is up, if it slows down, it means nothing”—and strong security—“as enterprises undergo digital transformation, they expose their assets to cyber actors and criminals.”

“Friends, we’re living at a time of great opportunity, great possibilities, fueled by data, innovation, connectivity. But with great connectivity comes greater responsibility,” he nudged the audience.

“Cyber resilience to me is not all about defense. Cyber security is all about empowerment – arming our employees to make sure they become productive wherever they are, but keeping our network safe in the process. It’s all about protecting businesses as they attempt to become more relevant, more progressive.” – Rappler.com