Tech Security Challenges in the Age of Digital Transformation

Digital technology is not just the trend of the year, it is the tide that has been changing the course of how businesses are going to be run and it is a surge that is yet to fully peak. A new gee-whiz, tech solution comes out every year to upend the established order and bring new ways to gain an edge.

We have witnessed how cloud computing, mobile apps, and social media have impacted the world from the previous examples, however, it is not long for a new round of revolution in the future, where there are already signs of VR, blockchain, AI, and quantum computing rising up. If your company hasn’t already jumped on the digital bandwagon, now is the moment.

The process that exists under the sign of digitization promises new opportunities to people and organizations, which of course there will be times when the going gets tough and everything won’t be so rosy. A major challenge that can be cited here is the security of the technological infrastructure. This is expected to happen because as society gets more connected and various technologies are developed the threats become more complicated and wide, and the higher the dependence on the digital tech is, the higher the exposure to the risk factors is.

Application of such technologies as growth strategies like AI and machine learning are also vulnerable to hacks. Interested in knowing more about managing in these rather rough internet seas? You can listen to our newest Security Swarm Podcast episode in which we discuss the issues and prospects of digitalization in detail.

Nowadays it is equally important to innovate the cybersecurity technology as it is to have the cybersecurity itself. This is partly because of rapid technological advancement taking place on both the traditional ‘white hat’ cybersecurity application side – namely the companies and organizations involved in the utilization and supervision of cybersecurity to guard their data, networks, etc, while on the other side of the spectrum are the ‘black hats’ – the cybercriminals who are keen to exploit weaknesses in these security infrastructures and attack those networks to steal, corrupt and generally misbehave on.

What is happening though is that the threat actors are starting to leverage higher sophistication and technologies and therefore the cybersecurity firms and cybersecurity technology must also move to that level. How? Through innovation. The Global Risk Report 2021 by the World Economic Forum, depicts that “Business, government, and household cybersecurity infrastructure and or measures are overwhelmed or made obsolete by constantly emergent and more frequent cyber-crimes that lead to economic damage, financial loss, geopolitical rivalry and or sociopolitical unrest”.

Cybersecurity must adapt in response to the ever-enhancing and frequenting cyber criminals. Cybersecurity technology in turn helps make innovation possible in every area of the contemporary digital economy, whilst innovative technologies can help cybersecurity businesses protect businesses, organizations, networks, and data around the globe.

As technology continues to rapidly advance, cybersecurity must continuously develop to sustain the pressure of also, well-armed innovation proportionately happening in threat actors’ underworld, but on the bright side, potential threats are also playing an important part in developing a successful business strategy. When they integrate this evaluation into their overall strategy, businesses can quickly spot vulnerabilities and avoid disruptions, which allows them to continue developing in a stable way.

This way, even if a security event does occur, the business can respond to any threats or attacks promptly, and if a breach unfolds, it can minimize and/or mitigate damage. This is often called cyber resiliency, or in the larger context being a resilient business to attacks of various kinds. Businesses are constantly trying to stay ahead and innovate, playing catch up with the transformation in technology advancements, and they are often mishandling the security side of it. Microsoft is one of many companies in this situation

As of 2023, Microsoft has moved 98% of its IT infrastructure to the cloud, something that wasn’t getting too much attention 10 years ago, and this is a prime example of where innovation meets risk. In the summer of 2023, Microsoft suffered a breach in its cloud environment where threat actors had stolen a consumer signing key and then generated tokens for Azure Active Directory and Microsoft accounts (MSA) to gain entry into Exchange Online.

The tech company received criticism for its handling of the security breach, which reportedly began on May 15 when a group known as “Storm 0558” managed to access email accounts. The hackers exploited forged authentication tokens to infiltrate these accounts, which are typically used to verify the identity of entities seeking access to resources, in this case, email inboxes.

Although the company did not provide details about the vulnerability exploited the tech giant mentioned that it took steps to address the forgery method “on behalf of customers.” They mentioned that on June 26th the webmail version of Outlook stopped accepting tokens issued from Azure AD, now known as Microsoft Entra ID.

A day after the breach, the threat actors forced Microsoft’s hand to apply changes and strengthen their security posture by disabling the use of tokens signed with the compromised key and replacing it by June 29th to prevent further misuse. In the end, Microsoft invalidated all MSA signatures, including those acquired by the hackers during the incident.

The company stated that they have enhanced tech security measures for issuance systems following this incident. They have increased the isolation of these systems from environments and users. Implemented improved monitoring and automated alerts, for key-related activities. Here is a breakdown of the CSRB report on our podcasts Microsoft Storm Breach Part 1 and Microsoft Storm Breach Part 2.

Overcoming these challenges won’t be a walk in the park. It will involve considering security aspects throughout transformation initiatives. While Focusing on profitability and efficiency it’s particularly important to also think about ensuring security and building trust in our businesses from the start.

The good news is that organizations don’t have to tackle this on their own. With an outsourcing market and advancements in security technologies, APIs, and cloud platforms companies can collaborate with security experts, sharing intel and necessary resources to adapt swiftly and effectively to a changing security scenery. There’s a lot at stake here as the rise of digital (and cybersecurity) transformation has catapulted companies and agile disruptors into the limelight but success will only smile upon those who prioritize their security posture and take proactive steps.

When encouraging innovation within a company, it’s crucial to establish a risk management plan aligned with the organization’s goals. Regular reviews of this strategy can enhance its effectiveness, and refine the concepts over time, resulting in decision-makers identifying, and resolving issues before they become security concerns.

1. In 2023, threat actors exploited an SQL vulnerability in Progress Software’s MOVEit file transfer app, used by thousands of organizations across the world.

Several organizations whose supply chains use the MOVEit app suffered a data breach, resulting in customer and/or employee data being stolen.

• What exactly does ‘secure managed file transfer software’ entail? It’s a tech solution that enables companies to securely exchange data, between systems and individuals to adhere to compliance requirements.” Furthermore, considering the entities affected – government bodies, educational institutions, and industries holding data – it’s likely that many of them utilized MOVEit to fulfill their compliance duties ensuring a more secure data transfer process compared to using email or public file-sharing platforms

2. Cambridge Analytica, Facebook Scandal (2018): social media has been around for over 20 years now however; the use case is now something bigger than just connecting old friends. The perfect example of Digital Transformation. Businesses can Identify emerging trends and address issues as soon as they arise by tracking relevant keywords and mentions. Cambridge Analytica teamed up with Facebook to gather information from individuals using the app called thisisyourdigitallife, which was developed by Aleksandr Kogan. Participants were compensated for taking a personality test through the app. Initially, Cambridge Analytica stated that the data collected would be used for research purposes only. However as reported by Cadwalladr and Graham Harrison the app also harvested data, from the Facebook friends of the test takers resulting in a database of tens of millions of individuals. Although Facebook’s platform policy permitted the collection of friend’s data to enhance user experience within the app and prohibited its sale or use, for advertising purposes Cambridge Analytica breached this policy.

3. SolarWinds Cyberattack (2020): In one of the most sophisticated and far-reaching cyber espionage campaigns ever discovered, hackers affiliated with the Russian government infiltrated the networks of numerous U.S. federal agencies and private companies through a compromised update in SolarWinds’ Orion software. This software, widely used for IT infrastructure management, was updated with malicious code, which then allowed the attackers to spy on and steal sensitive data from a multitude of high-profile targets, including the U.S. Departments of Homeland Security, Treasury, and Commerce, among others

4. The ransomware attack known as WannaCry that occurred in May 2017 serves as an illustration of the conflict between progress and safeguarding. This cyber threat took advantage of a weakness, in Microsoft Windows, which was first identified by the National Security Agency (NSA). The security flaw, dubbed EternalBlue was exposed to the public by the hacking group Shadow Brokers resulting in one of the largest ransomware assaults ever witnessed.

To properly protect your working environment, use Hornetsecurity Security Awareness Service to educate your employees on how to secure your critical data.

To properly protect your email technology environment, use Hornetsecurity email services such as:

• Spam & Malware Protection
• Advanced Threat Protection
• Email Encryption
• Email Continuity Service
• Email Signature & Disclaimer

To keep up with the latest articles and practices, visit our Hornetsecurity blog now.

In the security sector, understanding what is happening in the world becomes a critical issue, and transforming in conjunction with society is not an option. With each present change, new alternatives and scenarios open up, because the future is being built whether we like it or not, and if this is not done strategically, the waves of change can become real tsunamis. It is only by being part of this transformation that the ability to respond to the new needs of people and organizations is generated; this is precisely what radical innovation is: to stop waiting for the future and join the movement of the world.

Security services in today’s world must be able to anticipate risks in an intelligent and agile way, taking into account the significant diversity of threats from different spheres, sometimes resulting from the hybridization of different environments and actors. This implies working on corporate foresight, acquiring skills and abilities to detect patterns of change, interpret the impacts on the organization, and propose long-term courses of action with the perspective of radical innovation.