NTT Ltd., a global technology services provider, has announced the most critical cyber security trends that will shape the business technology landscape in 2020 – and the steps organisations need to take to address them. The Future Disrupted: 2020 Technology Trends, which include key insights from the company’s Security division, reveal that Security Orchestration, Automation, and Response (SOAR) will rocket as attacks happening at machine speed demand an AI-based approach to security. Around 75% of the threats detected in NTT Ltd.’s Security Operation Centres (SOCs) are now orchestrated by supervised machine learning and threat intelligence. Its security experts use algorithms to recognise patterns, identify anomalies and automatically orchestrate security controls. Embedding this level of intelligence into infrastructure and applications will therefore become a top priority for businesses. Active cyber defence in 2020 Organisations need to regularly evaluate the security hygiene of applications across their entire business" “Cyber attacks are happening at machine speed, not human speed”, comments Azeem Aleem, VP Consulting Security, NTT Ltd. “To keep up, organisations will need the help of machines – and data scientists – and this is why we believe Security Orchestration, Automation, and Response will be the hottest area in cyber security in the year to come." "It enables organisations to predict when an attack is going to happen – and fast. In fact, we don't even talk about proactive security to our clients anymore. We talk about predictive security, which we believe will become essential for delivering an active cyber defence in 2020.” NTT Ltd. also reveals that applications are becoming the new attack vector, with application-specific and web-application attacks now accounting for a third (32%) of hostile traffic – making them the single most common form of hostile activity, according to NTT Ltd.’s 2019 Global Threat Intelligence Report (GTIR). Cloud-based and software-defined Azeem Aleem adds: “Now that infrastructure is more cloud-based and software-defined, we are entering a world where the application is the easiest way to compromise data. If our latest GTIR is anything to go by, the number of attacks on applications is only going to increase." Fixed infrastructure tends to have standard traffic patterns that make it relatively easy to identify anomalies "At a minimum, organisations need to regularly evaluate the security hygiene of applications across their entire business and apply the necessary patches – an exercise that can no longer be neglected. Infrastructure will still be a target, however, so organisations also need to test and manage security from the data centre right through to the edge.” Software-based security controls Some of the other cyber security trends include: Security goes to the cloud: While organisations still buy on-premises equipment, largely for compliance reasons, more applications and workloads are being created and hosted in cloud environments. However, if organisations are using multiple hosting centres or hyperscalers, it’s more difficult to apply standardised, software-based security controls across the entire infrastructure. Applying security to the application or workload will enable them to monitor and implement the appropriate controls. Hyperscaler patterns continue to be elusive: Fixed infrastructure tends to have standard traffic patterns that make it relatively easy to identify anomalies. This is not the case with hyperscalers, which also make hundreds of thousands of high-speed updates to their platform on any given day. This will make it very difficult for organisations to monitor the interactions between humans, machines, data and applications in order to identify patterns and anomalies. Information, context and intelligence therefore need to be applied for a modern and robust security posture. Data lakes and data wallets: Data lakes will enable new models of predictive analytics. What’s more, we will see data wallets that put data in the hands of the person who owns it and making it completely secure for them. Nobody can access that data without certain permissions being in place and, if the user is under threat, can be locked down. Most effective intelligent technology solutions NTT Ltd. is the newly-formed company bringing together 40,000 people from across 31 brands – including NTT Communications, Dimension Data and NTT Security – to serve 10,000 clients from around the world. Using the insights gathered from its global client base, NTT Ltd. is able to better understand the future and shape the most effective intelligent technology solutions for its customers. The Future Disrupted: 2020 Technology Trends looks at the way businesses need to prepare for tomorrow, in the next year.
UK organisations are failing to make progress towards strong cybersecurity and are facing paralysis as cybercriminals become more advanced. This is the conclusion drawn from the findings of the 2019 Risk:Value report – ‘Destination standstill. Are you asleep at the wheel?’ – from NTT Security, the specialised security company and centre of excellence in security for NTT Group. Examining the attitudes of 2,256 non-IT decision makers to risk and the value of security to the business, NTT Security’s annual Risk:Value report researches C-level executives and other senior decision makers across 20 countries in the Americas, Asia Pacific and Europe, including the UK, and from across multiple industry sectors. Impact of cyber attacks on businesses Almost all respondents in the UK believe that strong cybersecurity is important to their business over the next 12 monthsUK respondents are aware of the risks posed by cyber threats, with over half (54 per cent) ranking cyber attacks on their organisation as one of the top three issues that could affect businesses in the next 12 months – second only to ‘economic or financial crisis’ (56 per cent). While global organisations rank ‘loss of company data’ in third place, in the UK, 44 per cent believe that cyber attacks on critical infrastructure is a far greater threat. Of the most vulnerable components of critical national infrastructure, telecoms, energy and electricity networks take first, second and third place. Almost all (90 per cent) respondents in the UK believe that strong cybersecurity is important to their business over the next 12 months, compared to 78 per cent who say the same about ‘growing revenue and profit’, while 93 per cent believe cybersecurity has a big role to play in society. According to the report, strong cybersecurity allows UK organisations to ‘ensure the integrity of their data’ (58 per cent) and ‘ensure only the right people have access’ to this data (56 per cent), while around half say it ‘helps protect the brand’. Good and bad practice in cybersecurity Businesses in India, a new country to the research, are now the best performing in the world for cybersecurityFor each organisation in the research for the last two years, NTT Security has analysed the responses for good and bad practice in cybersecurity, with good practice awarded positive scores and bad practice awarded negative scores. The results show a worrying lack of progress globally: in 2019 as in 2018, the average score was just +3, meaning that there is nearly as much bad practice as good practice. Thirty-two per cent of businesses score less than zero: that is, they are exhibiting more bad practice than good practice. Businesses in India, a new country to the research, are now the best performing in the world for cybersecurity, ahead of the UK. The performance of organisations in France, Germany and Singapore has worsened in the last year, as has the performance of the financial services, telecommunications, chemicals, pharmaceuticals, oil and gas and private healthcare sectors, placing doubt on the robustness of critical national infrastructure. Areas where UK organisations are stalling Paying cybercriminals: A third (33 per cent) of UK respondents say that they would rather pay a ransom to a hacker than invest more in security because it would be cheaper, a significant rise of 12 per cent over 2018’s Risk:Value report. In addition, 34 per cent said they would rather pay a ransom to a hacker than get a fine for non-compliance of data regulations. Budgets: Security budgets in the UK are potentially failing to keep up with increasing cyber risk, with the percentage of IT budget attributed to security (15 per cent) in line with the global average. The percentage of operations budget spent on security has fallen by around 1 per cent since 2018, to 16.5 percent in 2019. GDPR compliance: Just 30 per cent globally believe they are subject to GDPR, a year on from the deadline, despite it affecting all organisations that have operations or customers in any European Union member state. The UK is a more respectable 48 per cent – still behind Spain (55 per cent) and Italy (50 per cent). Internal security policies: Businesses are still failing to be proactive internally. At a global level, 58 per cent have a formal information security policy in place, just 1 per cent up over last year. While the UK shows an impressive 70 per cent with a policy in place, this is down on last year’s 77 per cent. Less than half (47 per cent), however, admit that their employees are fully aware of such a policy. Incident response plans: In 2019, 60 per cent of UK organisations have an incident response plan in place in the event of a security breach, a 3 per cent drop. However, this is still above the global average of 52 per cent and among the highest figures across all 20 countries. Blaming IT: Around half (44 per cent) of UK respondents believe cybersecurity ‘is the IT department’s problem and not the wider business’, which is in line with the global average of 45 per cent. While Swedish organisations are most likely to blame IT (60 per cent), Brazil is least likely (28 per cent) to do so. Time spent on recovery from cyber breach The cost of recovering from a breach is estimated to be $1.2 million in the UK, matching the global averageThe 2019 Risk:Value report reveals that the time spent on recovering from a cyber breach continues to rise year on year, with UK respondents estimating that it will take 93 days on average to recover. The UK figure is a significant rise of nearly double over last year’s estimated 47 days. The UK now ranks as one of the highest figures globally compared to one of the lowest in 2018. The cost of recovering from a breach is estimated to be $1.2 million in the UK, matching the global average. Notably in the Nordics, costs are predicted to be much higher, with Norway at $1.8 million and Sweden in first place with expected recovery costs for a business suffering a breach of $3 million. Oil & Gas is the industry sector having to spend the most on recovery efforts to the tune of $2.3 million. The estimated loss in revenue in percentage terms is up year on year in the UK – 12.9 per cent, up from 9.7 per cent in 2018, and in line with the global average of 12.7 per cent. Integration of new technologies The execution of cybersecurity strategies must improve or business risk will escalate for the organisations concerned"Commenting on the 2019 findings, Azeem Aleem, VP Consulting, NTT Security, says: “The Risk:Value report is an interesting barometer based on responses from those sitting outside of the IT function – and is often very revealing. What’s clear is that the world around them is changing, and changing fast, with the introduction of new regulations, integration of new technologies and fast-paced digital transformation projects changing the way we work. "What’s concerning though is that organisations seem to have come to a standstill in their journey to cybersecurity best practice – and it’s particularly worrying to see UK businesses falling behind in some critical areas like incident response planning. “Decision makers clearly see security as an enabler; something that can help the business and society in general. But while awareness of cyber risks is high, organisations still lack the ability, or perhaps the will, to manage them effectively. The execution of cybersecurity strategies must improve or business risk will escalate for the organisations concerned.”
NTT Security, the specialised security company of NTT Group, has strengthened its UK management team with the appointment of Azeem Aleem to the position of Vice President Consulting and Head of its UK & Ireland (UK&I) business. Azeem is a highly respected cybersecurity specialist and joins following a six-year tenure at RSA Security, where most recently he held the role of Global Director and Head of its Worldwide Advanced Cyber Defense (ACD) Practice. Experienced cybersecurity expert “Azeem is a very experienced cybersecurity expert and leader with a strong global background and I am very glad to welcome him to NTT Security. He will strengthen our UK management team, but also contribute, based on his extensive experience, to the success of our EMEA organisation,” says Kai Grunwitz, Senior Vice President EMEA at NTT Security. Azeem joins NTT Security with a strong track record in cybersecurity with over 15 years’ experience in cyber defense technologies, security operations, counter threat intelligence, data analytics and behavioural classification of the cybercriminal. Within the domain of organisational operations, Azeem has wide-ranging experience in managing P&L, driving operational excellence, change management and process re-engineering. Azeem has been at the forefront of architecting cyber resilience capabilities against Advanced Persistent Threats Cyber threat prevention Azeem has been at the forefront of architecting cyber resilience capabilities against Advanced Persistent Threats (APT) for some of the best financial, government and public sector organisations across Europe, the US, Asia and the Middle East. He has worked with both national and international law enforcement agencies around intelligence training, detection and investigation of cybercrime. As a subject matter expert, he has made frequent appearances on regional television and radio programmes commenting on the increase of cyber threats that are affecting the security of our connected society. A published book author and academic criminologist, he has authored several periodicals on advanced security threats in peer reviewed journals and security magazines. He is an eminent plenary conference guest speaker both at national and international level.