When asked what keeps them up at night, the 1,300 C-suite executives globally who were interviewed, listed supply chain threats as the top risk.
Indeed, with the chain only as strong as its weakest link, supply chain ecosystems, which are often as long as they are complex, provide a weak spot that puts every global enterprise in the crosshairs of cyber criminals.
Take the BBC, British Airways, Aer Lingus and Boots for example, who this month are among a growing number of companies that have fallen victim to a third-party cyber breach. The attack, which was perpetrated by the Russian cybercriminal group, Clop, exploited a key vulnerability in MOVEit transfer software, which is used by all four organisations. From there, Clop, which specialises in ransomware and data theft attacks, was able to steal personal data including national insurance numbers and the bank details of thousands of staff.
So, why are supply chain vulnerabilities making organisations more susceptible to cyberattack? Haider Pasha, chief security officer of Palo Alto Networks for EMEA & LATAM, says, “it isn’t just third-party ransomware attacks that are increasing”. He notes that the overall threat landscape “continues to evolve” due to the adoption of remote and hybrid working models, plus a major shift to the cloud, which he notes “have become the new-normal in a post-pandemic world and have increased our digital attack surface significantly”.
As a result, Pasha points to recent research carried out by the company’s elite threat intelligence and security consulting team, Unit 42, which highlights four worrying trends.
Pasha explains: “Research by Unit 42, whose multi-layered research capability includes monitoring the dark web, has revealed that due to an increased number of enterprises embracing digital transformation over the last three years, off-the-shelf tools have lowered the barriers to entry into cybercrime. As a result, we’re likely to see a new generation of cyber criminals emerge to add to the threat already posed by organised crime and state sponsored cyber groups, who frequently carry out ransomware attacks.”
With a perfect storm of cyber threats having already made landfall, Pasha, who has worked in the cyber security sector for 25 years, says that organisations who want to stay one step ahead of cyber criminals “must be able to forensically analyse attacks, and the actions of perpetrators, in real time”.
Organisations who want to stay one step ahead of cyber criminals must be able to forensically analyse attacks, and the actions of perpetrators, in real time
Pasha explains, “At Palo Alto Networks, unlike other cyber security companies, who only offer post-incident response, our unique selling point is that we join the dots and provide 80,000 customers – each of whom span the global industry value chain – with the entire life-cycle of a cyberattack.”
To meet its objectives, the company, which was founded in 2005 by Israeli-American Nir Zuk, has inculcated a five-stage process within the DNA of its 13,500-plus staff.
Says Pasha, “The Prepare, Protect, Detect, Respond and Remediate methodology is at the heart of everything we do in our mission to protect endpoints, the cloud and the network of our customers.”
To counter supply chain attacks, for instance, Palo Alto Network’s advanced service management capabilities provides clients with a platform that tells them in real-time where their critical assets are located.
“This unique visibility not only pinpoints the location of all critical and non-critical data, but it contains another pioneering feature, which scans imported code, such as open source, for potential vulnerabilities throughout its life-cycle. This ensures that an extra layer of security is deeply embedded within the continuous integration/continuous delivery (CI/CD) pipeline.”
But perhaps the greatest game-changer is that Palo Alto Networks has been using state-of-the-art artificial intelligence to power all of their leading-edge solutions for over a decade.
Pasha says, “We began using AI in our WildFires product over 10 years ago. Wildfire is a cloud-based service that provides malware sandboxing while fully integrating with the client’s cloud or on-premise systems. Previously, it was the responsibility of an analyst to decide whether a suspicious file was good or bad. That job could take hours, But, with AI, we discovered that it could be completed in seconds. That was a groundbreaking moment for us as it demonstrated the power of AI to transform entire security operation centres (SOCs).
“Now we are finding that when organisations deploy the right level of good data in their SOCs, AI, which underpins our entire suite of products, can reduce the number of roles and functions in a traditional SOC team.”
And the chief benefit? “It enables the same number of people to work more efficiently, effectively and towards tasks that they enjoy, such as hunting and building automation playbooks. That’s a win-win for us and the organisations that we serve.”
It might even mean a few extra hours of rest for sleep deprived C-suite leaders…
For more information, please visit paloaltonetworks.co.uk
