How cybersecurity architecture will evolve: more attacks and more sophisticated ones – Telefónica
Daniel Consentini Follow
Cybersecurity area of Telefónica Tech
Link copied.
Like technology in general, cybersecurity must constantly evolve. Whereas we used to focus on highly elaborate, targeted and dangerous manual attacks, we are now concerned about the automation and sophistication of attacks driven by advances in artificial intelligence.
For this reason, layered defence remains a key element when designing a cybersecurity strategy, but it is no longer sufficient, as we must evolve or transform the overall architecture. Some of these concepts may include:
It is often said that Artificial Intelligence is a double-edged sword in our sector, and this represents a shift in cybersecurity thinking and architecture.
As I mentioned earlier, we need to use AI and machine learning to reach places where humans simply cannot go. For large-scale review and analysis, these technologies are brilliant tools because they have the ability to detect patterns and study complex structures in seconds, compared to the hours or even days required for manual analysis. Similarly, all this is combined with a high degree of intelligent automation, where the focus is no longer just on detection, but also on reacting in real time to potential attacks without the need for human intervention.
Establishing this architectural approach is essential, as Artificial Intelligence is also being used for malicious purposes, and there are increasingly more large-scale, sophisticated attacks. The need for an early response is therefore crucial, and our architecture must align with this model.
Finally, the design must also address the security of the Artificial Intelligence itself. We are talking about AI working directly with information that may be critical to the business, and in this regard, we must ensure that it does not become a point of failure or a source of information leakage.
This is likely to be one of the biggest changes in terms of cybersecurity architecture, as what organisations previously had clearly defined with a strictly delimited perimeter is now spread across a vast geographical area with a wide variety of solutions, manufacturers, platforms, etc.
In the past, with servers ‘on-premises’, organisations knew exactly where their network began and ended. With the advent of the cloud and edge computing, this boundary has disappeared, extending beyond corporate borders. Along these lines, organisations are delegating part of their security to external providers, in what is now known as the shared security model. The architecture’s mission is to bring all the pieces together, knowing what can and cannot be managed in the cloud, and focusing on identity and data regardless of where they are located, all without losing the agility offered by the cloud.
In a hybrid environment, organisations require full traceability of information, which necessitates understanding the flow from the moment it leaves the on-premises environment until it reaches the cloud. In this regard, data governance becomes another major challenge, as information can be located anywhere at any time. [VM1] Labelling and maintaining control over data is fundamental to ensuring that sensitive information is always identified.
Zero Trust, rather than being a future concept, can be considered a reality upon which to design a comprehensive cybersecurity solution today. This type of architecture is not based on specific tools, but on a high-level model comprising different components, where we consider some of the principles discussed previously:
The adoption of IoT systems represents one of the greatest surges in heterogeneous devices connected to the Internet that we have seen. In this scenario, where cyberattacks number in the billions, architecture and design must be decisive given the sheer volume and diversity of devices.
One of the main strategies organisations can adopt is segmentation and defence in depth, classic principles of cybersecurity. IoT devices often do not follow security best practices, so these weaknesses must be mitigated with network solutions such as segmentation and the isolation of each system to what is strictly necessary.
Along the same lines, edge security can be achieved through gateways that act as secure ‘gateways’ between the device itself and external elements. In this way, in addition to isolation, the type of traffic can be assessed and inspected for security. Similarly, there are solutions that incorporate features such as virtual patching, which is so necessary in today’s world.
On the other hand, it is worth highlighting a non-technical strategy: common sense in design and solution implementation. In certain situations and scenarios, we do not need absolutely everything to be connected; rather, we must carry out a brief analysis to determine whether it is truly necessary and, if so, prioritise cybersecurity.
With the arrival of such disruptive technologies as those discussed above, the world of cybersecurity—and, consequently, architecture—is changing rapidly. We need to think in terms of evolving, dynamic designs extending beyond the corporate perimeter.
These changes lead us to adopt a shift in mindset. We do not design an impenetrable fortress on the assumption that it cannot be breached, but rather adopt a more realistic stance: the attacker is either already inside or will eventually get in. As a result, we build airtight systems with highly automated and agile disaster recovery, enabling us to drastically reduce the exposure of customer data.
In the same vein, the architect must keep a cool head and remain consistent. It is easy to get lost amidst so many recent tools such as Artificial Intelligence, quantum computing, the Cloud, etc. We must stay up to date and use technology to our advantage, but without losing sight of the business and what we need to protect
Share it on your social networks
Link copied.
Newsletter
Thank you for your sending
We have just sent you an email to confirm your subscription. If you are already subscribed to any of our sections this email will not reach you.
Word of the week
ICT
Most read in the last week :: TOP 5
Telefónica
Marta Machicot
Telefónica
Yanina Chalup
Related Content
What does the role of an Internal Security Consultant involve?
Phillip Rohde
What does the term ‘applied AI’ mean?
Chimo Villena
Why is it important to foster a culture of innovation within a company?
Henrike Hedel
Communication
Contact our communication department or requests additional material.
AUTOR
Thank you for your sending
We have just sent you an email to confirm your subscription. If you are already subscribed to any of our sections this email will not reach you.
Deliver the best digital experience to our customers.
source
This is a newsfeed from leading technology publications. No additional editorial review has been performed before posting.
