We sat down with Mike O’Malley, SVP of Strategy at SenecaGlobal, to discuss the top cybersecurity trends and how they are reshaping privacy and IT security. Mike has decades of experience in wireless, cloud and cybersecurity and now works at SenecaGlobal helping clients to ensure that their software solutions, cloud applications and managed services take advantage of innovative security solutions.
Security remains the #1 priority for most organizations; why is that? Should organizations be more concerned than they were 5 years ago?
Cybersecurity is nothing new; however, companies should be more concerned than ever because of the constantly changing threat landscape that continues to worsen. Hackers are more innovative and more sophisticated and are finding a number of new ways to:
directly bypass multifactor authentication via access points in the public cloud, applications, mobile and IoT devices
specifically target backups to force targets to pay ransom
leverage stalkerware apps to record conversations, location and everything you type, all while camouflaged as a calculator or calendar
Existing issues aren’t going away, and new problems are emerging. Bad actors continually figure out new and creative ways to access the networks. Even some of the most tech-savvy companies like Microsoft are getting breached. As technology capabilities advance, hackers will continue to find ways to exploit the growing number of access points in the public cloud, applications, mobile and IoT devices.
How is the cybersecurity industry responding to this more intense threat environment?
Many companies are incorporating security earlier in the development cycle to keep up with today’s threats. Also known as DevSecOps, it combines the efforts of cybersecurity and software development teams to ensure that security is integrated into every phase in the software development lifecycle. What’s interesting is that recently, we are seeing companies incorporate security measures even earlier in the development cycle. It’s like a pre-step before DevOps or, as we like to call it, “PlanSecOps.”
What is fueling the latest security innovations?
Artificial Intelligence (AI) and automation fuel innovations in cyber products and services by managing security as a data problem. This trend is spawning well-funded, disruptive startups that address recent circumstances like the global talent shortage, the pandemic and the drive to digital transformation with algorithms which can see security threats faster and at more scale than humans. The technology is the force behind many software innovations that transform the customer experience. In some areas, AI enables businesses to keep moving forward without the limitation of finding talent that isn’t available because processes are automated.
What are the hardest things to fix?
As security becomes more complex, it has become harder for companies to understand the regulatory obligations and privacy risk management issues. If a cyber incident or data breach occurs, most companies don’t know how to respond and what to report to whom. To address this need, there’s an emerging trend to build teams of hard-to-find experts who understand cybersecurity’s technical and legal aspects. However, lawyers with tech backgrounds are few and far between. Only very large companies are able to assemble – and retain – teams of privacy engineers, security engineers and developers that are also up to speed on current and proposed data privacy laws.
To read more of Mike’s security insights in his recent blog.