Corporate cybersecurity gets personal

26 February 2019

The traditional firewall approach to cybersecurity is becoming redundant as technologies become more interconnected.

Macquarie Capital Managing Director Tej Shah says identity protection is the new frontier in corporate cybersecurity in the age of cloud computing, Bring Your Own Device (BYOD) and the Internet of Things (IoT).

He says the disappearing line between work and personal technology use has exposed corporations to an increased risk of intrusion and identity fraud.

"Identity protection is the new frontier in corporate cybersecurity in the age of cloud computing, Bring Your Own Device (BYOD) and the Internet of Things (IoT)."

“When someone logs into their workplace from home, they're using the same device that controls access to their personal networks, including their digital assistant, smart television, smart refrigerator and even potentially a smart car," says Shah. 

"Each of these devices is, in turn, connected to thousands, potentially millions, of additional devices through the apps and the software they use. 

“You can see how the perimeter quickly becomes amorphous and the potential for a hacker to get into a company's system through a point of weakness is greater than it has ever been." 

As a result, identity theft has become large scale. In a well-known recent example, Marriott's system was compromised in December 2018, compromising the personal information of around 327 million people, including their date of birth, passport number and password. 

In 2016, the user accounts of 1.5 billion Yahoo! users were compromised in two separate attacks, with passwords, birth dates and encrypted security questions stolen.

While companies are embracing new technologies, they don't believe they are equipped to manage increasing cybersecurity threats.

BYOD is rising despite 57 per cent of IT professionals citing mobile as the most difficult device type to defend, according to Cisco

Of the 85 per cent of businesses using, or intending to use the IoT, just 10 per cent of companies are confident in their ability to do so securely, AT&T Cyber Security Insights reports. 

International Data Corporation forecasts that with the growth of 5G networks, the number of IoT endpoints will rise from 12.1 billion in 2015 to 30 billion in 2030. 

Each endpoint - anything from a wearable fitness device to a smart manufacturing center - represents an avenue through which data could be accessed. 

While technology has increased the cybersecurity threat, Shah says the latest technologies such as artificial intelligence, big data and machine learning are also part of the solution. 

These can help networks naturally learn and evolve their algorithms as they detect attempted attacks and learn how to better identify potential intruders. 

He expects more complex, all-encompassing solutions to evolve in the next year - especially as 5G networks grow and evolve. Mission Secure, a participating company in the Macquarie Capital Venture Studio, is one such solution to stop cyberattacks in its tracks with its MSi Platform that leverages both hardware and software to monitor multiple entry points before they reach critical control components. 

“Cybersecurity is an environment that's constantly changing and the moment you cut off one avenue for cybercriminals a new one pops up," Shah says. 

“The only solution is to keep cybersecurity top of mind and to understand that every corporation needs a comprehensive, multi-layered solution."


Cisco, Annual Cybersecurity Report 2018, p 47

AT&T Cybersecurity Report, The CEO's Guide to Securing the Internet of Things, pp 5 and 8.