In an increasingly digital world, cybersecurity presents a formidable challenge. The larger the company, the more attractive its data and the greater the risk that the company will be attacked. Cybersecurity is a prerequisite for building trust in connected services and products. Through collaboration, we can share information and innovation and be better prepared. At the RISE Centre for Cybersecurity we research new, more secure solutions in areas where these are currently lacking.
A society in which more and more products, services and data are connected demands a laser-sharp focus on cybersecurity. Technological developments in this field have come a long way but, at the same time as security has increased, hackers have become increasing more sophisticated and effective.
“Today there is an entire hacking industry using computer systems to scan the internet for fallibilities and weak points in the security of corporations and public authorities. One might say that there is a cat-and-mouse game being played between hackers and companies, in which the goal is to be first to identify weaknesses in the system,” says Thomas Carnehult, deputy manager of the SICS Security Lab at RISE.
Despite the fact that corporations and public authorities are keenly focused on cybersecurity, it may take a considerable time before they become aware of malicious intrusions. Hackers are adept at disguising breaches to look like normal data traffic, making them extremely difficult to detect.
Artificial intelligence provides smarter protection
More corporations and public authorities are beginning to use artificial intelligence (AI) and machine learning to protect themselves.
“It seems likely that AI will prove to be the security system of tomorrow, functioning much like an advanced firewall to detect deviations from normal activity. An AI will learn how the system behaves under normal circumstances and, when it encounters anything out of the ordinary, it will place it in quarantine and send an alert,” explains Thomas Carnehult.
Even if AI is the security solution of tomorrow for corporations and public authorities, it is also a tool for hackers who also use machine learning to find points of entry into the system.
“It is all about continuously raising the bar and remaining one step ahead. In the field of cybersecurity, we use the term Return On Security Investment (ROSI). If you are thinking that it may prove too expensive, simply consider what an intrusion, data breach or leak of confidential information might cost. Generally speaking, one can count on a return on an investment on security, although naturally this differs from one company to the next,” says Thomas Carnehult.
Higher demands on product suppliers
Most breaches occur when new products or software are connected. Thomas Carnehult believes that the future will demand higher standards from product suppliers.
“It must be made harder for users – i.e. businesses, public authorities and even private individuals – to make mistakes. A user error, such as failing to change one’s password from ‘admin admin’ to an individual password when installing a new camera or router on the system, should not be the decisive factor as to whether or not a company is hacked. The regulatory framework must include more stringent demands on the product,” says Thomas Carnehult.
Digitisation is leading more companies online
Another aspect is that increasing numbers of industrial companies are going online. Given the opportunities offered by digitisation, many of them are choosing to connect their previously isolated systems. This is a matter of acquiring the necessary knowledge and training and increasing protection to an appropriate level.
“A so-called Deep Defence is important. You cannot simply protect the system at its perimeter like a shell; what happens then when a hacker does find a way in? They then have a direct route into the factory, where they can cause enormous damage,” says Thomas Carnehult.
More attacks in the future
Despite the fact that corporations and public authorities are creating better, smarter shields, they will still be subject to more attacks in the future. Some of those going online now will also be too late in considering security. The security aspect must be integrated into launch plans.
As more and more products and services become connected, so they can be used as springboards. They may not have any attractive data worth hacking but they can still be used to access other data stored in another system; for example, it may be possible for a hacker to use multiple connected refrigerators to attack another system in what is known as a Distributed Denial of Service (DDOS) attack.
“The smart cities, smart buildings, smart factories, etc. of tomorrow demand that the development of all of these smart solutions also includes security. We must not lose faith in these systems. If we do, we will not make the fullest use of the services,” says Thomas Carnehult.
Collaboration for the exchange of information and innovation
Demands for security are increasing. The EU Directive on security of network and information systems (NIS Directive) entered into force in Sweden in 2018, setting requirements for both the private and public sectors. The directive covers suppliers of critical services such as energy, transport, banking, healthcare and certain other digital services, as well as internet-based forums, search engines and cloud services.
“I am a firm believer in collaboration. Today it is relatively common to be hacked and this should not be a cause for shame. Information should be shared as on a commission of inquiry, so that we can learn from and help one another. What we need is a Swedish security centre as a focal point for the exchange of information and innovation. Such a centre is currently under development and RISE is working with many stakeholders on the issue. I believe that in future collaboration will be the alpha and omega,” concludes Thomas Carnehult.