Security in the Age of Disorder

New security models for a new era: government, business, work and play have changed, so must security

The e-Crime & Cybersecurity Congress will take place online and will look at how the fabric of cybersecurity regulation, governance and enforcement must change, as well as the latest technologies, strategies and architectures that can keep society and business safe. As digitalisation goes critical, is this finally the moment at which traditional cybersecurity management has to change?

These disruptions that we’re seeing presage at least a temporary Age of Disorder, in which old certainties crumble and new ones take their place. And nowhere are the effects of this more obvious than in cybersecurity.

Out of the comfort zone, into the fire

Even pre-pandemic, more than two billion of us are spending over 25% of our online time on social networks. Phishing attacks and scams on these platforms are on the rise, and the platforms themselves offer only minimal controls to prevent the further propagation of account takeover – and this activity is invisible to the enterprise.

Post-COVID, with remote working common, this is an enormous problem.

The broad adoption of collaboration, chat and social channels – such as Skype, Zoom, WhatsApp and LinkedIn – as critical work tools has increased the attack surface and weakened controls. These channels are rapidly outpacing email as the communications tool of choice, and they are even less secure than email, which is itself still the key vector for social engineering and credential theft.

Most security teams have no existing tools in their arsenal to extend their visibility into this realm, particularly when these accounts are personal rather than company-owned – and attempts to do so raise questions about privacy and surveillance.