Traditional cybersecurity paradigms focus on network-based security strategies like firewalls and other tools to monitor user activities on the network. However, digital transformation and social environment factors have driven new cybersecurity strategies to focus on protecting end-users, assets and resources. This is the prototype of the ‘Zero Trust Model’.
In this new blog series, I’ll explain the reasons for transforming to a Zero Trust Model as well as the benefits and challenges of implementing Zero Trust Network Architecture. I’ll also cover how you might efficiently implement it.
What is a Zero Trust Model?
But first things first, what exactly do we mean by ‘Zero Trust’? Well, Zero Trust is not a technology, it’s a security model with a set of guiding principles for workflow, system design and operations that can be used to improve the security posture of any classification or sensitivity level.
Zero Trust is a transformative journey rather than a complete replacement of technology. Ideally you should evaluate the security risks in your business model to before you start shifting to Zero Trust. Yet, during the COVID-19 pandemic, many companies were forced to quickly change their central-breakout remote access VPN to a Zero Trust using cloud-based equivalents such as Netskope, Zscaler or Tailscale. They then had to progressively apply Zero Trust principles, process changes and technology solutions that protect their data assets and business functions as they went along.
Now, they are often left having to operate in a hybrid Zero Trust/ perimeter-based mode while continuing to invest in IT modernisation initiatives and improve business processes – not ideal.
Why do we need a Zero Trust Model?
In the new working environment that we find ourselves, we need to look at a Zero Trust Model for a number of reasons:
Remote work and BYOD policy for employees
In the post-COVID era, remote working and a BYOD (Bring Your Own Device) policy have become the new normal. The “castle-and-moat” network security model in fixed office locations and employer-owned devices cannot cater for every employee’s needs. More staff are working out of the office using their own devices and Wi-Fi networks which are less secure in a remote working environment than in an office. You need to take a micro-level approach to authenticate and approve every access request in your network to make sure it’s secure.
Digital transformation of customer experience
The customer journey is not limited to retail shops and customers are rapidly shifting their buying behaviour to the internet and mobile applications. Thousands of personal computers and devices across the globe connect to company networks to complete transactions. This means that identity verification is critical for customers before they access their confidential data.
The high complexity of network architecture
In response to the high demand for rapid and secure access to data, anytime and anywhere, your company may operate several internal and external networks. These can include on-premises systems and cloud environments. Perimeter-based network security is then insufficient once attackers breach it whereas Zero Trust Network Architecture adds additional security layers to identity verification, such as a least-privilege access control, multi-factor authentication and endpoint verification for improved security.
Zero Trust forms a strong defence line against cyberattacks
With all these social and network environment changes, the opportunity for your network to be attacked is much greater. The median cost of cyberattacks in the UK rose 29% in 2022 with an average attack costing a business nearly £25,000.
Legacy systems, regulations and compliance practices are no longer sufficient amid increasingly sophisticated threats. Cloud environments are attractive targets for cybercriminals aiming to destroy and steal confidential business data. Amongst these different types of cyberattacks, ransomware tactics have evolved and become the most significant threat.
The Zero Trust Model is another approach to combat the emerging threat landscape which legacy security systems and perimeter approaches can no longer adequately mitigate.
How CACI can help
CACI has cybersecurity experts who can improve the protection levels of your business. Capabilities include Zero Trust Network Architecture, Threat Analytics, Systems Hardening, Network Analytics and Next Generation Firewalls. We perform risk assessment to advise clients on what comprehensive cybersecurity they need.
We also have experts in Cloud Network on-ramp Connectivity such as Microsoft ExpressRoute, AWS DirectConnect, GCP Cloud Dedicated Connect) and SASE/SdP/VPN technologies such as Zscaler and Tailscale.
In my next blog, I will be discussing the benefits and the challenges of implementing Zero Trust Network Architecture. However, if you want the whole story, have a read of our Zero Trust Model whitepaper where we cover everything in these blogs and more. Download your copy now.
In my last blog, I shared the most common cybersecurity threats faced by businesses in 2023. But how do you combat these threats? Can any threat management tools help prevent hacks and breaches? In this blog, I’ll give you a brief outline of different threat management tools along with some of the more common myths associated with them.
Threat Management Tools
The names of threat management tools are awash with acronyms so you might be confused about their actual functions. Let’s look at their full names and features:
EDR (Endpoint Detection and Response) EDR is an integrated endpoint security solution that detects and responds to suspicious activities on multiple endpoints such as desktops, laptops and mobile devices.
XDR (Extended Detection and Response) XDR is an evolution of EDR that extends the scope of threat detection and monitoring to networks, the cloud, applications and third-party data. It adds functionalities such as third-party integrations, automated enrichment & root-cause analysis, internal & external threat intel feed and one-click automatic response.
SIEM (Security Information and Event Management) SIEM collects, aggregates and analyses event log data across various sources, including networks, host systems, infrastructure, applications, endpoints and users in real-time. Your Security Operation Centre Team (SOC Team) can make use of this tool to detect and block attacks.
SOAR (Security Orchestration, Automation and Response) SOAR is an extension of SIEM, with orchestration, automation and response capabilities. It enables your SOC Team to define incident analysis and response procedures in a digital workflow.
Misunderstandings about threat management
Before you choose any threat management tools to help with your cyber security, let’s debunk some myths here:
#1: Threat management tools prevent all hacks and breaches. Be cautious about using the word ‘all’ – No threat management tool can 100% prevent hacks and breaches. Instead ‘assume breach’ is the safest approach for companies to take in threat management. This is one of the guiding principles of the Zero Trust Model, meaning the system denies all access by default unless every user, device, application workload and data flow is authenticated. Your SOC Team need to be more proactive in setting some rules and policies to block attacks in advance.
#2: The more event log data you collect, the more secure your system is. Overflow of data without relevant tooling to sift through the noise can drown your SOC team. If your team views too much irrelevant threat detection data, they may tune out key entries that might be an Indicator of Compromise (IOC). This makes threat detection like looking for a needle in a haystack. Therefore, you should only collect data that is relevant to analysing suspicious activities in your system.
#3: Threat hunting is a one-off exercise. Threat hunting should be a continuous process and an essential part of your cybersecurity strategy. Even if you deploy the best-fit threat management tool, your SOC team should regularly monitor the changes in data and refine your policies.
#4: Threat management tools are our panacea for cybersecurity. We don’t need to hire cybersecurity experts. Threat hunting is an ongoing battle and we know most companies have a knowledge gap in cybersecurity. To turn your data into intelligence, your SOC team should be fully staffed to collect and analyse the data. If you need help with your SOC team, you may decide to partner with external cybersecurity experts.
#5: Threat hunting can be fully automated by artificial intelligence (AI). AI tooling can help identify cyber threats by doing robotic and time-consuming tasks such as big data sifting and pattern matching in a mass-consistent way. Your team can then focus on data analysis, contextual interpretation, information reasoning and risk assessment. However, AI cannot decipher the ever-changing threat landscape as humans do. Humans can perform much better on new threat discovery and predictions so threat hunting can’t be fully automated.
Conclusion
Each threat management tool has unique features that perform different functions and analyses. There is no single solution that applies to everything and threat hunting is not a one-off investment but requires continuous effort to stay ahead of cyber threats. We advise you work with a cybersecurity expert to develop best practice for threat management and I’ll suggest some ideas on how to do this in my final blog.
How CACI can help
We have cybersecurity experts who can improve the protection levels of your business. Capabilities include Zero Trust Network Architecture, Threat Analytics, Systems Hardening and Network Analytics. We can also perform a risk assessment to advise you on your cybersecurity needs. Find out more about our cybersecurity capabilities.
The aspirational and now widely accepted term ‘Metaverse’, refers to a set of interconnected virtual worlds; a new universe which has the potential to bring huge behavioural change and completely transform industry verticals in less than a generation.
Whilst the concept is still in its infancy, it provides a distinct opportunity for telco companies to expand beyond the traditional and trailblaze towards innovation, which bifurcates into two key areas of focus: a new ecosystem to participate in and a new ecosystem to enable. Companies around the globe are already recognising this potential such as Deutsche Telekom (DT) and South Korean telecom (SKT), who have teamed up and collaborated on a new metaverse platform of their own. Ifland is a 5G-based platform that launched in 2021 across 49 countries and now has a user base of almost 13 million. Utilising the popularity of K-Pop, they plan to create joint content with various international partners as well as building out novel communication functions.
Similarly, Meta is now in partnership with Verizon and Telefonica to build testbeds to develop the networking and cloud technology that will glue the metaverse together. Verizon’s focus with Meta is in mobile edge computing (MEC) infrastructure design, “to measure the impact of edge computing on key application performance metrics and evaluate where our network capabilities can enable more powerful metaverse-optimized applications”, quoted Rima Qureshi, Verizon VP. Telefonica are working on an “innovation hub” with meta; a 5G laboratory equipped with “a metaverse end-to-end testbed on Meta and Telefonica’s network infrastructure and equipment”, they have also invited tech start-ups in the metaverse space to participate.
The metaverse needs ubiquitous high-bandwidth, low-latency communication and new equipment to work at scale and will require a flexible and performant foundation to do so. With much of this technology still in research and development stages, the game is wide open for organisations to jockey for an early market position to lead this new world.
Telco operators are uniquely positioned to sit alongside technology giants in the metaverse value chain by harnessing emerging technologies they are already familiar with, such as 5G, cybersecurity, edge cloud and artificial intelligence.
In reviewing the following six areas, organisations will be able to play a truly assertive role in the build of this new virtual world and leverage the power of the metaverse.
1- Become The Leading Connectivity Provider
2- Review Edge Computing Capabilities
3- Prioritise Cybersecurity
4- Harness AI Analytics
5- Create Metaverse Platforms
6- Leverage Ecosystem Partnerships
Layers of the Metaverse
Provide connectivity
Depending on quality, the average virtual reality (VR) Metaverse user requires 5 to 40 times more data than it takes to stream an HD video and RajaKoduri, Senior Vice President and General Manager of the accelerated computing systems and graphics group at Intel states that, “truly persistent and immersive computing, at scale and accessible by billions of humans in real time, will require… a 1,000-times increase in computational efficiency from today’s state of the art”, confirming that delivering ‘metaverse grade’ ubiquitous connectivity will be critical in making the metaverse a thriving ecosystem.
Telco’s energy can be well channelled into becoming the leading connectivity provider and lowering the barriers to entry for consumers, of which, one of the most helpful tools will be 5G. 5G is expected to deliver higher multi-gigabits-per-second (multi-Gbps) peak data speeds, greater reliability, ultralow latency and a more uniformed experience. As 5G networks are commercially deployed, this will help consumers and businesses enter the metaverse.
We are also expecting to witness another upgrade in wireless technology with the arrival of 6G, supported by Nokia CEO, Pekka Lundmark, who said that he fully expects 6G networks to be in operation by 2030, which is predicted to bring full network coverage across land, sea and air. The off-loading of wireless traffic through Wi-Fi 6, the latest generation of Wi-Fi, will also help address network capacity and efficiency related challenges, as well as fibre connectivity increasing high-bandwidth speeds.
Offer edge computing
The computing power necessary to deliver a virtual world will be significant; requiring real-time rendering and AI capabilities to track various objects, characters and environmental effects whilst also adapting the display as these move through virtual space.
Delivering this experience reliably in a single-hosted environment with low latency is challenging and the cloud will not be able to centralise and store all of the necessary resources, but edge computing may well be the solution, becoming another essential cog in the metaverse machine. Edge computing is an IT deployment that puts data and applications as close as possible to the users, delivering a seamless experience by providing the necessary local computing power and minimising network-based latency and congestion risk.
In order to succeed, operators should evaluate and strengthen their partnerships with specialist cloud providers as well as consolidating their own edge cloud and legacy cloud strategies. This will then place them in prime position to provide efficient data transfers, enhance perimeter security, relieve network congestion and diversify their revenue streams.
Prioritise cybersecurity
Metaverse platforms can be susceptible to a host of privacy concerns, data leaks and security threats lurking beyond its virtual doors. Microsoft’s EVP of security, compliance, identity and management, Charlie Bell, urges organisations to prioritise the cybersecurity of the metaverse: “There must be clear and standard communication around terms of service, security features like where and how encryption is used, vulnerability reporting and updates,” Bell explains. “Transparency helps accelerate adoption — it speeds the learning process for security… We do not need to predict the ultimate impact of the metaverse to recognise and embrace the security and trust principles that make the journey a safer one for all”.
Data security will become increasingly valuable as both business and consumers grow ever more concerned with their digital footprint and integrity of their personal information. Operators hold a unique advantage here, as according to a study by Openet, “Consumers find mobile operators to be trustworthy with their data”.
Assuring all resources can discern and guard against the most fundamental dangers will help reduce long-term hurdles as the need for improved cybersecurity safeguards remains a top priority as technology continues to grow rapidly.
Poised as trusted custodians, operators can leverage their existing customer relationships and establish themselves as identity management experts whilst the metaverse continues to take shape.
Harness AI analytics
As the functional area of analytics and AI converges with the metaverse, telcos will need to pay attention to identity, billing and transaction management. In addition to a concern for customer data management and ownership, telcos will also likely play an assertive role and push far beyond infrastructure enablement. They will have the opportunity to create an analytics and AI layer to support both data management and payment capabilities which will pave the way for new revenue streams and monetisation.
Chatbots are also a great application that telcos may interpret to streamline business processes. These could be used in multiple functions such as providing instructions and information about various products and services, answering questions, completing transactions etc. Moreover, AI can be utilised to create inclusive interfaces that will make the users’ journey more accessible for everyone. With the aid of technologies such as Natural Language Processing, speech recognition, computer vision, translation and augmented reality, users will be able to interact with the metaverse in their native language and through images and videos to enhance their metaverse experience.
Create metaverse platforms
The term ‘metaverse’, currently refers to a collection of virtual worlds in which we can work, play, explore and collaborate in. The belief is that eventually, these platforms will start to combine and ultimately create one, all-encompassing decentralised virtual world; rich in offering, interoperable and governed by the community. In order to take advantage of this gradual evolution, operators could be well placed to create their own platforms, which would aid them in building a deeper understanding of both the demand and necessary technical competencies which would shape the long-term strategy.
Many organisations have already launched their own platforms such as Korean operator SK telco, who unveiled ‘Ifland’ in 2021. The key for other organisations looking to build successful platforms will be to create interesting experiences and events which compel users to spend time on the platform, as well as also ensuring there is capability to offer customised services for business and consumers.
Leverage ecosystem partnerships
Making the metaverse a reality will require significant advancements in multiple areas and no single company or industry can do this alone. Creating the metaverse will require a global effort and by telcos partnering with other expert participants within the metaverse ecosystem, they will be in prime position to drive the new age of the internet forwards and reap the rewards. A key area to consider will be hardware, such as virtual reality (VR) headsets, gloves and glasses. These devices will become increasingly important in acting as a gateway for humans to interact with the metaverse, therefore, operators can look to seize this opportunity by collaborating with device manufacturers and other technology platform providers to drive adoption.
By refining new partnership frameworks, telcos can explore new growth streams such as selling VR devices and connectivity services together, as well as having the capability of offering additional bundles of data packages. There could also be opportunities in strengthening relationships across different industry verticals, exploring different routes together and identifying collaborations. Telco’s should place focus towards long-term partnership strategies across the board to elevate their standings and unlock growth.
Conclusion
The metaverse is a rapidly evolving environment and whilst some prospects may currently be hyped, the rapid acceleration is tangible. In a study conducted by PWC of 1000 businesses, 66% confirmed that they were already “actively engaged”, coupled with a Cap Gemini report that stated 90% of consumers are curious about the metaverse, this new virtual landscape presents a situation and opportunity telco providers cannot afford to ignore.
Communication, computing, storage and analytics infrastructure are core elements of the configuration of the third web, meaning that without the efforts and involvement of telco operators, the creation of the metaverse remains as a sci-fi concept only.
Operators are excellently positioned to harness this exciting opportunity and by investing, innovating, partnering and strategising – they will succeed in fully leveraging the power of the metaverse.
PT Barnum once said, “Comfort is the Enemy of Progress!”
Keeping up with the rapid technological changes is essential for staying competitive, as is developing new ways to utilise your current technology capabilities.
With this in mind, have you explored how automation can benefit your business with increased productivity, reliability and reduced operating costs.
Let’s discuss a few areas where automation can change how your business works whilst futureproofing the solution.
Over the years, your business has grown, evolved and expanded. This can create highly complex configurations making network management, security update and innovation more tedious, expensive and challenging to implement.
In another instance, fast-growing companies look for further improvements in efficiency and productivity to ensure they get the best out of their teams and attract the best talent.
Network automation tools have been created for over 20 years and ClickOPS is still prominent, with more than 30% of enterprise network actions being automated. Nevertheless, there is renewed interest in concepts like GitOps and NetDevOps, which are quickly gaining popularity.
How does automation benefit you?
As detailed by MicroFocus, a Japanese financial institution stated that “Network automation has proven extremely effective for configuration management. Managing approximately 300,000 interfaces and 45,000 modules with Excel just isn’t feasible. It automatically collects firmware, CPU, power supply, and other detailed information from network devices, making real-time information management possible. As a result, the company can reduce information collection man-hours by 30% and increase the efficiency of various management tasks.”
Automating manual tasks or processes can improve accuracy and efficiency, so your IT team can focus on critical functions and strategic projects. You may tap into their creative and critical skills to discover their hidden talents.
Network automation allows you to complete changes and migrations with fewer resources, altering your teams to be more strategic and efficient, resulting in less human error.
Currently, most network maintenance is manual, logging into routers, switches, device discovery, and more. Consider what your teams can work on if they are not tied up with mundane but essential changes or provisioning.
It is essential to maintain regulatory compliance, but do you know that process automation can help your business to build a compliance program? The selected process is completed the same way every single time, which reduces the errors made. How does 100% accuracy in your audit trail sound?
Banks and financial institutions can easily find themselves over their heads with many rules and regulations to comply with. Fortunately, automation makes it easier. By automating complex banking workflows, such as regulatory reporting, banks can ensure end-to-end compliance coverage across all systems.
To deal with the ever-increasing complexity of networking, infrastructure and hybrid working environments, automation can make your teams more productive, the network more reliable, and the business easier to scale up.
So, as we said at the beginning, will you stay in your comfort zone or will you embrace the opportunity to use our specialists’ expertise to develop a strategy that will maximize your future opportunities.
How CACI can help
We have a great team of Network and Automation specialists who are happy to align with your strategy. We can futureproof your business to stand out from competitors by efficiently leveraging the full advantage of automation tools.
In today’s digital landscape, businesses are transforming to cloud computing to increase efficiency, reduce costs and scale up their operations for the future. While many companies opt for one type of cloud solution, either a full public or private cloud solution, some opt for a hybrid one to meet their business goals.
The benefits of a hybrid cloud solution are obvious:
Flexibility – You can choose where to run a workload based on the specific needs of each application. Therefore, this enables you to respond quickly to your business’s dynamic changes. Scalability – This enables you to scale up your business without the need for a massive investment in cloud infrastructure. Improved security – You can keep sensitive data on a private cloud, but it can be sent to the public cloud used by the application, enhancing security and compliance. Regulated industries find this especially useful.
But what about other complexities and security challenges?
According to CSO Online, “The Cloud Security Alliance (CSA), an organisation that defines standards, certifications and best practices to help ensure a secure cloud computing environment, cited misconfiguration and inadequate change control, as well as limited cloud usage visibility as being among the top three threats to cloud computing in 2020.” How much more so 3 years on!
Here are some concerns about adopting a hybrid cloud solution:
Complex security
When a company uses a hybrid model, the approach to security and management can become complex. Without a proper procedure tracking the use of services, the ability to access data will gradually reduce over time. A complicated system can create many loopholes and security issues which means the probability of a data leakage caused by an error or misconfiguration will increase.
Lack of appropriate skill set
There is also a knowledge gap. Yours will be one of many companies that have seen its cloud initiative proliferate beyond initial expectations. This will cause a drastic shortage of cybersecurity resources. Finding the right personnel to manage the existing environment and develop a new one is challenging.
Network connectivity breaks
What about the foundation of any company’s IT solution – the network? Connectivity between public and private clouds in a hybrid cloud framework is essential. Even one mistake in the overall network architecture could lead to the disruption of cloud services.
Why do banks opt for a hybrid cloud solution?
The hybrid cloud solution has become increasingly popular in the banking industry. A survey from IDC reported that 83% of banks surveyed use public and private cloud platforms. Bank of America has collaborated with IBM Cloud to develop a hybrid cloud solution offering the same level of security and economics as their private cloud with enhanced scalability, and Banco Santander has partnered with Microsoft Azure to extend their cloud capabilities, driving the creation of new cloud applications and developing innovative banking solutions. By adopting a reliable hybrid cloud solution, they can host some applications and workloads on the public cloud while securing sensitive data.
Conclusion
A hybrid cloud solution incorporates the advantages of public and private cloud solutions. Companies can manage costs with more flexibility and quickly scale up their business. Despite concerns about adopting a hybrid cloud solution, an increasing number of banks are trying to overcome these hurdles, developing innovative solutions and enhancing customer experience in the new digital era.
How CACI can help
We have highly skilled specialists with over 25 years of experience delivering a wide range of cloud strategies aligned with our client’s business goals. We are trusted by some of the world’s most successful companies in financial services, telecommunications, utilities and government.
In order to offer the best-fit solution for you, we partner with a group of top-tier technology and service providers rather than being tied to just one. So, if you want impartial, professional advice on hybrid cloud solutions, we’re happy to help.
Looking to work with an IT outsourcing provider? Finding the right partner to deliver your requirements can be a tricky and time-consuming process. But, done right, a successful outsourcing relationship can bring long-term strategic benefits to your business. We asked our experts to share their top tips on how to find the right IT outsourcing partner.
Evaluate capabilities
Having the right expertise is the obvious and most essential criterion, so defining your requirements and expectations is the best way to start your search.
When it comes to narrowing down your vendor choices, it’s important to consider the maturity of an organisation as well as technical capabilities. “The risk of working with a small, specialised provider is that they may struggle to keep a handle on your project,” warns Brian Robertson, Resource Manager at CACI. Inversely, a larger organisation may have the expertise, but not the personal approach you’re looking for in a partner. “Always look for a provider that demonstrates a desire to get to the root of your business’s challenges and can outline potential solutions,” Brian advises.
Find evidence of experience
Typically, working with an outsourcing provider that has accumulated experience over many years is a safe bet; however, Daniel Oosthuizen, Senior Vice President of CACI Network Services, recommends ensuring that your prospective outsourcing provider has experience that is relevant to your business, “When you bring in an outsourcing partner, you want them to hit the ground running, not spending weeks and months onboarding them into your world.” Daniel adds, “This becomes more apparent if you work in a regulated industry, such as banking or financial services, where it’s essential that your provider can guarantee compliance with regulatory obligations as well as your internal policies.”
So, how can you trust a provider has the experience you’re looking for? Of course the provider’s website, case studies, and testimonials are a good place to start, but Daniel recommends interrogating a vendor’s credentials directly, “A successful outsourcing relationship hinges on trust, so it’s important to get a sense of a vendor’s credibility early on. For example, can they demonstrate an in-depth knowledge of your sector? Can they share any details about whom they currently partner with? And can they confidently talk you through projects they’ve completed that are similar to yours?”
Consider cultural compatibility
“When it comes to building a strong, strategic and successful outsourcing partnership, there’s no greater foundation than mutual respect and understanding,” says Brian. Evaluating a potential provider’s approach and attitudes against your business’s culture and core values is another critical step in your vetting process. As Daniel says, “If you share the same values, it will be much easier to implement a seamless relationship between your business and your outsourcing partner, making day-to-day management, communication and even conflict resolution more effective and efficient”.
While checking a company’s website can give you some insight into your prospective provider’s values, it’s also worth finding out how long they’ve held partnerships with other clients, as that can indicate whether they can maintain partnerships for the long-term.
However, Daniel says, “The best way to test if a provider has partnership potential is to go and meet them. Get a feel for the team atmosphere, how they approach conversations about your challenges, and how their values translate in their outsourcing relationships.” Brian adds, “Your vision and values are what drive your business forward, so it’s essential that these components are aligned with your outsourcing provider to gain maximum value from the relationship.”
Assess process and tools
Once you’ve determined a potential outsourcing provider’s level of experience and expertise, it’s important to gain an understanding of how they will design and deliver a solution to meet your business’s needs. “It’s always worth investigating what tech and tools an outsourcing provider has at their disposal and whether they are limited by manufacturer agreements. For example, at CACI, our vendor-agnostic approach means we’re not tied to a particular manufacturer, giving us the flexibility to find the right solution to meet our clients’ needs,” Daniel explains
Speaking of flexibility, determining the agility of your potential outsourcing provider’s approach should play a role in your selection process. “There’s always potential for things to change, particularly when delivering a transformation project over several years,” says Brian, adding “that’s why it’s so important to find a partner that can easily scale their solutions up or down, ensuring that you’ve always got the support you need to succeed.”
Determine quality standards
Determining the quality of a new outsourcing partner’s work before you’ve worked with them can be difficult, but there are some clues that can indicate whether a vendor’s quality standards are in line with your expectations, says Daniel, “A good outsourcing partner will be committed to adding value at every step of your project, so get details on their method and frequency of capturing feedback, whether the goals they set are realistic and achievable, and how they manage resource allocation on projects.”
Brian also recommends quizzing outsourcing providers about their recruitment and hiring process to ensure that you’ll be gaining access to reliable and skilled experts, “It’s easy for an outsourcing provider to say they have the best people, so it’s important to probe a little deeper. How experienced are their experts? How are they ensuring their talent is keeping up to date? What is their process for vetting new candidates? All these questions will help to gain an insight into an outsourcing provider’s quality bar – and whether it’s up to your standard.”
Assess value for money
For most IT leaders, cost is one of the most decisive factors when engaging any service; however,
when looking for an IT outsourcing partner, it’s critical to consider more than just a provider’s pricing model. “Contractual comprehensiveness and flexibility should always be taken into account,” says, Brian. “A contract that is vague can result in ‘scope creep’ and unexpected costs, while a rigid contract can tie businesses into a partnership that’s not adding value.” He adds, “Ultimately, it comes down to attitude, a good outsourcing provider can quickly become a great business partner when they go the extra mile.”
Daniel agrees and advises that IT leaders take a holistic view when weighing up potential outsourcing partners, “Look beyond your initial project, or resource requirements and consider where your business is heading and whether your shortlisted providers can bring in the skills and services you need. After all, a truly successful outsourcing partnership is one that can be relied on for the long haul.”
We have recently seen significant growth in cybersecurity threats and malicious cyber activities due to the increased use of remote working. This has expanded the remote attack surface and companies have been forced to invest enormous resources in cybersecurity to quickly identify and neutralise threats before they cause financial or reputational loss.
In this blog series, we’ll identify the most common cybersecurity threats, what tools exist for threat detection and the best practices for threat management.
1. Business Email Compromise (BEC)
BEC is an email attack designed to trick victims into transferring a considerable amount of funds or revealing sensitive information. The target usually receive convincing-looking emails that request abnormal payments or contain links/ attachments that harm their company’s system.
In 2021, BEC scammers made nearly £1.9 billion ($2.4 Billion) in the US alone, far more than via other types of cybercrime. The tactics and techniques are evolving – scammers will capitalise not just on the opportunities created by current social issues but also the latest news about a company.
During the COVID-19 pandemic, scammers targeted large organisations and local government. Victims were asked to transfer enormous sums of money to secure limited medical items such as ventilators and PPE. Also, there was a case where a company that announced it was exhibiting at an Expo on social media was targeted. Scammers claimed they had all the Expo visitors’ contact information and persuaded the company to pay for a list that promised to help generate sales leads but in fact was worthless.
2. Ransomware
Ransomware is malware that encrypts confidential data, applications or day-to-day operating systems; making them inaccessible to users until the target company pays a ransom. Phishing emails, Remote Desktop Protocol (RDP) exploitation and exploitation of software vulnerabilities remain a popular way to deliver ransomware.
The National Cyber Security Centre (NCSC) considers ransomware a national security risk given its potential impact on critical national infrastructure and essential services. In 2021, the NCSC coordinated the national response to 18 ransomware attacks, including the attacks on a supplier to the NHS 111 and South Staffordshire Water. However, the number of attacks is higher than we know since organisations seldom report incidents.
In January, a Russian-linked ransomware attack seriously disrupted the Royal Mail’s overseas delivery service. The postal giant worked hard to recover from the cyberattack for over a month and finally restored their service by the end of February. Their financial loss is yet to be known but is likely significant.
3. Phishing and Smishing
This is when attackers trick people into disclosing sensitive information such as credit card details, usernames & passwords or other private information. Phishing comes in email form and smishing as text messages. Both pretend to be legitimate organisations and contain a fraudulent link diverting victim to completing a seemingly genuine form with their personal information.
In the Cyber Security Breaches Survey 2022, 83% of the identified cyberattacks were phishing attempts. Some attackers pretended to be HM Revenue and Customs, saying the victim was eligible for a tax refund and asking them to provide personal financial information.
4. Poor Vulnerability Management
A weakness in an IT system that an attacker can exploit to deliver successful attacks is normally due to poor vulnerability management. They can often occur through software bugs, features or user errors which attackers use to achieve their end goal.
Log4Shell, a zero-day vulnerability, has globally affected countless computers since December 2021. It has been discovered in Log4j, a Java-based logging framework that allows software developers to log user activity and the behaviour of applications. Log4Shell enables attackers to execute the code remotely on a target computer, allowing them to do nefarious activities such as stealing sensitive data, taking control or installing malware.
A cybersecurity company has tracked 10 million attempts per hour to exploit Log4Shell in the U.S. Many technology suppliers were affected including Apple, Amazon, IBM, Cloudflare, Microsoft’s Minecraft, Palo Alto Networks and Twitter.
5. Proliferation of offensive cyber capabilities
This sophisticated approach combines cyber tools, vulnerabilities and skills to conduct offensive cyber operations.
The NCSC anticipates that the proliferation and commercial availability of offensive cyber capabilities will expand the cybersecurity threats to the UK. In the future, malicious and disruptive cyber tools will be available to a wider range of state and non-state actors and deployed with greater frequency and with less predictability.
Conclusion
Attackers are ingenious and aren’t bound by the governance, compliance and regulatory frameworks which most companies have to comply with. Companies are under pressure to react quickly to constantly changing cybersecurity threats. Formulating cybersecurity strategies and reviewing them regularly to protect your business is crucial. Attack vectors such as ransomware no longer make activities such as Disaster Recovery Planning an optional undertaking; Business Continuity Planning must be at the heart of your organisation’s approach to cyber risks.
How CACI can help
CACI has cybersecurity experts who can improve your business’s protection levels. Our capabilities include Zero Trust Network Architecture, Threat Analytics, Systems Hardening and Network Analytics. We can perform a risk assessment to see how ready your organisation is to counter threats such as those listed here and advise on how to address any shortcomings that are found.
Since the emerging development of blockchain technology, a surge in cyberattacks targeted cryptocurrency, sensitive personal data and NFT game spending, causing billions of dollars in losses in recent years.
Since 2012, at least 46 cryptocurrency exchanges have suffered significant hacks and nearly $2.66 billion (~ £2.3 billion) has been stolen from crypto exchanges.
Binance, the world’s largest crypto exchange, suffered about $570 million (~£491 million) hack in Oct 2022. The hack was caused by a bug in the cross-chain bridge’s smart contract that allowed hackers to forge transactions and send money back to their crypto wallet. The company coordinated with Binance Chain validators to enact an upgrade for bug fixing.
Such a notable attack demonstrates the importance of smart contract security and regular technical audits to ensure the system is as safe and secure as possible.
2. DeFi Hack
The gaming-focused Ronin network announced a loss in USDC and ether (ETH) in March 2022. A security breach in secret keys caused the incident. A set of nine secret keys secures the funds on the platform. To unlock and release the funds, it requires approval by a majority of five of those keys. The hacker found a backdoor in the Ronin Bridge node and got control of more than half of the validators. The hacker unlocked the vault and withdrew funds valued at more than $620 million.
The company promptly increased the validator threshold from five to eight and migrated their nodes to the new infrastructure.
No wonder The Federal Bureau of Investigation (FBI) asked decentralised finance (DeFi) platforms to strengthen security measures and warned investors against the vulnerabilities in these platforms.
3. Ransomware
Analysis found that businesses in the UK suffered the third highest rate of ransomware attacks in the world, followed by the US and Canada. Not just attacking the financial industry but also education, healthcare, the legal profession and the public sector.
One of the most well-known attacks was the outbreak of WannaCry in 2017, adversely affecting more than 200,000 computers in over 150 countries, costing £92 million in the UK and running up £6 billion across the globe. It began with emails that tricked the target audience into opening the attachments which then released the malware onto their system. Once a computer was infected, it would lock up the files and the users could not access them anymore.
The NHS was suspended for several days, affecting at least 80 of the 236 trusts across England, 603 primary care and 595 GP practices. Thousands of appointments and operations were cancelled and urgent relocation of emergency patients from stricken emergency centres. Staff were forced to record everything with pen and paper!
To combat ransomware, a strong way of defence is always appropriate cybersecurity training for staff, like sending dummy phishing emails regularly to arouse their awareness. Also, implementing blockchain analytics tools can monitor activities and detect ransomware-related patterns.
Conclusion
Blockchain technology has improved cybersecurity across industries but hackers are always looking for ways to unravel high-security systems. Unaudited environments and a lack of cybersecurity training can lead to devastating attacks. We should all constantly update the security layers and keep an eye on hacker trends to block any security breaches.
How CACI can help
Make sure your business is safe from cyber attacks. Our experts monitor the latest cyber threats regularly and can carry out proper technical audits and cybersecurity training for your business.
Our client provides the transport industry and third-party partners with national telecommunications capability.Their long-term IT strategy includes efficient access to robust, secure and scalable data centre facilities (DCF), with architecture to support hybrid cloud services. This infrastructure modernisationaims to help them deliver the reliable network services their stakeholders require.
THE CHALLENGE
Ensuring security measures did not adversely affect the performance of customers. The old tactical solution had been open access, whereas the new strategy required all communications to be secured by a Firewall.
THE SOLUTION
The strategic update of architecture and systems on this scale is a complex and long-term programme. CACI Network Servicesworked with the client on several stages:
Building strategic data centre facilities (DCF) using a new technology stack
Remediated and optimised existing critical data platforms (CDP) for minimal cost to support crucial workloads while the DCF was set up
Migrated operational support systems (OSS) from the CDP in the legacy IP network to a strategic location in the DCF. There was an added complication that some OSS would be live during migration.
Our consultants are highly experienced and have certification and accreditation from key technology services partners such as AWS, VMware, Cisco, and Microsoft.
We set out to ensure the solution would be effective and compliant by designing a hybrid solution with the help of our network, cloud, server, storage, virtualisation and IT infrastructure architects, with applications hosted according to importance:
On-premise for critical applications
Public cloud platform for less business-critical applications
This enables technologies to be run through a thorough assurance process for compliance. Initially set up with a team of four network service experts, it has the flexibility to adapt to support an expanded programme in the future. Our team set up structures for rigorous testing to ensure the new technology would function as required and comply with the relevant regulations and requirements.
We also developed a customised platform for project management and testing to deliver pragmatic, innovative and cost-saving solutions with an excellent track record within the marketplace.
To help drive better experiences for their people and customers through more effective use of technology and process, our team also leveraged our long-term partner relationships with key organisations in the technology services sector. Working closely with internal client teams, we were also able to ensure their operational challenges were fully understood, gain work approvals for individual components of the migration strategy and provide on-site support before, during and post-migration.
THE RESULTS
With support from CACI Network Services, our client achieved:
Our team of experts produced a strict plan for the migration of OSS, ensuring the actual migration event was swift. In the end, it took less than a day, resulting in a significant reduction in operational impact and any inconvenience for the client’s customers.
The migration programme’s high degree of efficiency saved the client tens of thousands in development costs and allowed the client to restore services over two months ahead of schedule.
Lastly, the client was able to provide their customers with more enhanced and secure services which led to increased customer satisfaction and engagement.
Our client is a provider of mobile infrastructure services for leading telecoms operators.They relied on the availability of accurate network data to operate and support the shared Radio Access Network. However, the integrity of the network data in the systems has degraded over time.
THE CHALLENGE
THE SOLUTION
CACI Network Services provided the client with independent consulting advice by:
Reviewing and analysing data issues through workshops, examining data flows in detail and focusing on pain points where processes have broken down
Generating a Network Data Strategy and Roadmap, placing actions in three categories:
Short term (1-3 months) – Quick wins at low cost
Medium term (3-18 months) – Tactical initiatives: some process changes and possible architectural designs required
Long term (up to 5 years) – Strategic initiatives: some new tools, systems and working practices added
Driving a policy and process review, including:
A gap analysis exercise involving experts who reviewed current and future processes aligned with CAS(T)/ISO 27001 standards and best practices
Supporting evidence and documents collected in a central location
Actions to address gaps in processes reported on with timeframes
THE RESULTS
Our client was able to move forward with a network data strategy that would measurably improve data quality and efficiency of processes. Combined with data-centric alignment with industry standards and best practice measures, they can differentiate and engage customers, with quality firmly embedded at the heart of their business practices.
CACI impressed with their data strategy methodology and individuals assigned to the project as well as their stakeholder management.
The data strategy was delivered to some challenging timeframes but with high quality and is already being used to guide the next stage in our system and networks transformation journey.
– Network Design, Planning and Deployment Director
To discuss how CACI can help you align your processes with your KPI performance expectations and make quantifiable improvements in stakeholder engagement, contact us now.
