Preventing breaches to your organization isn’t easy, said cybersecurity expert Dr. Paras Arora in a recent Simplilearn webinar. On the other hand, breaching an organization isn’t that hard.
The silver lining to this conundrum is that as hackers attempt to wreak expensive, debilitating cyber mischief, the opportunities in cyber security careers are expanding.
Arora, who manages Azure cloud engineering at Microsoft, spoke about emerging trends in cybersecurity for 2023, and how these will increase opportunities for aspiring professionals interesting in pursuing a cybersecurity career. Paras also served as director of cybersecurity with PricewaterhouseCoopersin India. With over 13 years of experience, he has helped organizations build safe and secure environments for business operations.
The Exposure of Digital Transformation
Dr. Arora said in just the past two years, the pandemic has accelerated the digital transformation in business. Today so much more of our lives are spent online in the digital space. Therefore, much more of our online activities and transactions are exposed to cyber security threats. Another essential point Dr. Arora made is that there’s no longer a boundary in the interconnected world, and it’s all in the cloud.
He said the connected world we live in is not what it appears. It comes with its perks and liabilities, and it is up to us to make secure use of it.
Dr. Arora outlined the complicated interconnections between organizations, suppliers, clients, and all the regulations to be followed.
“I can control my actions, but I can’t control the other environments,” Dr. Arora said. “So I have to tighten up my data-sharing infrastructure. It’s important to have a communication infrastructure in place that can provide some security for my data in transit.”
He said he should have supporting IDN security infrastructure so the data is stored, transmitted, and used by business teams are all secure.
The ABCs of Hacking
Breaching an organization isn’t that hard, Dr. Arora said. “You can go to the dark web (which people can now browse on a mobile device), or you can pay or rent a hacker to do a particular task. Plus, you can stay completely anonymous.”
You don’t have to know how to code or learn how to code — you just have to pay a hacker and get the tools you need. “This is the level of threat organizations are facing daily,” he said. “For an organization to remain safe, they have to be successful in thwarting a threat every single time.”
Hackers and Motives
Dr. Arora explained that adversaries could be nation-states, organized crime, “hacktivists,” and insiders. The motivation for hackers isn’t always money; it can be an economic, military, or political advantage, financial gain, social change, and former employees seeking revenge.
Some of the targets are organizations, individuals, credit cards, infrastructure, and whatever one can imagine.
Dr. Arora reviewed the 2014 Sony Pictures breach, where hackers gained access to sensitive personal data and released new motion pictures on the internet. Cyber forensics found phishing attempts, and an executive accidentally entered their Apple ID into a false verification form, launching a malware called “wiper.” In addition to the release of embarrassing personal information, the breach resulted in serious financial consequences: Sony’s stock went down 2 percent, he said. Under various national and international laws and regulations, organizations are liable for huge penalties for cyber security breaches.
Dr. Arora also discussed other famous hacks, such as The Panama Papers, ECS, Target, and Equifax, which had major impacts in the political, financial, and commerce worlds. He said that phishing was the top method of data breaching in 2021, and 85 percent of all data breaches involved a human element.
The impacts of breaches can be severe and long-lasting. Damages from cyber security breaches can be indirect as well as direct. Direct costs include business disruption and remediation, regulatory sanctions, and customer redress. Indirect costs include raised cyber insurance premiums, customer fraud, class action lawsuits. Breaches can damage a brand, lead to executive firings, and put an organization at a competitive disadvantage.
Cyber Security Career Demand Increases
Demand for cyber security professionals is growing and spans many specialties. The focus areas include cloud security, compliance, threat vulnerability and management, and cyber forensics.
“Success in each of these areas depends on focus, patience, and persistence,” Dr. Arora said. “Those are essential.”
It’s not an area to be going in green as several technical skills are needed. These can include a comprehensive knowledge of windows operating systems and how it works at a server level, an understanding of Unix and Linux, and other programs, depending on the specialty one wishes to pursue.
Fortunately, candidates can look to Simplilearn for a range of courses and programs in cyber security. Simplilearn’s online courses include its Post Graduate Program in Cyber Security with masterclasses from MIT faculty and the Advanced Executive Program in Cyber Security in partnership with IIIT – Bangalore.
Simplilearn is an online bootcamp that allows students and working professionals to build their skills and resume with an outstanding curriculum and expert professors. Simplilearn is the first step in helping you achieve the career you want.
Check Simplilearn's UCI Cybersecurity Bootcamp and gain comprehensive expertise in defensive and offensive enterprise cybersecurity and become an industry ready professional.