While some of these technologies are quite recent, others like blockchain have been around much longer, popularised by Bitcoin, Ethereum and other crypto blockchains. Blockchain can help to secure logs and evidence for forensics, through validating transactions with consensus algorithms.
We have to look into new technologies and piece them together into a bespoke solution suitable for each use case like a puzzle.
Back in the day, developers had to learn new programming languages to code smart contracts for blockchain, with tools like Bitcoin Script, Simplicity, Solidity and Rholang, and they also had to learn how to instantiate new consensus nodes to join the main net to participate in various consensus algorithms. But, in the last few years, new tools to write, deploy and operate decentralised applications have emerged.
Many public cloud service providers also provide Blockchain-as-a-Service (BaaS) offerings that allow customers to leverage cloud-based solutions to build, host and use their own blockchain apps, smart contracts and functions on the blockchain, while the provider manages all the necessary tasks and activities to keep the infrastructure agile and operational. Both these improvements have made blockchain adoption for both startups and enterprises more feasible.
Likewise, all the major cloud service providers provide AI and ML services including image and video recognition, speech-to-text transcription and translation, text-to-speech, voice recognition and tagging, and so on, enabling startups and enterprises to jumpstart their AI journeys.
Forging the appropriate technology solution that addresses critical gaps is vital to ensuring threats and vulnerabilities are kept to a minimum. To establish a bespoke technology stack, organisations must understand the gaps in their security posture and identify the technology requirements needed to upgrade it.
The first gap to identify is which of these new technologies is a core competency for the organisation. For core competency requirements, the organisation must identify technology leadership and resources to acquire, develop, evangelise and manage the long-term roadmap.
The next gap is developing a technology transition program that leads the organisation into a change management process, one that plans the sunset of legacy technology stacks while developing capabilities and competencies in new processes and solutions.
The third gap is in human resource development by retraining and upskilling the existing workforce to take on new processes and solutions. Unfortunately, many organisations usually lack vision and execution in this area.
Skills, workforce and culture
People are the key ingredient in ensuring successful recovery from a cyberattack. Working in a community, sharing data and comparing various approaches to solving different problems are good practices for improving the security baseline.
Regular training and conferences are also critical to upkeep the skill sets and experience of cybersecurity professionals. As technology, platforms and systems evolve at a rapid pace, maintaining skill sets and sharing experiences among the community becomes an essential task.
It is important to acknowledge that cyber security field contains many knowledge domains and most people have some specialised skills in certain areas, whether cryptography and PKI, security architecture and models, or business continuity and disaster recovery planning.
To harness these skills, organisations should adopt both the generalist and specialist approaches and create a team of first responders with broad skill sets that are supported by teams of deeply skilled domain specialists. This allows the teams to cross develop critical skillsets like incident response, troubleshooting and investigations. Job rotation is also another option to move teams into different domains to expand their knowledge and skills.
Lastly, executive support is also vital for any large scale deployments to succeed, especially security-related initiatives with new leading-edge solutions, but ambassadors must also show and tell the value proposition of these solutions to all stakeholders to get their questions answered and gain acceptance. Having an organisation-wide growth mindset is critical to successfully implementation.
Third-party partnership/collaboration with cybersecurity vendors is the final piece in the puzzle.
Not only can vendor partnerships help companies gain an all-in-one solution stack, but vendors generally have first-hand news and information from their threat intelligence and feeds. Partnering with them thus helps organisations prepare for possible zero-day attacks on their environments and further enhances their skills and experience in handling severe threats.