“Attacks are less random and more targeted,” says Johan van Niekirk, Professor of Cyber Security at Noroff University College.

“Everything is hackable. You cannot avoid being hacked, you can only be prepared and have a plan for handling it,” says Johan van Niekirk.

The Professor of Cyber Security at Noroff University College talked at the GCE NODE Digitalization Forum in Kristiansand Tuesday. Niekirk gave an overview of trends in the cyber threat landscape and implications for cyber security specialists.

“Attacks are less random and more targeted. We have seen specific attacks on large corporations in which billions of user profiles have been stolen. This may not seem that serious, but it is weaponizing artificial intelligence and machine learning to produce more credible threats in forms of e-mails that you are more likely to open,” said Niekirk.

Cyber criminals have more opportunities to succeed as more people and things are connected. Every day, 1 million more people go online, and it is estimated that 20.4 billion IoT devices will exist in 2020.

“People spend on average almost 7 hours online every day. This represents a continuous cyber security threat. Every day there are 4,000 incidences of ransomware and 80 billion malicious scans. What are the implications for businesses? In general, Chief Information Security Officers will sleep less,” said Niekirk.

SERIOUS INCIDENTS VERY LIKELY
Roger Knutsen, Cyber Security Advisor at ICT firm Atea, agrees, saying “a serious information security incident is very likely, so we need to build resilience and the ability to recover quickly.”

“The digital business world is constantly growing, and new technologies offer new opportunities for business. This puts information technology at the center of business growth, placing greater scrutiny on performance and security. For hackers, digital transformation opens up a virtual playground of opportunities to disrupt our lives,” said Knutsen.

He preached a holistic approach to information security, creating a security culture in the entire enterprise based on processes, technology and people.

“Senior management need to take ownership and drive information security,” said Knutsen.

He strongly recommended the use of international standards to align ICT security measures.

“Senior management need to take ownership and drive information security,” says Roger Knutsen, Cyber Security Advisor at ICT firm Atea.