Reimaging Enterprise Security in the Aftermath of the 2020 Twitter Breach | HCLTech

Reimaging Enterprise Security in the Aftermath of the 2020 Twitter Breach
November 13, 2020

Twitter has more than 350 million monthly active users and 145 million daily active users—the second highest social media network in the world. It comprises politicians, celebrities, business leaders, brands, humanitarians, and millions of people from around the globe. On Wednesday, July 15, 2020, the Twitter accounts of prominent figures such as the former US President Barack Obama, Elon Musk, and Bill Gates, began to offer their millions of followers “free money” via Bitcoin exchange. This was, of course, a lie—a cyber-breach of unprecedented proportions in the world of social media.

Change how we conceive cybersecurity and apply strategies that converge solutions across the digital and real dimensions for a more robust enterprise IT ecosystem.

The reality, as we quickly discovered, was that Twitter had once again been breached. This was less than a month after Twitter had apprised its enterprise customers that their systems had been compromised. In fact, in December 2019, they sent out a warning to their Indian users regarding malicious code in their app. And, of course, we can’t forget the September 2019 incident when Twitter CEO Jack Dorsey fell victim as his own Twitter account was hacked. It would be fair to say, the July 2020 breach was just the most recent and largest incident.

The gravity of the most recent breach lies not in the celebrities whose accounts were hacked or the fraud that was perpetrated, but in the very fact that it was a breach from behind Twitter’s own systems, executed using Twitter employees. And while these employees were also victims of a “social engineering” scam, it portents a worrying trend in how even the largest digital companies are vulnerable. With the outbreak of the COVID-19 pandemic, and the consequent global remote work culture, enterprises have no choice but to adopt a proactive posture.

Identifying the Gaps in Modern Cybersecurity

An enterprises’ security architecture is like a spider’s web. While security architecture can be extremely intricate and totally effective in its function, it is also delicate and vulnerable in key areas which can be exploited by cyberattacks. The first wave of enterprise security architecture existed in isolated monoliths that were very difficult to attack and the skill set to do so was highly complex. Today, however, cyberattacks such as a SIM swap attack (the same that targeted Twitter’s CEO) requires no serious technical skill and can be deployed against anyone.

While the emergence of new technologies such as cloud, IoT, and AI, has strengthened enterprise productivity and innovation, it has also increased the threat landscape with a proliferation of cyberattacks—not to mention enhancing the capabilities of bad actors. Combined with user-targeted techniques such as phishing and social engineering, it makes enterprise security increasingly fragile and vulnerable if not implemented with rigor. This is a key reason why cybersecurity has been an ever-growing concern for organizations of all sizes and across sectors.

Most companies and individuals face cyber-attacks on a daily basis, both minor and major, with 59% reporting a significant incident in the past 12 months. And these rates increase with every improvement in technology. That said, most of these attacks do not make it to the news because of the existing cyber defenses that prevent or mitigate incidents, keeping operations secure and running. Thankfully, most major technology companies are seriously and continuously working toward protecting systems in general, and data in particular.

After all, data holds immense power across multiple domains, from innovation to politics. This is why companies specializing in data make it their top priority. For example, Facebook is deploying AI and advanced encryption, Amazon uses a threat detection software ‘Guard Duty’ to protect its Amazon Web Services accounts, and Microsoft invests more than $1 billion every year in protecting their data assets. But in every chain, there is a weak link that undoes the strength of the whole system. With millions of users sharing astronomical amount of data daily, the sheer number of touchpoints and the transaction load necessitate unfailing vigilance to ensure user privacy. How are enterprises to take on this challenge?

Reimagining Enterprise Security

The key to developing a truly resolute enterprise security ecosystem lies in adhering to two broad principles—using the right digital tools in the right ways, and enacting an effective user training program. For an enterprise, such a strategy needs to be customized at multiple levels of operations and corporate hierarchy, but its focus remains the same. The immediate measures every enterprise, irrespective of its size and business domain, should take include:

Training and Awareness: Continuous and regularly updated training sessions for all system users on the various non-digital threats. While technology tools can protect users to a degree, they themselves are the first line of defense. This includes educating users with regular updates on social engineering tactics such as phishing, personal device vulnerability awareness such as SIM swapping, and teaching them safe online behaviors.

  1. User Verification: Today’s enterprises are digitally fluid, reliant on multiple devices and users across common systems. This is where verifying user credentials cannot be a passive process. Adding tools—such as multi-factor security with device location verification, network access point awareness, and verified privileged user security measures—can be critical to preventing unauthorized access.
  2. Data Encryption: As we learned from the Twitter breach, user-data behind the protection of a firewall is easily vulnerable as the threat can emerge from a super-user within the security system. Following an end-to-end data encryption practice ensures all data and communications remain privileged and protected, even if there is a breach in the protection of the security system. So, while someone may steal this data, it remains benign and inaccessible within the security system, thanks to data encryption.
  3. Cognitive Awareness: Given the immense scale and frequency of threats, it is not possible for humans to offer peace of mind. However, enterprises can leverage AI-powered, fraud analytics to detect unusual user behavior that can offer an early warning in case of unusual behavior. For instance, the promise of free money by major public figures on Twitter in a coordinated and specious manner would have been a clear red flag to an AI system. Using digital risk protection solutions such as Searchlight™ can help identify and protect against such threats.

Of course, all the above steps would only be effective with some minimal security measures in place, such as a real-time anti-malware tool, and some fundamental security literacy among enterprise users. This includes basics such as authorized anti-virus, anti-malware solutions on enterprise devices, as well as training on essentials such as secure password protocols and email habits. And despite all these security measures, the core of an enterprise’s digital security must stem from a strategic and foundational perspective:

  • Ensuring cybersecurity is an essential factor in the planning stages of all initiatives.
  • Revising the broader IT ecosystem silos that may give birth to cybersecurity vulnerability.
  • Formulating and implementing a risk-centric governance for enterprise KPIs.
  • Reframing cybersecurity as a business objective rather than just an IT liability, by quantifying potential vulnerabilities and threats.
  • Empowering CISO to take and execute critical decisions that serve to ensure security without resistance from the broader C-suite.

As the saying goes, offence is often the best defense. But adopting the right strategy and posture requires looking beyond the mere deployment of tools—instead, it requires implementing digital security solutions that are designed with the real vulnerabilities of the system. The modern enterprise needs security solutions that encompass every aspect of digital security, from the digital world to the real world. And if we are to learn anything from Twitter’s most recent breach, it is that it probably won’t be the last—for Twitter or any other enterprise. The only way to change this on-going trend is to change how we conceive of cybersecurity and apply strategies that converge security solutions across the digital and real dimensions for a more robust enterprise IT ecosystem.

Get HCLTech Insights and Updates delivered to your inbox