You are currently viewing 5 Trends That Make Cyber ​​Threats Riskier and Costlier

5 Trends That Make Cyber ​​Threats Riskier and Costlier

Since the pandemic, the cyberworld has become a much riskier place. According to the Hiscox Cyber ​​Readiness Report 2022, nearly half (48%) of organizations in the United States and Europe have experienced a cyberattack in the past 12 months. What’s even more alarming is that these attacks are happening as companies have doubled their spending on cybersecurity.

Cybersecurity is at a critical inflection point where five megatrends are making the threat landscape riskier, more complicated and more expensive to manage than previously reported. To better understand the evolution of this threat landscape, let’s examine these trends in more detail.

1. Everything is going digital

The sudden explosion in connectivity has accelerated the digital transformation of governments and businesses by almost seven years, according to a McKinsey report. With infrastructure and associated services much more accessible over the Internet than they were before COVID, attackers had plenty of opportunities to compromise remote users, vulnerable systems, and defenses.

The pandemic has also forced workers to become more digitally dependent. Nearly a quarter of jobs will become remote in the United States this year, with forecasts calling for higher numbers in 2023, according to a Ladders report. The corporate perimeter that traditionally protected employees in an office environment has now become irrelevant. Workers access corporate resources from personal devices, use unsecured public Wi-Fi networks, and put organizations at increased risk of breaches and cyberattacks.

2. Organizations become ecosystems

Organizations open their infrastructure and resources to an expansive set of manufacturers, supply chain vendors, and partners to share information and make trade barriers less intrusive. Such changes present cyber risks for organizations because it is difficult to manage, secure and regulate an entire ecosystem that is beyond the control of the company. Cyberattacks in the supply chain jumped 51% last year according to research by NCC Group.

3. The physical and digital worlds collide

As the physical and digital worlds overlap, a hybrid threat landscape will emerge where attacks in cyberspace will have implications in the physical world (and vice-versa). This can take the form of business interruptions, physical security and infrastructure security, theft or loss of confidential data, litigation and even loss of life. Gartner predicts that cyber attackers will weaponize operational technology (financial systems, fuel or gas pipelines, power grids, water supplies, healthcare, or the internet itself) to harm human life.

4. New technologies bring new risks

The emergence of technologies such as the Internet of Things, multi-cloud, 5G and edge computing will create tens of billions of hackable devices and many entry points for attackers to exploit. Artificial intelligence will be subject to manipulations that can even institutionalize prejudices and make unfair, even dangerous judgments. The more connected the world, the more widespread the potential for disruption.

5. Regulations are becoming more complex

The massive increase in cyberattacks and breaches creates an urgent need for governments to regulate activities in cyberspace. Almost every major country publishes some form of data protection or privacy legislation. Regulations are changing rapidly, and depending on the number of geographies a business operates in, tracking and implementing regulatory mandates can be a complex undertaking. Non-compliance can expose businesses to pitfalls including operational failures, costly fines and penalties, and loss of customer trust.

Best practices that help improve cybersecurity performance

Organizations can follow these best practices to improve their cybersecurity performance:

  • Identify, prioritize and implement controls around risks. Regularly assess security maturity.
  • Adopt a framework such as ISO 27001 or NIST Cybersecurity Framework. Organizations that take an organized approach to security detect breaches faster and outperform others on key cybersecurity indicators.
  • Develop cybersecurity at the human layer. Assess staff reflexes, behaviors and patterns to create a corporate culture aligned with cybersecurity values ​​and risks.
  • Strengthen your supply chain. Conduct regular supply chain risk assessments, focus on your critical vendors, monitor your risk exposure, and implement a process for terminating vendors that do not meet your security standards.
  • Avoid using too many tools. Take a platform approach instead of deploying a bunch of disparate technologies. Ensure your security is multi-layered with a focus on people, process and technology.
  • Prioritize the protection of critical assets. Be aware of the damage that potential attacks could have on your critical infrastructure.
  • Automate where you can. Cybersecurity talent is already in short supply, and monitoring the entire threat surface can seem overwhelming. It’s always a good idea to invest in cybersecurity tools that leverage artificial intelligence and machine learning to complement human effort and speed up threat detection and response times.
  • Regularly monitor security measures to help business leaders better understand security effectiveness, regulatory compliance, and levels of security awareness in the organization.

Cybersecurity will always be a work in progress. The key to effective risk management is having proactive visibility and context across the entire attack surface. This helps to understand which vulnerabilities, if exploited, can cause the most harm to the business. Not all risks can be mitigated; certain risks will have to be accepted and trade-offs will have to be negotiated.

Copyright © 2022 IDG Communications, Inc.

Leave a Reply