The cybersecurity landscape has undergone numerous changes in recent years. Malware, phishing attacks and data breaches have increased in frequency and scale, urging organisations to invest more time and money into establishing their cybersecurity practices. Organisations should be conscious of the changing threat landscape, asking themselves what challenges they face today and what practical steps they should take to mitigate the risks of cybercrime.
This was the thread of discussion between Tech Monitor associate editor Jon Bernstein and John Shier, field CTO commercial at Sophos, discussing how the security landscape is evolving alongside increasingly sophisticated cybercrime and what this means for the future of organisational security.
Shier highlighted several key takeaways, including how professionalisation and specialisation in cybercrime have evolved. Firewalls and multilayering defences such as multi-factor authentication (MFA) have become crucial additions to the modern organisation’s defence layers to adapt to changing hacker tactics.
“We are getting better at detection, and are able to catch these people in the act sooner, but they know that. They know we’re better at detection, we have better tools and services, to aid in this quest of detecting them sooner and so they move faster, naturally,” said Shier. “The faster we attack, the more we start to prevent these attacks, then the faster we can break their cadence and get in the way.”
Shier also discussed Sophos’ recent report, ‘Stopping Active Adversaries’, highlighting the most common and emerging ways attackers infiltrate enterprises. The report provides actionable insights to guide security strategy, based on an analysis of 232 major cyber incidents remediated by Sophos X-Ops incident responders. Among its keyf findings are that compromised credentials and exploited vulnerabilities remain the predominant routes in, and attacks are getting faster. Dwell time for ransomware was down to five days in 2023 compared to higher numbers in previous years, and 91% of ransomware attacks in 2023 occurred in off-hours, highlighting the need for organisations to invest in around-the-clock protection.
Three steps towards greater security
To combat these threats, Shier emphasises the importance of three factors for organisations: to secure, to monitor, and respond. “Securing means you want to increase friction wherever possible, with robust layers of multifactor authentication. That is crucial and anywhere that it can be applied, it should be,” said Shier.
Cybercriminals are only adapting when they have to, warns Shier. Using new technologies and intricate defence tactics, Shier suggests raising the bar so high that some tactics for cybercriminals “won’t be worth it anymore” but reminds businesses that they no longer need to navigate their cybersecurity journey alone, and can call on advantageous partnerships to maintain airtight security for their organisation and employees.
“Getting security right can be difficult and time-consuming, it’s resource-consuming and expensive,” said Shier. “When you find yourself in a situation where you think, I’m having trouble doing this on my own, go ask for help. There are plenty of organisations out there, whether it’s people you can partner with for your IT infrastructure or vendors that can help you, ask for help, we’re here to help, and we’ve got the experience to keep you safe.”
Over the course of this wide-ranging cnversation, Shier provided further valuable insights and recommendations for organisations to establish a comprehensive cybersecurity strategy. The evolving cybercrime and security landscape emphasises the importance of multi-layered defences and the need for around-the-clock protection. By securing, monitoring, and responding proactively, businesses can stay ahead of cyber threats and keep their digital assets safe.
Watch the conversation in full above, and download the report, ‘Stopping Active Adversaries’, by Sophos to find out more.