The level of digital transformation we’ve seen over the past two years, coupled with businesses having to adjust to new hybrid working models, has undoubtedly also prompted innovations in cyber criminality and cyberattacks. According to UK government statistics, over one-fifth of organisations that have suffered from cybersecurity breaches in 2022 identified “more sophisticated” forms of attack than anything they had previously dealt with, such as denial of service, malware or ransomware.
Innovation is coupled with volume. According to Check Point Research, cyberattacks increased 50% globally year-on-year in 2021. The Ponemon Institute and IBM’s Cost of a Data Breach Report 2021 found that the average total cost of a data breach had increased from $3.86m to $4.24m during the same period.
Though this is partly to do with the splintering of workforces, there has also been a massive shift in focus from on-prem to cloud technologies, a lack of standardisation when it comes to connectivity options, and increased flexibility for workers to use personal devices, leading to a proliferation of endpoints.
Arguably, however, amid all this change, the one area that has struggled to keep up with the speed of change is cybersecurity.
Why more emphasis on cybersecurity is vital
Indeed, despite the fact that the concept of physical security has become less of a focus as businesses move away from the office, there has been little investment in securing an alternative. Organisations are still reliant on platforms that have been rendered inadequate or obsolete by changes in working circumstances.
The good news, however, is that with constant innovation and faster turnaround on new security solutions, evaluation and implementation are easier than ever to prioritise. And since businesses now hold not only their own data but sensitive data relating to customers and clients as well, it is vital that security is given utmost priority.
With more delegation from internal stakeholders to involve cybersecurity teams in key decisions, organisations can go a long way towards reducing their risk. As an example, when onboarding any third-party vendor, application or service, it should be rigorously built into a business’s normal practice to have cybersecurity professionals carry out the necessary checks first.
How cybersecurity teams can keep up with criminals
With constant changes in the market and new ways of doing business, new attack methods and targets emerge and adapt accordingly. In such an environment, it can sometimes seem as though the battle against cyber criminality is a losing one, though the motivation to protect vital assets is strong and the tools at our disposal are more sophisticated than ever.
One of the major challenges for internal cybersecurity teams is maintaining the level of vigilance required to keep up with the cyber threat landscape. Innovation is unfortunately a two-way street, and while vendors are working around the clock to create new and better protection solutions all the time, criminals are adopting more insidious tactics to gain access to or steal organisational data.
The first and most important thing cybersecurity professionals can do is educate stakeholders about the various channels through which a phishing or ransomware attack can happen. IT and governance teams should work in tandem to identify their own organisation’s most valuable assets and cross-reference with any potential opportunities for security compromise. These might take the form of elastic perimeters, vulnerabilities associated with endpoints, internet access and personnel access controls, though each business will have its own unique set of circumstances.
The rigour of attack, surface monitoring, behavioural indicators of systems and people, and more frequent penetration testing, are all factors that deserve more attention from businesses than they are currently getting. Patch updates or upgrades from OEMs must be deployed with stringent SLAs, and building a security culture across all functions and business processes should become synonymous with an organisation’s DNA.
Risk factors for cyberattacks
There have been rumblings within the technology sector over the past few years of a large and growing STEM talent gap, with cyber skills in particular coming under intense scrutiny. Upskilling will account for a significant part of the UK government’s commitment to invest £2.6bn in cyber and legacy IT in the next three years as part of its National Cyber Strategy, promoting education in the UK tech sector.
Despite this welcome proactive approach from the government, business leaders also need to think ahead when it comes to identifying the right tools and technologies for cybersecurity and, crucially, plan ahead for the current shortage in the cyber talent pool.
To do this, businesses need employees who are motivated and can learn quickly, who are willing to upskill where required and cross-train associates on important security technologies. Luckily, identifying the right partners or SMEs for specialised services, tools and systems, as well as building a plan to engage these partners, can go a long way towards building confidence among employees wishing to improve their knowledge.
Of course, organisations need to bear in mind the limitations of their internal talent pool and identify areas where partners can help. For example, incident response, breach management and dark-web monitoring. Automation, AI and machine learning are all effective ways of supplementing the skills gap and freeing up employees to carry out more stimulating, complex work.
The rise in attacks on the software supply chain is also something that should keep CISOs awake, primarily because of an over-dependence on third-party products and services. In other words, if you expose your organisation to the weakness of a third party’s product (over which you have no control), this in turn becomes your organisation’s weakness, and thus the weakness of your own clients and customers.
Though again, with proper risk management for suppliers and services, identification of critical software dependencies and single points of failure, procedures to handle end-of-life products, and assurance through industry best practices, disruptions to software supply chains can be managed as effectively as everything else.
What the future holds for cybersecurity
Though attacks are on the rise, there are platforms available to combat the growing threat with effective measures like strong perimeters, secured gateways and endpoints, as well as secured environment and operations.
Hexaware has invested heavily in the latest best-in-class tools, systems and services, such as SIEM, SASE, EDR, and next-gen scan tools, and insists on mandatory security training for all associates.
Supplier security, simulation exercises on phishing, playbooks for incident response scenarios, behavioural analytics, next-gen password techniques, encryption, isolated backups, and state-of-the-art access for privileged users are just some of the ways that Hexaware ensures partners and associates receive the best protection possible.
