The budget for cybersecurity continues to grow smaller each year. There is a shortage in human capital inventory when it comes to cybersecurity. This is according to the State of Cybersecurity 2021: Global Update on Workforce Efforts, Resources and Budgets of ISACA (Information Systems Audit and Control Association, Inc.).
While many enterprises, governments, and organizations are aware of cybercrimes happening everywhere in the world, many still believe that they are not vulnerable, that they have installed enough cybersecurity protocols to deter hacking attempts.
Everyone should be aware that the threats of ransomware, phishing, data leakage, hacking, and insider threat will always be around. Vulnerabilities can always be found by people who are into cybercrimes, especially today with the pandemic, the remote working conditions, the shift in the use of technology, software vulnerabilities, and outdated machines.
Awareness is important, so too, the implementation of a cyber security platform that will give your enterprise the protection it needs, from your website to APIs and all types of data storage.
Current and emerging threats organizations face
It’s alarming that despite advanced cybersecurity technology, cybercrime groups continue to rack in millions by exploiting vulnerabilities in various security systems. They are so quick that they can develop new hacking tactics. Here are cyber threats that most organizations face today.
This threat depends on manipulation and human emotion. Once they have identified the target, they typically provide information that creates fear or awe, guiding the target to give them network access. Common social engineering threats are quid pro quo, pretexting, baiting, and phishing.
Many enterprises keep up to date with emerging technology but many fail to train their employees about cyber threats and the importance of cybersecurity monitoring. The use of new devices makes organizations more open to distributed-denial-of-service (DDoS) attacks that can impact an organization’s entire work system. Often, organizations are forced to pay a ransom to restore operation.
Cybercriminals use data-encrypting programs or ransomware to demand payment before allowing an infected enterprise to resume operations. While the government and other security authorities remind everyone not to pay any ransom, about 40% of organizations that were attacked paid the ransom because of the critical importance of their organization.
For example, when ransomware attacked the University of California SF’s School of Medicine on June 1, 2020, it had to pay $1.14 million in bitcoin as negotiated payment so that it can restore/protect the critical data they have on the school’s various research. The attack was perpetrated by a gang called Netwalker.
In 2020, ransom demands for bitcoin and other cryptocurrencies reached about $1.4 billion in the United States. The estimated damage to businesses worldwide caused by ransomware in 2021 will be about $21 billion.
Recent ransomware attacks:
The May 7, 2021 ransomware cyberattack on Colonial Pipeline affected the pipeline’s computerized equipment. It showed once again the vulnerability of the infrastructure of enterprises and organizations. While Colonial Pipeline halted operations to stop the effect of the attack, the hackers had already stolen about 100 GB of data the day before. Worst, the American pipeline had to pay the hackers a ransom of 75 bitcoin, then equivalent to $4.4 million for a slow decryption tool, prompting Colonial to use their backups to restore operations. The FBI identified the hackers as Darkside, a hacking group based in Eastern Europe.
The hackers were able to enter the network using a password from a VPN account used by a Colonial Pipeline employee. The password was included in a group of leaked passwords found on the dark web.
This was followed by the ransomware attack on JBS, S.A.’s operations in the United States, which also affected their operations in Canada and Australia. The attack occurred on May 30, 2021. JBS, S.A., whose headquarters is in Brazil, is the largest producer of pork, chicken, and beef by sales in the world. The attack affected all the facilities of JBS USA, rendering them inoperative temporarily, including the slaughterhouses in Nebraska, Wisconsin, Texas, and Utah.
Also, shut down were their beef facilities in Souderton, Pennsylvania. About 7,000 of their employees in Australia were not able to work on June 2. According to reports, the attack likely came from Russia, and possibly the work of REvil, but the FBI is still investigating.
It is easy to overlook insider threats because most of the focus is on putting measures to prevent outsiders from coming in. An insider, who is often a trusted person, already has network access and abuses their privileges, with the intent of selling information. Many organizations are preventing the occurrence of this threat by continuous verification of users’ identities, and allowing network access only to those people who need the privilege to perform their tasks.
Third- and fourth-party vendors
Organizations must investigate the software vendors they use to upgrade their systems and business operations. Most vendors require access to your assets when deploying their programs, which can compromise not only your business process but also your sensitive data. Establishing an extensive third-party risk management program can assure you of all your vendors’ cyber health.
Emerging cybersecurity trends
The current health crisis amplified the dependence of individuals, industries, and governments on technology. With the new work guidelines, restrictions, and health regulations imposed, many of the functions of employees and workers were augmented by various technologies. This has an impact on cybersecurity, bringing forth new trends.
1. Remote working
In the rush not to fully disrupt business operations, companies were forced to purchase IT services and products quickly to prepare for the remote work environment. For most enterprises, the migration to cloud computing and storage was unplanned. Other companies side-stepped or rushed their security measures, bringing about new levels of vulnerability and risk. Companies should assess their new security infrastructures to check for weaknesses and improve their remote security strategy.
2. Ransomware brings new challenges
Cybercriminals continue to grow bolder, now attacking consumer-facing industries. Many industries and company IT departments relied on VPN for access to their corporate network. But VPN is proving it is also vulnerable. It is best to shift to Zero-Trust Network Access (ZTNA) now.
3. Use of multi-factor authentication
More companies will use multi-factor authentication (MFA) along with strong passwords as a defense against malicious attacks and data breaches. One example of MFA is providing a user with a one-time passcode.
Other cybersecurity trends in 2021 and beyond include:
- Implementation of AI-powered security systems.
- Data privacy will be a program, not just a component of a security program.
- Cloud services will also be targets of cybercriminals, so ensure that you have security measures in place before migrating your workload to the cloud.
- Implementation of company-wide cybersecurity training for everyone.
- Hiring more cybersecurity professionals and chief security officers.
- Introduction of real-time data visibility and security automation.
What is cybersecurity hygiene?
Many of the cybersecurity trends for the past two years were accelerated by the pandemic. Just like the health crisis, organizations should take the risks to cybersecurity seriously. They should be proactive and accept that security cannot be taken as an optional but a long-term investment for any organization.
Cybersecurity hygiene means having security protocols in place, such as increasing an organization’s workforce. Likewise, organizations should start investing in cybersecurity automation to gather and analyze cyber activities in real-time. In an IBM report in 2020, the company found that between an organization with security automation and one without, there is an average difference of $3.58 million in the cost of a data breach. Companies with fully deployed automated security saved more money even if data breaches occurred.
Companies must create a culture of cybersecurity education and awareness so the employees are equipped to recognize/identify threats. Providing ongoing training is becoming more vital as companies continue to face cybersecurity challenges. Management should emphasize the urgency of cybersecurity awareness, and everyone has the responsibility to secure corporate data and protect the company from cybersecurity risks.
Renewing staff awareness training on cybersecurity
Most new employees may or may not have received security training because the company’s IT department makes sure that the organization is secure. However, with the heightened cyber threats, it is important to go back to basics and renew the staff’s awareness of cybersecurity. Organizations should train them again on basic security protocols and new issues.
- Phishing attacks are very common today, and many groups have used COVID-19 as a theme for their scams. They should be aware of fraudulent websites, phishing emails supposedly from the Centers for Disease Control and Prevention (CDC) and the World Health Organization.
- Train them on how to secure and use removable media such as CDs, smartphones, SD cards, and USB sticks. With this, employees should know how to use random passwords for their devices instead of common passwords.
- All employees should practice a clean desk policy. They should not leave computers unattended and these should be password protected. Documents should be under lock and key instead of being left lying around, to be copied or stolen. Moreover, employees who use their devices for work must be taught to use biometric authentication or encryption to protect sensitive data.
- With free Wi-Fi access in many establishments, employees must learn how to use public Wi-Fi safely and minimize the risks.
Although it is very challenging to ensure cybersecurity, there are many steps organizations can take to bolster their security to prevent extensive damage. It is an uphill battle considering that most attacks now are financially motivated. Therefore, instead of spending millions to fix the breaches, spend them instead on upgrading your cybersecurity system, hiring a chief of security and capable IT personnel, and training everyone about the importance of cybersecurity and their responsibility in keeping your data secure.