In the first half of 2021, cyber assaults increased worldwide in almost every sector. TechNewsWorld discussed the growing threat environment, impending dangers, and what might be done to prevent the continuing aggression against the IT system of businesses, organizations, and government agencies with cybersecurity experts earlier this year.
Originally published on February 16, 2021. Because of its popularity, it is now part of our Best of ECT News series.
Some cybersecurity experts concur with a Cyber Security Ventures study and anticipate cyber-crime financial losses to exceed 6 trillion dollars by the end of this year. Industry surveys indicate that cyber attacks are one of America’s most rapidly increasing crimes.
Cyber assaults are on the increase. Based on what we know and every analyst we have spoken to, according to Robert McKay, senior vice president, risks solutions at Neustar, there is no question that the assaults are on the increase.
“Experts in cybersecurity estimate that a cyber assault will occur every 11 seconds in 2021. This is almost twice as much in 2019 (every nineteen seconds), and four times as much in 2016 (per forty seconds), “TechNewsWorld informed him.
The constantly increasing rise in cyber assaults globally is costing companies a lot to better secure their computer networks against breaches. Not only are cyber assaults growing often, but they incur victims more financial damages.
The Growing Cyber Price
According to statistics collected by Atlas VPN experts, cybercrime companies, government organizations, and consumers in general cost more than 1 trillion dollars worldwide in 2020. That’s around 1% of the global GDP.
While 945 billion dollars have been lost due to cyber incidents, 145 billion dollars have been spent on cybersecurity. These expenses rose by almost 50% compared to 2018, when over 600 billion dollars was spent on cybercrime.
But 20% of the global organizations, according to the Atlas VPN study, have no strategies to defend against cybercrime occurrences. That gives hackers a huge vulnerability in their networks to expand their assault methods to steal even millions of dollars more.
The only safe protection, cyber safety experts warn, is to scale up efforts to adopt laws supporting technical protection. This is the only method to change the trajectory of ongoing cyber assaults.
Cloud violations are expected to grow in both speed and scope, in spite of all attempts to safeguard systems and data, stated John Kinsella, Chief Architect of Accurics, regarding his DevSecOps Summer Research Report 2020.
“This [study] comes as the past two years have seen widespread cloud breaches. More than 30 billion records were exposed as a consequence of misconfigurations of cloud infrastructure, “TechNewsWorld informed him.
To stay at pace with a changing economy requiring greater digital transformation, organizations must prioritize cyber resilience and DevSecOps practice.
Not just in the clouds
The increasing speed of cyber assaults is far higher than the rapid shift to cloud storage and cloud infrastructure. However, misconfigurations in cloud infrastructure have led to data exposure and are nowadays one of the most serious cyber risks, said Kinsella.
Close to 98% of all cyber assaults depend on some kind of social engineering to provide payloads such as malware or ransomware. Cyber thieves frequently utilize one of the most effective forms for attacks to launch a social engineering assault through phishing emails. Thus, threat actors transmit malware around 92 percent of the time through e-mail.
Cloud usage and ongoing cloud stamping are not gone. This continuous change in computer activities must be handled with more care.
COVID has expedited the digital transformation of businesses. Therefore, compliance and security issues are required to build up workloads on the cloud, said Mohit Tiwari, co-founder and CEO of Symmetry Systems.
“This part was because the workloads that had resisted migrating to the cloud were precisely the highly regulated ones and the forced removal from IT staff-managed on-site data centers boosts demand for cloud-based compliance and security,” TechNewsWorld said.
In order to reduce the deteriorating cybersecurity environment, cloud-based security methods will be essential. He stated that these include how to deal with cloud-based identity management and access management (IAM).
“Cloud security workers need to learn extensively about infrastructure management via structured programs instead of shell scripts. As networks and application levels grow timely, its own and customer data will likely be the most essential permanent asset for every company. Data security in the cloud is thus a significant issue for the future, “He said. He said.
Cloud cover provision
The global epidemic has accelerated cyber breaches. Self-sufficiency and low training among office employees and insufficient IT monitoring also exist.
Organization, Brendan O’Connor, CEO, and co-founder of AppOmni, said that companies need to take a balanced approach to educate their workers and investing in automated technologies to reduce the dangers of cyber assaults. There is no need for extensive training and manual monitoring 24 hours a day if the appropriate automation technologies can complement the IT personnel by building their skills.
“IT professionals specialized in security need to concentrate on supporting the new business model that many companies embrace. Some companies change their business model to virtual workers and underline the necessity to protect office networks, “TechNewsWorld informed O’Connor.
In other instances, offices are completely removed. IT employees must shift their emphasis from the conventional campus/office network security to the job security application, he said.
“Organizations depend on consistency and safety of cloud service applications with their staff location and devices under continuous flux. IT professionals should seek for new skills and technologies to adopt in the administration and security of SaaS apps (software as a service), “O’Connor stated. He added.
In the next year, ransomware continues to be a major danger and financial concern for companies, said Joseph Carson, chief security scientist and consultant CISO of Thycotic. Most businesses should be extremely worried about ransomware as the greatest issue and danger to cybersecurity, he said.
“Investing in safety solutions, which minimize risks should be a top priority for organizations, and planning and testing an incident response plan to guarantee the company is robust to high-risk assaults,” he told TechNewsWorld.
Ransomware is still more than a security issue. Cyber thieves are increasingly looking to steal data before being encrypted on corporate systems for data infringements with organized cybercrime organizations. Companies are not just concerned about getting their data back but are also concerned about who they disclose publicly.
Cyber-criminals employ ransomware at a time when they are under tremendous pressure to attack anybody, any business, and any government, including hospitals and the transport sectors, Carson said.
Another significant trend in cybersecurity is to safeguard tools and security providers in this sector, said Brandon Hoffman, Netenrich’s Chief Information Security Officer. The instruments on which the business depends and its suppliers are increasingly targeting assaults.
“It is a major issue because practitioners require tools to identify and defend them. By paralyzing or repurposing the exact instruments designed to counteract these efforts, the enemies will receive full support in the continuing fight against cyber dangers, “TechNewsWorld informed Hoffman.
“Security organizations and vendors’ assaults have always been high on the opposing list but success is further enjoyed.”
Combat the Battle
The element of trust is a kind of internal struggle between security providers and companies who use them for cyber defense. Tim Wade, the technical director of the Vectra AI CTO Team, emphasized that this trust must be continuously evaluated.
“Strategically, security practitioners should pioneer the resilience-based security architecture away from preventive security architecture,” Wade told TechNewsWorld.
This is how the attention moves to accept the fact that things are going wrong, but when they do, the effect is reduced by quick notice, reaction and recovery. Sellers and suppliers have long been profitable targets for opponents.
Many of the cyber-attackers belong to organized, internationally sanctioned criminal organizations. The greatest defense of such opponents is to recognize that they cannot be stopped. But then concentrate on making their life as hard as possible, Wade added.
Higher education cybersecurity
Education is one of the frequently unacknowledged methods of protecting against cybersecurity attacks. This strategy goes beyond training employees to better understand safe computing principles. Instead, attracting computer professionals to graduate in cybersecurity.
Cybersecurity thrives because so many people come from a variety of backgrounds and skills, Untangle Senior Vice President Heather Paunet said.
“Multiple industry-leading companies providing certification programs may benefit from groups that are usually marginally involved in other sectors, when pivoting and beginning a career in cybersafety,” she told TechNewsWorld.
The Next Field