Cybersecurity—the process of protecting computer systems, devices, networks, programs, and data—has never been more important. It’s not just information security professionals who think so, either.
In a 2022 PwC Pulse survey, business executives cited cyber as the number one risk to their organisations, with about 4 in 10 saying that more frequent/broader attacks are their top business concern. Another recent study by Hiscox supports these findings. The survey found that cyber is viewed as the biggest operational threat by organisations in seven out of eight countries.
With cybersecurity top of mind for many leaders, more than 1 in 2 organisations plan to up their cyber budgets in 2022. However, businesses can no longer rely on solutions like antivirus software and firewalls. Disconnected tools like endpoint detection and response (EDR) and network detection and response (NDR) are likewise not enough.
Here are three reasons why cybersecurity today is critical and how companies can ensure better network security.
Last year was a record year for security incidents. From ransomware and social engineering to vulnerability exploitation, doing business in 2021 meant facing cybersecurity threats from every direction.
Organisations saw 50% more cyber attacks per week on their corporate networks in 2021 versus 2020, according to research by Check Point. Except for malware, all types of cyber attacks increased in volume, per SonicWall’s report. Some, like encrypted threats and ransomware, spiked significantly (167% and 105%, respectively).
This year isn’t looking any better, either. In the second quarter of 2022, global cyber attacks rose by 32% compared to the same time in 2021.
One of the reasons why attacks are getting more frequent is that the barrier to entry is lower. Whereas in the past, cybercrime required a certain level of skill and knowledge, today, low-skilled hackers can get the technology and training they need for “the price of a gallon of gas,” says Alex Holland, senior malware analyst at HP Inc. Software like plug-and-play-malware and phishing kits are easy to buy on the dark web, with the vast majority of exploits retailing for less than $10.
Meanwhile, ransomware gangs are operating like actual businesses. Conti leaks demonstrate that the group has performance reviews and gives bonuses to their “employee of the month.”
A growing number of cyber attackers are also evolving their tactics. Rather than focusing on spreading malware through corporate networks, many ransomware groups now prefer to exploit vulnerabilities and zero-days. Some attackers scan for vulnerabilities just 15 minutes after a CVE is made public.
The pandemic and the subsequent rise of remote work have sped up digital transformation by at least a few years. But while adopting new technologies and ways of working helped many companies stay in business during tough times, it also expanded their attack surface.
In PwC’s 2022 Global Digital Trust Insights Survey, 75% of executives say their organisations are too complex. A similar number admits that this complexity is causing “concerning” cybersecurity risks.
From the internet of things (IoT) and mobile devices to poor cloud security and unsafe WiFi networks, the more complex the business environment, the more entryways there are for hackers to exploit. And the easier it is to find vulnerabilities. Patching vulnerabilities quickly enough has always been a problem. Nearly three-quarters of cybersecurity professionals say patching is too time-consuming and cumbersome. However, more than 1 in 2 say that remote work made patching more difficult.
Increasingly complex IT environments have also made threat detection and response more challenging. Research shows that the average business deploys dozens of security systems. Yet more often than not, a larger number of tools leads to less, not more, security.
This is especially true if organisations use disconnected platforms (EDR, NDR, security information and event management, etc.) that don’t talk to one another and produce a mountain of false positives.
The cost of a data breach is now higher than ever, according to IBM’s Cost of a Data Breach Report. Significantly, detection and escalation costs (i.e., forensic activities, audit services, crisis management, etc.), which is the main component of this cost, have risen by more than 16% in the last year.
Beyond the direct costs of a data breach, companies also need to consider what Deloitte calls “below the surface costs” of a cyber attack. These include insurance premium increases, higher cost to raise debt, operational disruption, loss of customer relationships, loss of contract revenue, devaluation of trade name, and loss of intellectual property (trade secrets, etc.)
That last one (intellectual property) is particularly relevant to companies in the pharmaceutical industry, where the risk of IP being revealed by ransomware attackers is 43%.
In other industries, loss of financial and customer data (personal data like names, addresses, credit card and bank account numbers, Social Security numbers, etc.) is more common. Unfortunately, the threat of leaked sensitive data isn’t likely to go away anytime soon. In 2021, double extortion (i.e., cybercriminals threatening to publish stolen sensitive information if a company doesn’t pay a ransom) increased by almost 500%, hurting organisations in a wide variety of ways (for example, lower stock prices).
These are not one-off costs, either. Most organisations that suffer an attack end up falling victim again, often to the same hacking group. Some are not even that lucky: about 60% of small businesses end up closing their doors for good within six months of a cyber attack.
With cybercrime showing no signs of slowing down, cybersecurity needs to become a top priority for businesses.
Right now, it’s much too profitable for bad actors to carry out attacks. Deloitte estimates that a cyber attack that costs just $34 a month could net the attacker $25,000. On the other hand, attack campaigns that cost a few thousand dollars could return up to $1 million per month.
However, even though cyber and data protection initiatives have finally entered the leadership agenda, most companies still struggle with implementing cybersecurity measures.
A lack of integrated threat detection and response tools makes spotting intrusions tricky, as low-value security alerts keep IT teams from important alerts. At the same time, the ongoing security staff shortage means that existing employees are overwhelmed and burnt out.
In this environment, companies need to find a smarter way to secure their networks. Security automation is the answer.
The IBM report mentioned earlier discovered that organisations that deploy security automation—tools that augment humans in the identification and containment of security threats with artificial intelligence—detect and contain security breaches much more quickly.
Automation also leads to significant cost savings in the event of a breach. Already, the number of organisations whose cybersecurity programs include partially/fully deployed security automation increased by 5% in the last year.
An automated threat investigation, detection, and response solution, SenseOn unifies data from across an organisation’s infrastructure (network, endpoints, cloud, etc.) to flag only genuine alerts, automatically stopping time-sensitive threats like ransomware attacks in their tracks.
Explore our collection of eBooks, webinars, articles, and more to help you maximize your understanding of emerging threats, adversary techniques and how to detect cyber attacks.Visit resource hub
Join thousands of like-minded professionals who are already receiving our blog updates and best practice guides.