Google cyberattacks and you’ll be sure to yield search results from companies large and small.
The headlines scream “T-Mobile says hackers stole data of more than 40 million people” or “One password allowed hackers to disrupt Colonial Pipeline.” And those are just the ones that we know about.
The reality is that the tech news isn’t sensationalizing the situation. There has been a significant spike in cyberattacks this year. In the first half of 2021, Accenture found a 125% increase in incident volume year-over-year. And it’s not stopping any time soon as cyberattacks on the Internet of Things are expected to double by 2025.
Risks Versus Rewards of Security
The uptick in cyberattacks means increased risks to enterprises’ security. As a result, companies are now facing a myriad of problems across their business from the top down and across departments. Doing nothing is not the solution or you could fall down a rabbit hole full of risks.
Consider these areas and the consequences they could mean for your enterprise:
- Legal: The laws around data protection and privacy vary by country and state. In the US, businesses must notify the affected individuals ASAP or face fines and litigation.
- Reputation: Customers will take their business elsewhere if they cannot trust a business to keep their information secure. Damage to a company’s standing can last for years to come.
- Financial: The cost of a data breach rose from 3.86 million dollars to 4.24 million dollars in 2021. Investing in the right security measures now will pay off in an enterprise’s future bottom line.
- Intellectual property: Valuable assets such as product designs or trade secrets are snatched up by cyberattacks. IP may be intangible but that is exactly what makes it more vulnerable to attacks.
From the Past to the Present of IT Security
Think back to what enterprise security looked like in years past. Five years ago, best practices were running some lukewarm version of antivirus software. Go back even further to ten years ago. That’s when maximum security was hiding your password book.
Remembering the past puts the present scenario into perspective. It’s evolved into a whole new game now. There’s a new set of players on the field that have come to compete in the cyberattack wars. And companies must be ready to play both defense and offense.
The pandemic has ushered in a fresh set of risks for companies. Remote work has meant an increased reliance on cloud applications for workforces which in turn exposes companies to greater cloud security risks. This is most seen with the use of virtual video conferencing applications such as Zoom where data is being breached.
The average cost of a data breach resulting from remote working can be as much as $137,000 so having a solid cloud infrastructure is imperative for a company. Organizations that are further along in modernizing their approach to cloud strategy contained a breach on average 77 days faster than those in the earlier stages of cloud migration.
Battling the New Reality of Cybersecurity
Cybercriminals are consistently staying a few steps ahead of enterprises’ cybersecurity measures and playing on their vulnerabilities. In today’s new normal, IT departments can’t be complacent and should focus on staying up to speed on emerging threats.
These are three of the top threats to an enterprise’s cybersecurity. None are new threats, but they have become more complex and will most likely continue to compound into the future.
- Ransomware: Attacks with ransomware are far more sophisticated making them harder for even the most advanced IT professional to crack. Cybercriminals have upped their extortion demands to maximize their exploitation of an enterprise. Check your company’s insurance cyber policy to see what is covered and if you are the victim then your first call should be to the FBI’s cybercrime unit.
- DDoS Attacks: Although DDoS attacks are down 38.8% in the second quarter of 2021, this particular type of attack should still be a priority for businesses that are predominantly internet facing. Many enterprises, such as retail or healthcare, rushed to pivot to online during the pandemic but didn’t take the time to properly secure their sites. Make sure you have the right agile tools in place for new lines of business.
- Phishing: One constant is still true and that is that employees will always fall for a phishing scam. The pandemic has brought an influx of emails playing to employees’ emotions such as luring them in with fake vaccine appointments. Continue your employee awareness efforts around phishing and notify workers about new scams.
