It is tough out here for cybersecurity professionals. Organisations are confronted with the increasingly difficult task of safeguarding their expanded digital estate against rising cyber threats. Previously, organisations implemented security processes based on the physical network boundary, which was limited to their official premises. Following the outbreak of the COVID-19 pandemic, organisations adopted remote work strategies, which increased their digital real estate and exposed them beyond the boundaries of physical networks.
Attackers now have a larger surface on which to deploy actions that jeopardise the processes and techniques involved in safeguarding sensitive resources such as data, systems, networks, applications, and even Internet of Things (IoT) environments.
Ransomware, a type of malware that infects files and folders and prevents them from being accessed, is one of the most rapidly growing types of attacks on this newly exposed digital real estate. The attackers will frequently demand a ransom (hence the name) from their victims in exchange for a decryption key.
Ransomware attacks increased from 37 per cent in 2020 to 66 per cent in 2021, according to the 2022 Sophos State of Ransomware report. More than one-third of the 5,600 organisations polled in the study reported being the target of an attack with 54 per cent having their files encrypted.
Despite paying a ransom of $812,360 on average only 61 per cent of encrypted data was recovered. However, by 2021, more organisations had recovered their data following an encryption attack by having backups that were not visible to the attackers. This demonstrates that even in the case of ransomware, prevention is always preferable to cure.
A trend organisations need to be aware of is Shift Left Security, which encourages software development and IT operations (DevOps) teams to incorporate security into the development process as early as possible. DevOps teams must collaborate to identify threats before they occur and to build safeguards within digital environments, rather than dealing with them later on in the systems.
As businesses expand their digital footprint, they must consider the security of their IoT and Operational Technology (IoT/OT) environments. They must consider the security of both devices connected to each other via IoT and the hardware and software points that control and monitor the physical devices within their operational spaces. It goes without saying that the IoT/OT environments provide fertile ground for malicious actors to attack due to a large number of potential weak points.
For security-conscious organisations, the drive for better cybersecurity should begin with hiring the right people for the job. Unfortunately, organisations are rapidly expanding their digital real estate, which is increasing the demand for cybersecurity professionals and creating a skills gap. According to a Cybersecurity Ventures report, the number of unfilled cybersecurity jobs increased by 350 per cent over eight years, from 1 million in 2013 to 3.5 million in 2021.
With an ever-changing technological landscape, the skill requirements for cybersecurity professionals are also constantly changing. This, however, opens up a wide range of opportunities for cybersecurity professionals. Even professionals in other technical roles who can find ways to incorporate cybersecurity into their skill set will benefit from the field’s growth potential.
Once the right team is in place, organisations can begin to improve their cybersecurity by identifying and sealing loopholes, as well as rebuilding their security infrastructure to weave throughout their systems and applications. This not only prevents attackers from entering but also provides safeguards in the event that malicious actors manage to breach the external security features.
In summary, organisations cannot afford to bury their heads in the sand when it comes to best practices in cybersecurity, given their increasing reliance on digital tools for day-to-day operations. The potential risk to everything from operational safety to sensitive data is far too great. Therefore, when it comes to cybersecurity, organisations must, without a doubt, prioritise prevention over cure.
Sean Wesonga is a Senior Product Manager, Cloud Security Engineering at Microsoft.