By TP Sharafudheen, Director Strategy, Interdev Group
We have reached the digital-first business world, academic processes, healthcare systems, banking affairs, civil governance in many day to day transactions. More exposed means more vulnerable to being hacked. In this context, digital and cybersecurity is critical and one of the most important subjects.
Cybersecurity issues are becoming a day-to-day struggle for businesses and individuals. Recent trends and cybersecurity statistics reveal a huge increase in hacked and breached data from sources that are increasingly common in the workplace, like mobile and IoT devices. Recent security research suggests that most companies have unprotected data and poor cybersecurity practices in place, making them vulnerable to data loss
It’s imperative that companies make cybersecurity awareness, prevention and security practices a part of their culture. As per the studies conducted in the year 2016, 95% of breached records came from only three industries; government, retail, and technology.
The reason isn’t necessarily because those industries are less diligent in their protection of customer records. They’re just very popular targets because of the high level of personal information in their records.
There are many reports published by different trustworthy agencies. All this information will help us understand the scary nature of this vulnerable sensitivity of the cyber world. Here are some reports which will give us a deeper insight.
3.43% of cyber-attacks target small businesses. 64% of companies have experienced web-based attacks. 62% experienced phishing & social engineering attacks. 59% of companies experienced malicious code and botnets and 51% experienced denial of service attacks. The global average cost of a data breach is $3.9 million across SMBs.
For most businesses this sum is crippling – not only monetarily but in reputation. For public companies, the cost is much greater since more is at stake. On average a data breach at a publicly-traded company would cost $116 million. Since COVID-19, the US FBI reported a 300% increase in reported cybercrimes.
As if a pandemic wasn’t scary enough, hackers leveraged the opportunity to attack vulnerable networks as office work moved to personal homes. Due to the COVID-19 outbreak, an uptick in sophisticated phishing email schemes by cybercriminals has emerged. Malicious actors are posing as the Center for Disease Control and Prevention (CDC) or the World Health Organization (WHO) representatives.
As reported coronavirus phishing email scam these emails are designed to deceive and trick recipients into taking an action such as clicking a malicious link or opening an attachment with a virus. Learn what steps you can take to help prevent phishing attacks.
Organizations need to make a fundamental change in their approach to cybersecurity and reprioritize budgets to align with this newly defined reality of our modern society. It has been predicted that approximately $6 trillion is expected will be spent globally on cybersecurity by 2021.
It has already created a high demand for cybersecurity professionals in the market. Unfilled cybersecurity jobs worldwide will reach over 4 million by 2021. More than 500,000 cybersecurity jobs in the U.S. are unfilled, and postings are up 74% over the past five years.
These professionals’ primary job is to support the internal human resources in terms of protecting data because studies show that 95% of cybersecurity breaches are due to human error. Cyber-criminals and hackers will infiltrate your company through your weakest link, which is rare in the IT department.
Cybersecurity policies are important because cyberattacks and data breaches are potentially costly. At the same time, employees are often the weak links in an organization’s security. Employees share passwords, click on malicious URLs and attachments, use unapproved cloud applications, and neglect to encrypt sensitive files. Grand Theft Data, a McAfee report on data exfiltration, found that people inside organizations caused 43% of data loss, one-half of which was accidental. Improved cybersecurity policies can help employees and consultants better understand how to maintain the security of data and applications.
According to Gartner, The worldwide information security market is forecast to reach $170.4 billion in 2022. The increasing amount of large-scale, well-publicized breaches suggests that not only the number of security breaches are going up — they’re increasing in severity as well. Data breaches expose sensitive information that often leaves exposed users at risk for identity theft, ruin companies’ reputations and leaves the company liable for compliance violations.
As per the research done at the University of Maryland, hackers attack every 39 seconds, on average 2,244 times a day.
It’s crucial to have a grasp of the general landscape of metrics surrounding cybersecurity issues, including what the most common types of attacks are and where they come from. Some of these most common attacks include phishing, whaling, social engineering, Distributed Denial of Service (DDoS) attacks, malware, and ransomware.
Malware, or malicious software, is any piece of software that is written with the intent of harming data, devices, or people. Types of malware include computer viruses, trojans, spyware, ransomware, adware, worms, file-less malware, or hybrid attacks. Recent malware attacks have become more sophisticated with the advent of machine learning and targeted spear-phishing emails. 92% of malware is delivered by email. Mobile malware on the rise with the number of new malware variants for mobile increased by 54% in 2018. Third-party app stores host 99.9% of discovered mobile malware.
Ransomware is a form of malicious software that threatens you with harm, usually by denying your access to your data. Ransomware attacks are often deployed via social engineering tactics. Once a user falls victim to the attack, their data is encrypted. The attacker then demands a ransom from the victim, with the promise to restore access to the data upon payment. Ransomware attacks worldwide rose by 350% in 2018. Ransomware attacks are estimated to cost $6 trillion annually by 2021.
Crypto-jacking is the unauthorized use of someone else’s computer to mine cryptocurrency. Hackers do this by getting the victim to click on a malicious link in an email that loads crypto mining code on the computer, or by infecting a website with JavaScript code that executes once loaded in the victim’s browser. 25% of businesses are estimated to have been victims of crypto-jacking. Cryptojacking activity surged to its peak in December 2017, when more than 8 million crypto-jacking events were blocked by Symantec. 25% of the WordPress plugins among Alexa’s most popular sites are flagged with critical vulnerabilities that could allow mining botnets in.
Social engineering in cybersecurity is the psychological manipulation of people into performing actions or divulging confidential information. Candidates for a social engineering attack can range from a corporate executive to an elementary school student. Even the most seasoned IT professional can be victimized by this type of attack. 98% of cyber-attacks rely on social engineering. 43% of the IT professionals said they had been targeted by social engineering schemes in the last year.
New employees are the most susceptible to socially engineered attacks, with 60% of IT professionals citing recent hires at high risk. 21% of current or former employees use social engineering to gain a financial advantage, for revenge, out of curiosity or for fun. Social engineering attempts spiked more than 500% from the first to the second quarter of 2018.
Phishing is a type of cyber-attack where threat actors randomly send emails to a broad audience in an attempt to trick people into providing sensitive information such as account credentials or sensitive information. 56% of IT decision-makers say targeted phishing attacks are their top security threat. 83% of global infosec respondents experienced phishing attacks in 2018, Business email compromise (BEC) scams cost organizations $676 million in 2017. CEO fraud is now a $12 billion scam. 30% of phishing messages get opened by targeted users and 12% of those users click on the malicious attachment or link.
With new threats emerging every day, the risk of not securing files is more dangerous than ever, especially for companies. More severe consequences are being enforced as stricter legislation passes in regions across the world.
Cybersecurity is an important issue for both IT departments and C-level executives. However, security should be a concern for each employee in an organization, not only IT professionals and top managers. One effective way to educate employees on the importance of security is a cybersecurity policy that explains each person’s responsibilities for protecting IT systems and data. A cybersecurity policy sets the standards of behavior for activities such as the encryption of email attachments and restrictions on the use of social media.
Some stand-outs from recent years include the European Union’s 2018 General Data Protection Regulation (GDPR) and California’s 2020 California Consumer Privacy Act (CCPA). Companies need to take note of lessons from the GDPR, as more iterations are expected to pass across the globe in the coming years.
When it comes to cybersecurity, not all industries are created equal. Industries that store valuable information like healthcare and finance are usually bigger targets for hackers who want to steal Social Security numbers, medical records and other personal data. But really, no one is safe because lower-risk industries are also targeted due to the perception that they’ll have fewer security measures in place.
Average expenditures on cybercrime are increasing dramatically, and costs associated with these crimes can be crippling to companies who have not made cybersecurity part of their regular budget. Cybersecurity budgeting has been increasing steadily as more executives and decision-makers are realizing the value and importance of cybersecurity investments.
Gartner report says by 2020, security services are expected to account for 50% of cybersecurity budgets. 50% of large enterprises (with over 10,000 employees) are spending $1 million or more annually on security, with 43% spending $250,000 to $999,999, and just 7% spending under $250,000. (Cisco)
As well explained in Ponemon Institute’s 2017 Cost of Data Breach Study, the United States and the Middle East spend the most on post-data breach response. Costs in the U.S. were $1.56 million and $1.43 million in the Middle East.
The emerging need for SECURITY OPERATIONS CENTER to safeguard the cybersecurity:
Nowadays companies need thorough monitoring of the digital system when we are exposed more to the cyber environment. Security analytics can help an IT department make sense of the volumes of data flowing in and out of its network and to quickly detect potential threats. By providing real-time intelligence and a historical record of past threats, a security analytics application can protect an organization from a potentially costly data breach or cyberattack. The safety of an organization’s data and IT systems increasingly depends on having an effective security analytics solution. For large enterprises, a dedicated security operation center is the most important need to protect the organization in all the ways
Typical SOC infrastructure includes firewalls, IPS/IDS, breach detection solutions, probes, and a security information and event management (SIEM) system. Technology should be in place to collect data via data flows, telemetry, packet capture, Syslog, and other methods so that data activity can be correlated and analyzed by SOC staff. The security operations center also monitors networks and endpoints for vulnerabilities to protect sensitive data and comply with industry or government regulations.
Security operations centers monitor and analyze activity on networks, servers, endpoints, databases, applications, websites, and other systems, looking for anomalous activity that could be indicative of a security incident or compromise. The SOC is responsible for ensuring that potential security incidents are correctly identified, analyzed, defended, investigated, and reported.
The SOC team’s goal is to detect, analyze, and respond to cybersecurity incidents using a combination of technology solutions and a strong set of processes. Security operations centers are typically staffed with security analysts and engineers as well as managers who oversee security operations. SOC staff works closely with organizational incident response teams to ensure security issues are addressed quickly upon discovery.