Cyber Alert: What You Need To Know About Cybersecurity In 2019

Cyber-attacks are becoming more sophisticated and devastating. The unwelcome news for businesses in all industries is that the financial impact of cyber attacks and the subsequent costs of recovery, are continuing to increase. According to the Computer Crime and Intellectual Property section of the US Department of Justice, ransomware attacks alone have risen to approximately 4,000 attacks per day in 2016, targeting users of all types, from the home user to the corporate network.  This is a 300-percent increase from the approximately 1,000 attacks per day seen in 2015.

Endpoint security risk has become increasingly difficult to manage in 2018. To determine the cost and impact of evolving threats, the Ponemon Institute, surveyed 665 IT and security leaders. Their responses indicate today’s organizations are struggling to secure their endpoints and paying a steep cost for each successful attack — $5 million for a large organization or an average of $301 per employee.

 Cyber Attacks Are Evolving

We are in the midst of a significant shift in endpoint security. Faith in traditional solutions such as antivirus programs that rely on file scanning and signature matching has declined significantly in the face of new, fileless threats. The majority of organizations are replacing or augmenting these solutions with new security tools designed to stop fileless attacks, though many remain skeptical such attacks can be stopped at all.

Last year, over 40% of US businesses were compromised due to fileless attacks and exploits. Overwhelmingly, respondents cited that over-reliance on traditional endpoint security has left organizations exposed to significant risk. The Ponemon report findings also include:

• 54% of businesses were compromised in 2017.
• Fileless attacks are almost 10x more likely to succeed than file-based attacks.
• False positive rates for existing endpoint security solutions are nearing 50%.

To combat these threats, security must be given an increasingly louder voice in business. Organizations are starting to perceive the real impact of cybersecurity on business, with the results of the study showing that fears of the cost of an incident are forcing business leaders to give cybersecurity a larger portion of the IT budget (23%) and more attention in the boardroom than in previous years.

Protect Your Business

The impact of a cyber breach or attack can be huge: there is the time you could lose through having to fix your website or systems, the potential loss of customers, damage to your reputation and all the other potential consequences of a hacker getting their hands on your data or disrupting your infrastructure. The good news is protecting your business from hackers and viruses needn’t be a daunting challenge.

• A well-informed and involved CEO and board of directors strengthens a company’s security posture. Board of Directors and Executive Management need to understand and approach cybersecurity as an organization-wide risk management issue, not just an IT issue.
• Implement a security strategy which is aligned with the organization’s mission, strategy, goals and objectives.
• Educate your employees about online threats and how to protect your business’ data, including safe use of social networking sites.
• Compliance with privacy and security regulations is believed to improve the cybersecurity posture of organizations. The benefits of a strong cybersecurity posture include an increase in consumer trust and the ability to innovate and take risks that can lead to greater profitability.
• Develop a strong Security governance approach based on risk management which will result in an overall reduction of number, impact and time to remediate security incidents.
• You may be required by law to protect data you hold and process about your customers, suppliers and staff. Find out more about the NIST recommendations to get simple, practical advice on how to keep your customers, suppliers and employees’ personal information secure.

 Security Predictions

Some of the major cyber-attacks and security concerns will live on and have a major impact in coming years:

• Increase in Cyber Crime: Most organizations are simply not structured to defend against such attacks, which will succeed in penetrating defenses. According to the Ponemon Institute, the average total cost of a successful cyber-attack is over $5 million, or $301 per employee.
• GDPR: The compliance deadline has come and gone. The first GDPR cases are still in evaluation process and penalties are yet to arrive. So GDPR will continue to have a significant impact in years to come.
• IoT: Gartner predicts that nearly 20 billion IoT– connected devices will be online by 2020. Cyber risk management must be thoroughly intertwined with innovation while we accelerate IoT. As a growing amount of sensitive data is shared, the risk of exploitation increases exponentially.
• Password Attacks: Simple passwords continue to be the key tool for an attack. Unfortunately, password theft and password-based breaches will persist as a daily occurrence in 2019.

According to Gartner, the growing rate of cybercrime has skyrocketed information security (a subset of Cyber security) spending to more than $114 billion in 2018. However, this doesn’t even consider other categories, such as the Internet of Things (IoT), Industrial IoT, Industrial Control Systems (ICS) security, and automotive security. Global spending on cybersecurity services and products is predicted to surpass $1 trillion over the next five years, from 2017 to 2021, because the prediction that cybercrime damages will end up costing the world over $5 trillion annually by 2021, up from $3 trillion just a year ago. This represents the greatest shift of economic wealth in history and puts incentives for innovation and investment in jeopardy.