Cybersecurity: The Need for Perpetual Awareness & Action
Security used to be an inconvenience sometimes, but now it’s a necessity all the time.
― Martina Navratilova, American tennis player
Cybersecurity is much more than a matter of IT.
― Stephane Nappo, VP & Global CISO, Groupe SEB
Nearly every aspect of our work and life is ― and will continue to be ― affected by cyber threats. Hacks, data breaches, and cyberattacks on businesses and critical infrastructure are more prevalent and harsher than ever ― and they are on the rise. They affect everyone and everything; not only big businesses and governments but also small businesses, employees, customers, individuals, and anything that is connected to the Internet. Cyberattacks now stretch across every major sector, including health, manufacturing, logistics, utilities, education, and even places of worship.
But despite several significant real-life security incidents and advances in security technological solutions, many stakeholders lack even the awareness of security threats and risks ― let alone appropriate action to address them. Cybersecurity is a broad field encompassing technologies, systems, strategies, and people and aims to protect data and information systems from cyberattacks.
To draw attention to cybersecurity risks — and action around it — October is commemorated as “Cybersecurity Awareness Month.” This year’s theme is “See Yourself in Cyber.” Now in its 19th year, the event is designed to educate people — employees, users, business executives, IT professionals, and even school children — about cyber threats and their potential consequences, as well as to emphasize the need to be cyber smart always by adopting appropriate security measures proactively.
To create better cybersecurity awareness, this Advisor series examines the evolving cybersecurity landscape. Here in Part I we explore why cybersecurity remains a perpetual concern and challenge and what we can do about it.
Cybersecurity: A Perennial Concern & Challenge
Increased remote work and online activity from the pandemic, a rise in geopolitical tensions, greater use of cloud and the Internet of Things, an increase in network-connected devices facilitated by 5G and Wi-Fi, and advances in networking have made our cyber systems increasingly vulnerable to damaging cyberattacks. Cyber adversaries are mounting different types of cyberattacks, including new sophisticated targeted attacks that deter detection on individuals, organizations, governments, and critical infrastructure. In the past two years, we witnessed a staggering rise in security threats.
There is plenty of information on the Web about these existing cyber threats. A report by Splunk lists over 50 top security threats and briefly outlines for each threat what we need to know, how the attack happens, and where the attack comes from. In another publication, I addressed key threats facing digital system assets, attack vectors, and threat agents. An interactive map available from the World Economic Forum details various cybersecurity issues and considerations.
Going forward, we must also address potential new security threats in the metaverse, Web3, autonomous vehicles, driverless cars, farm equipment, and space-borne assets. The cyberattack surface will be an order of magnitude greater in the future than it is today.
The cyber-threat landscape is becoming increasingly sophisticated and lethal. Further, as discussed later, it is now easier to generate cyberattacks even by amateur hackers. There will be a significant increase in cyberattacks. A recent Forbes article presents alarming security statistics that cause deep concern:
Most hackers need five hours or less to break into enterprise environments.
Forty percent of ethical hackers said they can break into most environments they test.
There were over 1 million phishing attacks in the second quarter of this year with about 27% related to the financial sector.
More than 80% of organizations experienced a cloud-related security incident last year.
Sixty-four percent of businesses suspect they’ve been targeted or impacted by nation-state attacks, and most of them believe geopolitics and cybersecurity are intrinsically linked.
Most industrial control systems designed more than 20 years ago and built without cyber resilience face more cyber risks than IT.
The economic, business, and societal impact of cyberattacks is huge. If it were measured as a country, cybercrime — estimated to have inflicted damages totaling US $6 trillion globally in 2021 — would be the world’s third-largest economy after those of the US and China. Cybercrime costs are expected to reach $10.5 trillion annually by 2025, which will be more than the global trade of all major illegal drugs combined.
Given these scenarios and the growing complexity of the interconnected and interlinked future digital world and the ease with which cyber actors can attack any system, cybersecurity will remain a perpetual concern and poses major challenges that we need to address satisfactorily by being proactive — not just reactive.
Perpetual Awareness Is Needed
To satisfactorily address the threats in a constantly changing security threat landscape, security professionals, business executives, and users must be continually aware of evolving threats and potential countermeasures. Perpetual cybersecurity awareness is crucial for everyone.
Based on their motives, activities, and other factors, threat actors are classified as:
Malicious and negligent insiders — users, privileged users, and service providers or contractors
Corporations that try to obtain competitive knowledge from competitors
Cyber fighters or cyber terrorists
Nowadays, attackers are not just amateurs; they are professionals with a high degree of expertise and skill. They are also innovative in advancing threats and use sophisticated tools for launching attacks. Regrettably, ransomware gangs operate like legitimate businesses that encompass personnel, services and subcontractors advertising, escrow services, and even customer support. In a recent article, cyber intelligence provider Cybersixgill explores the structure of typical ransomware gangs and offers advice on how to prevent yourself and your organization from becoming one of their victims.
Though insider threats (e.g., attacks by disgruntled employees) could be significant and impactful, they are not viewed as seriously as external threats. But when companies had an insider threat, in general, they were much more costly than external incidents since the smart insider has the skills to hide the crime for months, years, or sometimes forever.
Another worrying trend is the increasing number of threat actors and cyber adversaries, ranging from amateur hackers and professional hacktivists to cybercriminals and state-sponsored actors, who are escalating alliances. These adversaries are widely disseminating insights and critical knowledge and collaborating to generate and benefit from coordinated, sophisticated cyberattacks. The greatest security challenge is not technological solutions; it is almost always people. Humans remain the weakest link in ensuring security, and hackers exploit this weakness.
Part II of this series continues this conversation by looking at what we can do to address these threats.