The saying “Prevention is better than cure” is more critical in cyber security
Organizations are confronted with the increasingly difficult task of safeguarding their expanded digital estate against rising cyber threats. Previously, organizations implemented security processes based on the physical network boundary, which was limited to their official premises. Following the outbreak of the Covid-19 pandemic, organizations adopted remote work strategies, which increased their digital real estate and exposed them beyond the boundaries of their physical networks.
Attackers now have a larger surface on which to deploy actions that jeopardize the processes and techniques involved in safeguarding sensitive resources such as data, systems, networks, applications, and even Internet of Things (IoT) environments.
Ransomware, a type of malware that infects files and folders and prevents them from being accessed, is one of the most rapidly growing types of attacks on this newly exposed digital real estate. The attackers will frequently demand a ransom (hence the name) from their victims in exchange for a decryption key.
Ransomware attacks increased from 37% in 2020 to 66% in 2021, according to the 2022 Sophos State of Ransomware report. More than one-third of the 5,600 organizations polled in the study reported being the target of an attack, with 54% having their files encrypted.
Despite paying a ransom of USD 812,360 on average, only 61% of encrypted data was recovered. However, by 2021, more organizations had recovered their data following an encryption attack by having backups that were not visible to the attackers. This demonstrates that, even in the case of ransomware, prevention is always preferable to cure.
Another trend that organizations should be aware of is Shift Left Security, which encourages software development and IT operations (DevOps) teams to incorporate security into the development process as early as possible. DevOps teams must collaborate to identify threats before they occur and to build safeguards within digital environments, rather than dealing with them later on the systems.
As businesses expand their digital footprint, they must consider the security of their Internet of Things and Operational Technology (IoT/OT) environments. They must consider the security of both the devices connected to each other via IoT and the hardware and software points that control and monitor the physical devices within their operational spaces. It goes without saying that the IoT/OT environments provide fertile ground for malicious actors to attack due to the large number of potential weak points.
For security-conscious organizations, the drive for better cyber security should begin with hiring the right people for the job. Unfortunately, organizations are rapidly expanding their digital real estate, which is increasing demand for cyber security professionals and creating a skills gap. According to a Cybersecurity Venture report, the number of unfilled cyber security jobs increased by 350% over eight years, from 1 million in 2013 to 3.5 million in 2021.
With an ever-changing technological landscape, the skill requirements for cyber security professionals are also constantly changing. This, however, opens up a wide range of opportunities for cybersecurity professionals. Even professionals in other technical roles who can find ways to incorporate cyber security into their skill set will benefit from the field’s growth potential.
Once the right team is in place, organizations can begin to improve their cyber security by identifying and sealing loopholes, as well as rebuilding their security infrastructure to weave throughout their systems and applications. This not only prevents attackers from entering, but also provides safeguards in the event that malicious actors manage to breach the external security features.
In summary, organizations cannot afford to bury their heads in the sand when it comes to best practices in cyber security, given their increasing reliance on digital tools for day-to-day operations. The potential risk to everything from operational safety to sensitive data is far too great. Therefore, when it comes to cyber security, organizations must, without a doubt, prioritize prevention over cure.
This article was written by Sean Wesonga, Senior Product Manager, Cloud Security Engineering at Microsoft.