It isn’t every day that the topics beloved to IT departments make it into the news, but more and more, cybersecurity breaches are making headlines.
But it shouldn’t come as a surprise when you review the current state of the industry: Cybercrime has increased by 600% since the start of the Covid-19 pandemic; the total cost of all cybercrime damages in 2021 is approximately $6 trillion worldwide; and the State of Phish Annual Report states that 65% of organizations were victims of phishing in 2020.
And if that wasn’t enough to encourage you to reevaluate your current cybersecurity strategy, the World Economic Forum reports that internet traffic will increase by about 50% this year, resulting in an increase in the number and frequency of cyberattacks.
When it comes to protecting an organization from cyberattacks, IT and Business Technology teams act as the first line of defense, and industry leaders have taken note of the growing threat. In the 2021 State of Business Technology report, nearly half of the respondents said that they have increased their investment in their cybersecurity efforts following the start of Covid-19.
The overwhelming shift to remote and hybrid work forced a large portion of the workforce online, and the proliferation of SaaS applications to support this new kind of work has introduced a whole new set of cybersecurity concerns. As more information moves onto the cloud and a dispersed workforce clocks in from WiFi networks across the world, it’s essential that companies protect themselves. Now more than ever, organizations are looking for innovative ways to avoid malicious cybersecurity attacks.
Here are three ways that IT teams are evolving to stay on top of cybersecurity threats:
A shift from using data analytics to leveraging A.I.
For around the last five years, organizations have leaned on data analytics to better understand and pinpoint cybersecurity threats. While this approach can effectively fight attacks, there are huge challenges when it comes to working with data sets this size and complexity.
After querying sets as large as 30,000 data points or more, the cybersecurity team then has to triage potential threats and make a decision about where to put their focus. Only after this analysis period can the team inform the organization about where they need to invest their time and start mitigating attacks. The process of collecting data and making decisions can be quite cumbersome and time-consuming, not to mention subjective when humans are trying to quickly assess risk in high-pressure scenarios.
But now, as cyberattacks are becoming more invasive and are harder to detect, A.I. could be a game-changing lever to pull. When it comes to detecting cyber-attacks, “machine learning increases the effectiveness up to 80% to 92%” notes Chuck Everette, Director of Cybersecurity Advocacy at Deep Instinct. According to Everette, time isn’t on your side when battling a cyberattack. While cybersecurity systems can take up to 10 minutes to detect a threat, it may only take 3 seconds for a hacker to get into your system. This is where A.I. can be incredibly powerful: “You have to prevent the infection and damage it can inflict before it takes root, executes, and spreads,” says Everette.
Implementing A.I. and machine learning into the organization’s cybersecurity infrastructure can help to detect threats and respond quickly to attacks. A.I. self-learns the longer it is a part of the infrastructure and can collect data and analyze it independently rather than waiting on cybersecurity teams to look at the data themselves and make a decision.
Once exploring possible threats, A.I. can understand and prioritize which threats are on high alert and need immediate attention and which ones are lower priority. In addition, A.I. can automate tasks such as running assessments and malware analysis, saving employees time to focus on tasks that are not manual and require attention from personnel.
Companies are becoming more aware of the benefits of incorporating A.I. into their cybersecurity initiatives, and the numbers certainly support the claim that the market is growing rapidly. Pillsbury, a global consulting firm, conducted a study last fall that found that there will be a 24% increase in cybersecurity-related AI spending through 2027, valuing the total market at $46 billion.
Cybersecurity playing a critical role in partnership decisions
Cybersecurity isn’t only changing how companies operate internally but also has a huge influence on decisions being made externally. Gartner recently found that a whopping 60% of companies, when deciding to partner with another company, view the potential cybersecurity risk as the number one aspect to consider before any other factor. That’s right—cybersecurity even took precedence over the projected revenue or potential value of said partnership.
Will partnering with this company add risk to our security status? What is their security infrastructure? Does that company view cybersecurity as a top priority? These are the questions that are top of mind for organizations looking for external partnerships.
Not only are companies focused on keeping a tight grip on internal security for their own benefit, but new government regulations also play a large role in ensuring top security practices are met. Laws like the Californian Consumer Privacy Act (CCPA), General Data Protection Regulation (GDPR), and The Chinese Personal Information Protection Law have shifted the conversation around an air-tight cybersecurity infrastructure from something that is “nice-to-have” to a critical component of business partnership.
While regulations old and new hold company practices to a certain standard, the negative impacts of a security breach can go beyond legal action or partnership opportunities. A major cybersecurity scandal may not only impact the public perception of a brand but can also dock the overall valuation of a company.
Yahoo’s infamous 2013 data breach is a great example of this and is considered to be one of the largest data breaches on the internet ever. At the time, Yahoo was one of the most popular platforms for both email and search. Approximately 3 billion user accounts were compromised when hackers deployed manufactured web cookies—which gave them the ability to falsify login credentials—in order to gain access to all accounts without requiring a password. At the time, none of the passwords and security questions had been encrypted, making it easy for hackers to gain access. Extremely sensitive personal information was stolen, including email addresses, passwords, telephone numbers, and birth dates.
While Yahoo managed to keep the breach a secret for a number of years, the information came out to the public in 2016 when a potential new partnership opportunity came up with Verizon. The telecoms company had set its eyes on Yahoo and was looking to acquire them.
When the news came out during partnership negotiations, Verizon saw it as an opportunity to leverage the situation and acquire Yahoo at a much lower cost: $350 million less than the company’s valuation. This public devaluation of Yahoo resulted in Marissa Mayer, CEO at the time, to step down. The breach also highlighted the less-than-ideal security system that Yahoo had in place, which shocked many since Yahoo was seen as one of the leading technology companies at the time.
Taking a “Zero Trust” approach to cybersecurity policies
According to The Identity Theft Center, data breaches have increased by 38% since 2021, costing $4.24 million and forcing 78% of companies to reevaluate their cybersecurity practices.
With cyberattacks on the rise, a Zero Trust model is becoming the norm to add another layer of security to organization-wide online ecosystems. The ideology behind a Zero Trust model is to trust no one—not the CEO, not a new intern, and not the Head of IT.
A couple of major changes may happen for employees when an organization adopts this model. For one, everyone entering a corporate network must verify using multi-factor authentication every time they log on. The Zero Trust model ensures that people logging onto the network are actually employees and requires another device, such as an employee’s phone, be used to verify their identity. Another change that can make a large difference is implementing more granular levels of access to applications, documents, and data.
This concept focuses on the premise that internal breaches are not to be overlooked. Although IT has historically focused on external violations, internal breaches have been on the rise for the last couple of years. The Ponemon Institute found in their 2022 Cost of Insider Threats Global Report that “insider threat incidents have risen 44% over the past two years, with costs per incident up more than a third to $15.38 million.”
The Zero Trust Model addresses this issue by scanning for all violations external and internal, going back to the principle of trusting no one, no matter who they are.
With the rise of hybrid work and cloud-based applications, cybersecurity has become a central focus for IT. Implementing a robust cybersecurity strategy using a Zero Trust model and A.I. is key for a company’s brand and partnerships, and can help keep information safe.