Cybercrime and cyber-criminals haven’t been deterred by the pandemic, and nor should we from focusing on our cybersecurity strategies. As COVID-19 infection rates soared across the globe, so did cyber-attacks. The number of breached records have increased by 224% annually since 2017-2021 and the average cost of a data breach is $3.86m.
Infosecurity Europe is the meeting place for the industry’s finest minds. Delivering expertise and knowledge from the world’s most celebrated cybersecurity experts, connecting practitioners with suppliers to find true solutions, and bringing together industry peers to network, share and ultimately, grow stronger and more resilient together.
Even though we attended Infosecurity 2021 virtually this year, we still picked up many interesting insights listening to on stage discussions and keynote speeches. The stakes have never been higher, but neither has the drive and determination to defend. The cybersecurity industry’s collective resolve to build resilience and strengthen security posture is admirable, but the plight continues.
What we picked up:
- New threats & Solutions that come along with the impact of remote work
It’s no surprise that COVID-19 and the ensuing transition to remote labour had a significant impact on the cybersecurity field. For many, it meant impromptu cloud migrations and hurried IT product and service acquisition to accommodate a new remote landscape. Many businesses sped through standard security precautions, or sometimes skipped them entirely, in order to keep operations running.
Not only that, but post-pandemic, the world of remote labour isn’t going anywhere. Organisations will need to review their current security infrastructures for areas of weakness that were overlooked during the abrupt move to remote work and begin planning a long-term remote security strategy.
What we learnt: If your firm made a quick change to a remote workforce, you must identify the areas of vulnerability that exposed your company to attacks.
- As usual there is continued use of AI
AI and machine learning are becoming more sophisticated and capable, and businesses will continue to refine them as part of their security infrastructure in 2021. AI is increasingly being utilised to create automated security systems that substitute human intervention, allowing for far faster analysis of enormous amounts of risk data. This is advantageous for both large firms dealing with vast amounts of data and small and mid-sized businesses with under-resourced security teams.
While AI presents a significant opportunity for businesses to improve their threat detection, the innovation and greater application of this technology has both positive and negative implications. Criminal networks are using AI to automate their attacks, and they’re using strategies like data poisoning and model theft to do so. Organisations who experienced a data breach but had AI technology fully installed saved an average of $3.58 million in 2020, indicating that they would be unwise to ignore the opportunity AI brings.
What we learnt: Implement AI-powered security technologies in your organisation if you haven’t already done so to streamline threat detection efforts and perhaps save millions in the event of a data breach.
- The increased need for CSO’s
While the need for stronger security systems is broadly understood across a wide range of industries, just 11% of businesses say they are confident in handling or responding to a cyber incident. Security risk management is still in its infancy, so while this data isn’t particularly shocking, it should be a priority for businesses in 2021. A shortage of resources is becoming an increasingly typical stumbling block.
Due to the baseline for what is deemed appropriate risk management is disconnected among departments, the separation between security and business undermines the effectiveness of cybersecurity measures. To address this, Chief Security Officers will need to become more attentive in identifying risks in the context of business priorities and explaining why they matter to executives.
What we learnt: CSOs should make it a priority to bring together company executives and security activities and goals.
- The need for real-time data visibility is critical
While many CEOs are managing cybersecurity risks for certain areas of their businesses, their efforts are hampered by a lack of a holistic view of the company’s technology ecosystem. Many executives don’t have a thorough inventory of their IT assets or a list of all third-party suppliers and cloud applications that their organisation uses. Since risk assessment programmes are generally dependent on inventories that lack a complete and accurate image of the threat landscape, this results in weakened risk assessment programmes.
To fight this, implementing security automation and real-time data visibility within organisations is critical to fully controlling data security. The only way to avoid data loss is to know where your data is at all times, and for 2021 and beyond, it means knowing it minute by minute.
What we learnt: To build a more robust security infrastructure and full awareness of every possible danger, organisations must implement real-time user activity monitoring with the support of cloud-native solutions.
Many of the cybersecurity trends we’ve seen in recent years at Infosecurity have been accelerated by the pandemic, and enterprises should take these concerns seriously, based on what we’ve seen so far. One of the most important things firms can do in 2021 is to be proactive. Organisations that accept the notion that security is no longer an optional investment will be better able to deal with the current cybersecurity threats.
If you require further assistance feel free to reach out to our team for more information on this article. To sign up for a free trial of Salt Communications or to talk to a member of the Salt team, please contact us on info@saltcommunications.com.
About Salt Communications
Salt Communications is a multi-award winning cyber security company providing a fully enterprise-managed software solution giving absolute privacy in mobile communications. It is easy to deploy and uses multi-layered encryption techniques to meet the highest of security standards. Salt Communications offers ‘Peace of Mind’ for Organisations who value their privacy, by giving them complete control and secure communications, to protect their trusted relationships and stay safe. Salt is headquartered in Belfast, N. Ireland, for more information visit Salt Communications.