In recent months, the traditionally opaque world of cybersecurity has come under a lot of focus. From the Colonial Pipeline attack to the break-in at meat processing company JBS, 2021 seemed like the year cybercriminals would finally break into the mainstream. And they keep getting faster.
A particularly worrying part of this uptick is the apparent increase in “zero-day” (or 0-day) attacks. This is a malicious type of cybersecurity attack where hackers exploit security weaknesses that the company, network operator or developer is unaware of or has not yet fixed. A few months ago, Google’s Threat Analysis Group published a blog post 1 noting the rise of zero-day attacks. Their research found that in the first half of 2021 there were “33 0-day exploits used in attacks that were publicly disclosed that year”. That’s 11 more than the 2020 total.
Challenges for companies are increasing
According to the 2021 Data Breach Investigation Report, organizations face numerous cybersecurity challenges. For example, the report finds that phishing and ransomware attacks have increased by 11 percent and 6 percent, respectively, with misrepresentation cases up 15-fold compared to last year 2.
While this data paints an alarming picture, it only tells part of the story. Data breach disclosure is more transparent than ever, and the media has become increasingly attuned to the regularity and newsworthiness of major security breaches. The statistics show that the number of data breaches is increasing. But we also have to acknowledge that we hear from them much more often than we used to.
This means that the increase in cyber attacks will be of particular concern to cyber security professionals. Over the past year, we have seen criminals become increasingly proactive, not only trying to exploit vulnerabilities and blackmail companies, but also to spread their ransomware services and monetize their expertise. Cybercrime has become “democratized” and increasingly accessible to the masses. The fact that malicious actors are increasingly able to access vulnerabilities that have not yet been fixed by developers or programmers is a cause for concern.
Please confirm your email address!
Click on the link in the email we just sent you. Also check your spam folder and whitelist us.
More information about the newsletter.
So what’s the solution?
First, organizations would do well to take a proactive approach to identifying and remediating vulnerabilities. Teams that stay reactive will always lose out, and it’s this disconnect between real-time issues and “too little too late” fixes that cybercriminals rely on. Every large organization should have a dedicated team of cybersecurity professionals focused on detecting, fixing, and patching issues.
Second, prepare, prepare and prepare some more. We all know that the ability to respond effectively to an attack depends primarily on the processes and systems in place. During a crisis, the combined effect of reputational pressures and (possibly) financial risk will cloud the judgment of everyone involved. Businesses can protect themselves by preparing well before the crisis hits.
It’s not just a question of the right technique. Sales teams, PR department and legal team should be clear about their respective roles and responsibilities in the event of a security breach. It is important to identify critical infrastructure, have an up-to-date response plan, and execute it. Crisis scenarios that take effect in the event of a cyber security breakthrough should be played out regularly with all those involved.
Managers should get involved. From talent acquisition to IT spending and modernization, it’s imperative that leaders understand the scale of their mission so they can provide appropriate support. When executives make budgetary decisions, they must ensure safety comes first, not last.