Cyber Security Crisis: An Origin Story
The 2020s are quickly being defined as a decade of globalism driven by digital connectivity, technological innovation and the questioning of socioeconomic norms that have persisted since the early 20th century. If the 1970s gave rise to the “me” generation, the 2020s can only be described as the “now” generation. Information at unprecedented scale is available at our fingertips – anywhere, anytime, in nearly any format. This has changed the expectations of the average consumer and the military-industrial complex alike. We communicate online, we work online, we wage war online.
In this new digitally connected age, data has become the world’s most valuable resource. Data means power. Those that hold it have the edge. This applies to individuals, businesses and governments alike. With data at such a premium, it’s no wonder a market for data theft has flourished – after all, it’s human nature. For every good deed, a bad deed lays in wait.
The hacker represents the modern day boogie man – lurking out in the digital ether, unseen…but we know he’s there. It’s a delicate balance, especially at the corporate level. Companies play digital defense because they possess the data, whether it be financial, legal, personal or otherwise. Hackers innovate, finding new ways into corporate networks, devices and applications. This continuum has in turn created the cyber security market, where vendors strive to make a quick buck by plugging the latest hole in corporate infrastructure. But it’s been a losing battle thus far because security solutions that come to market are reactionary to problems their customers are already facing. The black hats have the element of surprise, and companies typically don’t know what hit them until it’s too late.
This new digital dystopia is here to stay. And while it might make you want to shield your eyes like an episode of Black Mirror, the outlook for data protection and cyber security is not as bleak as it may seem. The first step to resolution (or general improvement), is to acknowledge that a cyber security crisis exists, and to identify our current challenges and shortcomings in order to pave a path forward.
Today, corporate networks are expanding and evolving in true Darwinistic fashion thanks to architectural advancements, new networking protocol standards, device proliferation, hybrid work policies…you could write a dissertation on this topic alone. The point is: the corporate network now extends to wherever authorized devices can connect to gain access to company resources.
More, More, More: Exacerbating the Cyber Security Crisis
All of this proprietary, confidential or merely sensitive data being accessed across these parts of the network is no longer safe behind your castle walls. The physical headquarters still exists, but it’s basically just a “fat” branch like any other satellite office or employee working from home.
This complexity has driven cyber risks and costs to dangerous new heights. The number of significant cyberattacks globally is increasing and includes devastating ransomware attacks that are breaching even the most secure networks. But are we really surprised? Cyber defense (and offense) is the national security priority for every developed country on Earth. We’ll never know the global investment made into clandestine black hat innovation for the sole purpose of destabilizing the digital footprints of nations perceived to be threats. We may not want to. Ignorance here really can be bliss.
The Bad News
There were on average 270 attacks per company over the year, a 31% increase over 2020. Third-party risk continues to dominate: successful breaches to the organization through the supply chain have increased from 44% to 61%. (Accenture)
As they’ve adopted these new extortion approaches, ransomware gangs have become greedier. The average ransom demand was $5.3 million. That’s up 518% from the 2020 average of $847,000. (Palo Alto)
32% of organizations say security is not part of the cloud discussion from the outset and they’re trying to catch up. Reasons preventing take-up of the cloud revolve around security issues: about one-third of all respondents say poor governance and compliance is a problem, that cloud security is too complex and that they do not have the internal skills to structure a proper cloud security framework. (Accenture)
The Good News
82% of IT executives say their budgets have increased in the last year. IT security budgets are now up to 15% of all IT spending, 5 percentage points higher than reported in 2020. (Accenture)
49% of IT executives said their top security priority is the protection of sensitive data. (IDG)
The global median dwell time – the duration between the start of a security intrusion and when it’s identified – has dropped to below a month for the first time, standing at 24 days in 2021. That means incidents are being identified twice as quickly as they were year-over-year. (ZDNet)
About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。