Top
Home / Cyber Security
Cyber Security

Cyber security awareness month – the rising costs of cyber crime

By

In collaboration with Touchdown PR

Alarmingly, the financial impact of cyber crime is expected to surpass $10.5 trillion annually by 2025. This is a wake-up call for organisations, with the need for cyber security vigilance only increasing in urgency. However, sub-par security protocols are still an issue; it is all too easy to become complacent with security due to over-reliance on outdated and routine measures.

The UK government’s recent Cyber security breach survey 2024 report revealed that half of UK businesses have experienced some sort of cyber security breach or attack in the past 12 months. In order to tackle this, Martin Simpson, Principal at Node4 Security Practice, believes that every business, irrespective of size or sector, should apply a certain mindset about cyber security needs in order to ensure robust protection and true resilience.

He notes that “business leaders must take a step back to be truly effective when implementing a cyber security strategy. Rather than getting bogged down or intimidated by the plethora of cyber security technology options that are out there, start with a business-led assessment of the organisation’s risk and resilience profile. Identifying these key focus areas can help guide, frame and understand their cyber security needs.”

Implementing a multi-layered approach

Organisations are facing growing threats in terms of both volume and sophistication. It is, therefore, essential that strategies to navigate these effectively are found. Rani Osnat, SVP of Strategy at Aqua Security, recommends that organisations build a layered security approach; “They should deploy automated scanning tools that can uncover known vulnerabilities early in the development lifecycle as well as implementing strong runtime protection. A risk-based approach for remediation can then allow them to tackle the vulnerabilities that present the greatest risk by considering factors such as reachability and available exploits.”

He continues: “By staying informed of emerging trends and tackling these challenges head on, businesses can better protect themselves in an ever more rapidly evolving cyber security landscape. Investing in robust cyber security is no longer optional – it’s necessary for business survival”.

Cyber security awareness month - the rising costs of cyber crime

Nick Palmer, Solutions Engineer at Censys, denotes that “businesses need to take cyber security seriously, and make sure they have a clear view of their digital assets. Internet exposed assets are the number one attack vector for cyber attackers, yet 43% of assets on an attack surface are unknown to organisations. They should therefore invest in attack surface management tools, which can detect, identify and prioritise risks across their entire digital footprint. These offer businesses full visibility over their attack surface and thus enables them to take action to protect themselves.”

Don’t forget the fundamentals

The basic principles of cyber security can sometimes be overlooked, however they may not be enough to be solely relied upon anymore. “Traditionally, backups have been used to enable recovery, but as the capabilities of cybercriminals have grown, this method has begun to fall short” says Darren Thomson, Field CTO EMEAI at Commvault.

He continues: “A clean environment to recover into is essential. The cloud enables virtual environments to be created that are guaranteed to be malware-free so that clean datasets can be restored and tested with confidence. Such environments can be spun up and down to allow for regular testing whilst keeping costs low so that, in the most critical circumstances, rapid, frictionless, and reliable recovery is ensured.”

The Marketing Team at LTO recognise the complexities of securing data storage in today’s IT environments. They state that “data storage is just as susceptible to cyber threats as the rest of the IT environment – unless you make a protected copy of your valuable data that is accessible only to authorised personnel. Organisations should prioritise data resilience by maintaining one copy of their critical data stored offline and offsite”.

Leveraging automation

Cyber security can often feel like an uphill battle, with a disconnect occurring between different solutions. Ashok Kumar, Head of Engineering at Cyware, believes that automation is the answer, stating that “by combining intelligent automation with curated threat Intelligence, we see enablement of security teams to transform the way they identify, analyse and respond to cyberthreats, eliminating the need for manual data assimilation and reducing false positives. Automating threat intelligence not only allows users to understand their security risks with more clarity but also contributes to an ecosystem where information is shared with professional IT and security teams – internally and externally – more quickly.”

It’s not only important for security protocols to protect organisations in the current threat landscape, but they also need to ensure protection for the future. This requires a dynamic approach while still honouring the fundamental principles of cyber security. Terry Storrar, Managing Director at Leaseweb UK, emphasises how simply having a large number of security tools is not enough, as “these measures must be well-integrated to close any gaps in cloud security architectures. Moreover, IT and security teams should leverage automation to identify and track potential misuse of sensitive data, further strengthening their cloud environments in an increasingly dispersed working world.”

Importance of staff support

It is not all about the threats and technologies – the importance of the employees implementing cyber security measures must not be overlooked. Matt Hillary, CISO at Drata, stresses how “the mental health of our security teams often takes a back seat. However, the statistics reveal a pervasive and serious issue that demands our immediate attention. According to a report from Tines, 66% of cyber security practitioners surveyed say they experience significant levels of stress at work, and 64% say that their mental health affects their ability to do their job.”

He recommends addressing this problem by “acknowledging the problem, creating a supportive environment, and providing tools and space to manage stress, they can make a significant difference in the well-being of their team members. The benefits extend beyond the individual – mentally healthy teams are more engaged, productive, and effective, leading to better outcomes for the entire organisation and the industry as a whole.”

AI on the Attack

With the developments in AI technology becoming increasingly sophisticated, AI is proving worryingly transformative for threat actors. Alex Rice, CTO and Co-Founder at Hacker One, explores the integration of AI into cyber threats. He states that “malicious actors have begun developing custom AI bots designed to impersonate trusted individuals with alarming accuracy. These AI deepfakes can mimic writing styles, speech patterns, and even emotional cues, essentially creating a skeleton key that bypasses traditional security measures built on interpersonal trust.”

He concludes: “This level of sophistication makes it incredibly challenging for even the most vigilant individuals to distinguish between genuine communication and AI-driven social engineering attempts” Rice continues, and “as a result, organisations and individuals must adopt a new mindset of constant verification and implement multi-factor authentication systems that go beyond traditional trust-based security protocols.”

Tags: , ,
0

RELATED POSTS

Cyber Security

By Glenn Akester, Technology & Innovation Director – Networks & Security at Node4 The technology and cyber landscape is becoming increasingly complex, but despite calls from across the industry to take action and be more proactive when it comes to

Cyber Security, News

Adopting the provisions of the EU’s Digital Operational Resilience Act (DORA) has inspired negligible additional confidence in supply chain cybersecurity among senior cybersecurity professionals, research by consultancy Green Raven Limited indicates. UK financial entities engaging in cross-border operations with the EU must

Cyber Security, Tech

Calling all technology professionals, CISOs, CEOs, IT Directors, and cybersecurity experts—Zero Trust World (ZTW) is set for February 19-21, 2025, in Orlando, Florida. This is the must-attend, hands-on, three-day learning event that will reshape the future of cybersecurity.  Zero Trust World

4i magazine was founded with the vision of enabling our readers to make sense of the modern world. Our mission is to provide our audience with the most important, cutting-edge tech news and insights. Today's media landscape features too much information and not enough knowledge. Our coverage aims to fix that, by focusing the spotlight on developing trends, up-and-coming talents, and news that's worth your attention.

info@4imag.com
jobs@4imag.com

© Copyright 4i Mag 2022 All Rights Reserved