Navigating the threat landscape in 2024
The cybersecurity landscape has undergone significant transformations in recent years, characterised by an increase in demand for robust global threat intelligence. The combination of geopolitical and economic factors has fostered a complex and unpredictable environment for businesses and consumers alike.
Due to the development of technology, the threat landscape has entered a new era of cybersecurity threats, with cybercriminals leveraging sophisticated methods to exploit vulnerabilities and gain unauthorised access to sensitive information. The rise of AI-powered malware, phishing scams, and social engineering attacks have become increasingly prevalent, posing a significant risk to organisations and individuals alike.
According to Trellix’s 2024 Threat Predictions, insider threats have emerged as one of the growing security concerns. Encompassing any individual who has or has had access to critical organisational assets, including facilities, information, networks, and systems, insider threats can impact both public and private organisations worldwide. The report states that based on recent industry analysis, insider threats have increased by 47% over the last two years, incurring a total loss of US$15.38m for the containment of these incidents.
The key components of a successful cybersecurity strategy
Although there is not a one-size-fits-all approach to assessing the effectiveness of a cybersecurity strategy, it goes without saying that organisations should regularly engage in proactive tabletop exercises and postmortems following incidents to drive continuous process improvement. Bob Lamendola, Senior Vice President of Technology and Head of Ricoh North America Digital Services Center, says: “When building a successful cybersecurity strategy, it is important to approach the program as a holistic business investment and strategy instead of a single project.
“Monitoring and early detection are the most important practices to ensure success. It is safe to assume that cyber threats can and will happen to your organisation. If you are aware, and then able to react and respond to a possible exposure, your business is already in a better position to handle these attacks.”
Staying informed of the ever-changing cyber threat landscape is a crucial element of any cybersecurity strategy. Meg Anderson, VP - CISO of Principal Financial Group, explains: “A successful cybersecurity strategy starts with understanding what needs to be protected for the businesses and typically takes a multifaceted approach. The strategy should be threat-informed in order to use resources optimally and to allow the focus to be on managing key risks, including emerging risks.”
Keeping up to date with threat protection technologies
With most attacks stemming from employees ranging from an unattended laptop, a disabled capability, or a denied patch, it is important for organisations to empower their employees to help actively fight cyberattacks.
As a significant number of cyberattacks originate from employee actions, therefore organisations should actively engage their workforce in cybersecurity efforts to increase their defences against these threats. “Organisations should provide proper security training that is easy to comprehend to ensure employees understand their role in protecting company assets,” highlights Lamendola.
“It seems simple, but people tend to forget about the need to update old devices. It is imperative to replace office equipment as soon as it becomes outdated and to have a plan in place so that office equipment can be refreshed.
“Additionally, when looking at integrating new solutions, it is important to look at security and vulnerability from the entire workflow. Implementing secure access service edge (SASE) technology, which allows users to access devices from a secure connection, allows for maximum data protection and continuity across business functions.”
Overcoming the challenges of new strategy implementation
Adopting new cybersecurity measures can pose several challenges for businesses, including employee reluctance to adapt, limited resources, and the requirement for smooth integration with existing infrastructure. “To address these challenges, we prioritise clear communication and education to foster a culture of security awareness and make employees our partners in the process,” says Anderson.
“We also work across the enterprise to ensure alignment with business objectives and secure the necessary resources. Additionally, we stage implementations to minimise disruptions, and we regularly assess and fine-tune our strategies and prioritise ongoing training, to ensure ongoing security across our business.”
Another challenge that many enterprises face is the hybrid working environment. “Hybrid and remote work are now a cornerstone for many businesses,” explains Lamendola, “and each brings a new set of challenges to ensuring a workplace remains secure. When you have people in your company working in places that are not physically in the office, this already creates risk. Couple this with a lack of education and awareness amongst employees, and you are potentially opening yourself up to further risk of an attack.”
In order to combat this, companies need to focus on education and awareness, however, many may encounter the challenge of getting employees on board with cybersecurity efforts. “It’s one thing to adopt a new strategy,” says Lamendola, “but encouraging your employees to truly play their part in embracing your strategy can be a whole other hill to climb. Consistent and mandated employee security awareness training is critical for businesses.”
Industry trends of the future
As the accessibility of information increases alongside the risk of its misuse, the need for robust cybersecurity safeguards and practices becomes increasingly crucial in the context of 2024 and beyond. Lamendola considers two of the most significant and upcoming cybersecurity trends will be the broad adoption of artificial intelligence (AI) as a tool to improve detection and proactive ransomware defence to ensure a comprehensive strategy to protect data.
“The use of AI in cybersecurity enables unexpected behaviour to be discovered quicker through the automated aggregation and dynamic evaluation of multiple sources of security data,” says Lamendola. “AI-driven security insights and AI-automated remediation will improve the efficiency of security specialists at a level of reliability, speed and scale that exceeds current capabilities.
“Proactive ransomware defence will become the most critical strategy for all organisations, particularly with the continued expansion into hybrid cloud operating models. Effective and audited infrastructure management strategies that are aligned with an active employee awareness and training program can often be the key elements in protecting data from being vulnerable to ransomware attacks.”
As well as these two trends, Lamendola also thinks that there will be a broad adoption of zero-trust architectures. “While often out of reach for many organisations, shifts in technology have enabled zero trust practices such as identity verification, micro-segmentation, continuous monitoring, and least privilege access to be more affordably available. The integration of these solutions into a holistic capability that is available ‘as a service’ allows companies of all sizes to adopt zero-trust frameworks.”
******
Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024
******
Cyber Magazine is a BizClik brand