Phishing attacks increased by 510 percent from January to February 2020. 6 VMware security blog, “Amid COVID-19, global orgs see a 148% spike in ransomware attacks finance industry heavily targeted,” April 15, 2020. During the initial wave of COVID-19, from February 2020 to March 2020, the number of ransomware attacks in the world as a whole spiked by 148 percent, for example. Other types of disruptions often trigger a spike in these attacks. Ransomware as a service and cryptocurrencies have substantially reduced the cost of launching ransomware attacks, whose number has doubled each year since 2019. Other technologies and capabilities are making already known forms of attacks, such as ransomware and phishing, more prevalent. In 2020, leveraging advanced AI and machine-learning techniques to increase its effectiveness, it used an automated process to send out contextualized phishing emails that hijacked other email threats-some linked to COVID-19 communications. For example, Emotet, an advanced form of malware targeting banks, can change the nature of its attacks. Over the next several years, they will be able to expedite-from weeks to days or hours-the end-to-end attack life cycle, from reconnaissance through exploitation. Attackers use advanced tools, such as artificial intelligence, machine learning, and automation. complete with institutional hierarchies and R&D budgets. Today, cyberhacking is a multibillion-dollar enterprise, 5 “Cybersecurity: Hacking has become a $300 billion dollar industry,” InsureTrust. The stereotypical hacker working alone is no longer the main threat. Hackers are using AI, machine learning, and other technologies to launch increasingly sophisticated attacks 4 David Uberti, “Marriott reveals breach that exposed data of up to 5.2 million customers,” Wall Street Journal, March 31, 2020. Similarly, attackers in early 2020 used compromised employee credentials from a top hotel chain’s third-party application to access more than five million guest records. The Sunburst hack, in 2020, entailed malicious code spread to customers during regular software updates. Many recent high-profile attacks exploited this expanded data access. Companies are not only gathering more data but also centralizing them, storing them on the cloud, and granting access to an array of people and organizations, including third parties such as suppliers. To execute such business models, companies need new technology platforms, including data lakes that can aggregate information, such as the channel assets of vendors and partners, across environments. and for meeting the challenges of explosive data volumes. With the greater importance of the cloud, enterprises are increasingly responsible for storing, managing, and protecting these data 3 John Gantz, David Reinsel, and John Rydning, The digitization of the world: From edge to core, IDC, November 2018. In 2020, on average, every person on Earth created 1.7 megabytes of data each second. Organizations collect far more data about customers-everything from financial transactions to electricity consumption to social-media views-to understand and influence purchasing behavior and more effectively forecast demand. The marketplace for web-hosting services is expected to generate $183.18 billion by 2026. Mobile platforms, remote work, and other shifts increasingly hinge on high-speed access to ubiquitous and large data sets, exacerbating the likelihood of a breach. On-demand access to ubiquitous data and information platforms is growing Over the next three to five years, we expect three major cybersecurity trends that cross-cut multiple technologies to have the biggest implications for organizations. Three cybersecurity trends with large-scale implicationsĬompanies can address and mitigate the disruptions of the future only by taking a more proactive, forward-looking stance-starting today. Adopt a formal program of record to continually review your cyberstrategy, technologies, and processes against shifts in cybersecurity trends. Challenge your cyberstrategy to refresh the road map with emerging capabilities and approaches.Validate cybercontrols-especially emerging ones-technically to ensure your readiness for evolving threats and technologies.We see leading organizations adopting a three-step process: It requires ongoing vigilance and a structured approach to ensure that organizations proactively scan the environment and adjust their cyber stance accordingly. Proactively mitigating cybersecurity threats and evaluating over-the-horizon cybersecurity capabilities is not a one-time process.
0 Comments
Leave a Reply. |