How cybersecurity trends from 2019 to 2020 will continue hurt your business and your customers
Gemalto has an ongoing breach tracker, the Breach Level Index. It is a useful tool to bookmark. It keeps a running record of data breaches, showing which industries are most at risk and even gives you a risk calculator to check your own company risk level. At the time of writing, there were around 6.3 million data records stolen each and every day.
The cybercrime wave that hit our data security as the internet became ubiquitous, has now turned into a tsunami. To keep on top of this onslaught we need to know what we are dealing with.
Each year, the industry creates a series of reports which look at various aspects of the cybersecurity landscape and how it impacts data. Data such as personal data, sensitive company information and Intellectual Property (IP) including source code, come under the watch of the industry reports.
This article will look at a number of these reports and the type of trends they are finding. Having insight like this can help us to create better threat detection and prevention strategies.
Cybersecurity Industry Findings – What Happened in 2018?
To gather rounded intelligence on the cybersecurity threat landscape we have looked at a number of respected reports. These reports are built up over the year to give a feel for what has happened and what is likely to happen in the coming 12-months. The reports are in-depth and detailed. They represent the views of organizations across all industry sectors and company size. Below, we have crystallized some of the most important findings from each.
Symantec Internet Security Report 2019
The data for the report is generated from Symantec’s Global Intelligence Network which is the largest network of its kind in the world.
The main findings from the report are:
In 2017, crypto-jacking was big news. It is based on a malware type known as a ‘bot’ which uses the computer it infects to mine cryptocurrency. The slowdown of cryptocurrency in 2018 saw a similar slowdown of this malware type. This is a perfect demonstration of cybercriminals adjusting their focus in line with the market.
Cloud apps and Cloud repositories were targets in 2018. Misconfiguration and vulnerabilities in both hardware and software meant that data, including source code, stored in a Cloud repository was at great risk of being leaked.
IoT devices are being increasingly targeted by hackers according to the report. Device inherent insecurities acting as a weak point to allow entry to the larger infrastructure. Once in, data, including IP is stolen.
Ransomware is still an issue, but attacks are now focused more on the enterprise and away from individuals.
Big data points from the report:
- Crypto-jacking – down 52%
- Enterprise ransomware – up 12%
- Mobile ransomware – up 33%
- Supply chain attacks – up 78%
EY global info security survey
EY interviewed 1400 CIOs, CISOs, and other executives across the globe to find out what cybersecurity issues they faced in 2018.
The main findings from the report are:
Awareness of security issues is an issue for 77% of respondents. There was a distinct lack of resilience and understanding of the widespread nature of cybersecurity threats. EY stated that companies need to focus on the basics and “…identify the key data and intellectual property (the “crown jewels”)”
The areas that the EY report focused on were:
Governance – making cybersecurity a firm part of a company budget.
Information value – the top most valuable assets that were targeted by cybercriminals. This included Intellectual Property, customer data, and strategic plans.
Cyber-threats – the biggest threats to the enterprise. The top ten included phishing cyberattacks targeting IP and insider threats.
Protection of assets – it was noted that the most increasing risk factors were careless staff and outdated security controls.
Big data points from the report:
- Companies who don’t have a data protection strategy – 55%
- Organizations who see phishing as biggest risk – 22%
- Increased risk around careless employees – 34%
Verizon’s Data Breach Investigations Report (DBIR) is one of the most respected security reports in the world. It is based on the analysis of 41,686 security incidents
The main findings from the report are:
The rise of social media as an attack vector was noted in the report. The use of human vectors was up by 20% along with social media up by 18%.
The report identified Distributed Denial of Service (DDoS) attacks as a key threat but didn’t note any significant association between a DDoS attack and a data breach.
Where data loss is concerned, phishing and the exposure of privileged login credentials are the root cause of many hacking events. With the main focus of hacking being on web applications.
Command and Control (C2) and ransomware are the two most common malware types. C2 malware being used to exfiltrate data in a stealthy way, often over long lengths of time. Email is the typical way that malware infections originate.
Big data points from the report:
- Small businesses breached – 43%
- Number of breaches involving hacking – 52%
- Breaches perpetrated by outsiders – 69%
- Breaches that involved insiders – 34%
Ponemon Institute Cost of Cybercrime 2019
To build a picture of the cybercrime landscape in 2018, Ponemon interviewed 2,600 senior security professionals across 355 organizations. The report looks at the evolving cybercrime landscape, the techniques used to attack organizations and the impact of cyber-attacks in terms of the financial cost.
The main findings from the report are:
The key findings of the report show that digital transformation and new technologies are opening up new channels of attack. Data fraud and data theft are the top two risks for businesses across the globe.
The report highlighted that the human being is still the weakest link in the cyber-threat chain. This is exacerbated by the increasing use of remote workers, contractors, and the extended supply chain.
Every type of malware has a high cost associated with it and this cost is increasing.
Information loss is still the biggest consequence of a cyber-attack and it these costs that are increasing, year on year, since 2015.
Big data points from the report:
- The top three industries in terms of costs incurred from cybercrime – Banking, Utilities, and Software
- The cumulative cost of cybercrime in the next 5-years – $5.2 trillion
- Malware costs, on average – $2.6 million
- Insider threats cost, on average – $1.6 million
Thales 2019 Data Threat Report
The Thales report uses the information gleaned from 1,200 executives within an IT and data security or security influence role. The data represents a wide-range of company size, from 500-10,000 employees. The focus of this report is on the risk to data as our organizations digitally transform.
The main findings from the report are:
Data security threats are not discriminating – they affect every organization.
The cybersecurity landscape is complex and a layered approach to data protection is seen as being needed. However, this is, in itself, complicated to implement. Enterprises need the right tools to help them protect their data against cyber-threats. This may mean placing budget across key areas.
Threat vectors are moving to external threats, but insiders are still a key consideration.
Complex data environments are the main factor behind security vulnerabilities. Multiple Cloud platforms and Infrastructure as a service (IaaS) are making the securing of data assets difficult.
Ultimately because of complex corporate infrastructures, a multi-layered approach to security is needed to manage data security.
Big data points from the report:
- Number of organizations who have experienced a breach – 60%
- Companies extremely vulnerable to a data security threat – 86%
- Technologies that are planned to resolve issues include – file, database, and cloud encryption; privileged access management; data access monitoring and DLP
What Things May Come: Cybersecurity in 2019 and 2020
One thing that is true across all of the reports is that cybersecurity threats are not going away. In fact, time and again, threats either morph into an even more dangerous attack type or increase in prevalence. Where does this leave the company trying to minimize the impact of cyber-threats and protect its data?
The Thales report was interesting as it looked at the day to day issues facing companies who are trying to keep on top of these threats. Budget, for every company, is an issue. Even with those who spend more than 10% of their IT budget on security are suffering. As organization infrastructure becomes more complex and multiple Cloud platforms are implemented, companies are finding that their budget focus has to be optimized. Using a multi-layered approach to securing data assets seems to be the conclusion across the reports; there is no one-size-fits-all to securing data.
What is true, is that the types of threats enterprises are up against are from both internal and external sources – sometimes both colluding. This is within an environment of increasing digital transformation. Precious data and Intellectual property like source code, has never been at a greater threat.
Ultimately, an organization has to focus funds and resources on certain key areas to ensure data is protected across the extended network of the modern enterprise.
One key area that is highlighted in the reports is the human element. Human beings are our weakest link. Social engineering is the cybercriminal’s weapon of choice to enter the organization and carry malware infections. But simple carelessness is also a way that data leaks out of an organization.
Help at Hand: How A Socio-Technical Approach Can Stem the Tide of Data Loss
There is a movement afoot. Reports like the ones we have highlighted here are coming together to show that data leakage, including source code leaks, is a socio-technical problem. We are all under budgetary constraints, so where best to focus funding is an important consideration. To stem the flow of Intellectual Property and data we need to place emphasis on certain known key areas.
Two areas stand out as such. The first is the application of social measures, including security awareness training. This should be augmented with a “trust but verify” approach. This is part of a Zero Trust model of security and can utilize behavioral monitoring. Adding in technological methodologies such as data leak prevention (DLP), is mandated by many of the reports. Together, this socio-technological approach to cybersecurity will help us to win this war of attrition and prevent the loss of our most precious of assets, our, data, Intellectual Property, and source code.
Share: