FeatureThose intent on infiltrating computer systems to access, delete, exfiltrate or immediately extort sensitive data constantly evolve their approach to counteract measures being taken to block them. Inevitably this means those tasked with protecting computer systems and data also have to evolve their strategies.
While we see security breaches appear in the news with alarming frequency, what hits the headlines is just a small proportion of the true picture. Large, household name organisations are understandably reluctant to admit to gaps in their security setup, while smaller and medium sized organisations, even if they do go public, are less likely to make headline news.
Ransomware continues to be a powerful and potentially devastating type of cyberattack.
With successful attack numbers likely to be much greater than we know, what have we learned about security in 2021, what should organisations be looking out for, and what should Chief Information Officers CIOs and Chief Information Security Officers CISOs consider as they think about bolstering cybersecurity defences in 2022?
Ransomware continues to be a powerful and potentially devastating type of cyberattack. In particular, Ransomware as a Service, RaaS has seen continued evolution during 2021. This phenomenon, whereby bad actors develop software and make it available to non-technical cybercriminals, has opened up more opportunity for targeting smaller and medium sized organisations.
Ransomware as a Service, RaaS has seen continued evolution during 2021
The logic is clear. A bespoke attack on a large organisation can yield multimillion dollar payouts but needs technically astute execution. A generalised attack on smaller organisations via RaaS may have smaller individual yield, but a greater overall yield.
However, in its Sophos 2022 Threat Report the cybersecurity firms says that the release of some materials relating to RaaS has helped them to identify tactics, techniques and procedures that might indicate an attack in progress, helping them to thwart attacks.
Distributed workforce means protecting a corporate network as a walled garden is no longer appropriate
RaaS will continue to be a significant threat in 2022. For CIOs and CISOs the challenge is not just ensuring their defences are strong and able to cope with evolving ransomware strategies, but they have a suitable set of recovery plans in place to deal with issues when they arise, which they inevitably will.
The last two years have seen many organisations learn that they can work well with a distributed workforce, and this has become the norm for a significant number. A distributed workforce means that protecting a corporate network as a walled garden is no longer appropriate.
With some businesses getting over 200,000 threats per year it is impossible for humans alone to manage this
Today endpoint security is vital. That means not just securing a device, whether that’s a tablet, smartphone or laptop, but also being aware of how people are using these devices. Devices bring new threats into corporate networks and put your corporate data at risk.
With some businesses getting over 200k cyberattack threats per year it is impossible for humans alone to manage this. While not providing any sort of blocking facility for incursions, AI can be used to identify potentially suspicious activity, can trigger automatic blocking, and can alert the IT and security personnel that judge whether the activity is accidental, malicious or allowable mitigating the threat risk.
CIOs and CISOs have an increasing need to be aware of the potential of AI in their cybersecurity armoury. 2022 could be a challenging year for CIOs and CISOs. The strategies they put in place now will stand them in good stead as the year progresses.
While not providing any sort of blocking facility, AI can be used to identify suspicious activity, trigger automatic blocking, and alert security personnel.
