One of the more positive things to emerge from the coronavirus pandemic is the widespread adoption and advancement of technology. Digitisation has allowed more people to embrace the flexibility of hybrid work and thrown businesses head-first into the digital age, permanently changing the way our society functions.
However, although we have made significant positive steps forward in our digital evolution, the implementation of remote working systems and the proliferation of internet-enabled devices presents unprecedented cyber security risks. The more connected we are by technology, the more critical functions rely on virtual networks. So, businesses have more to lose should they fall victim to increasingly prevalent cyber attacks.
As global economies attempt to bounce back from pandemic-related slumps, there has never been a more critical time to secure business systems against cyber crime. IT professionals are, therefore, urging organisations to secure networks and servers — particularly those that accommodate remote working — against the ever-present threat of a critical data breach.
Quantifying the risks of cyber crime
Last year, businesses, governments and individuals faced an assortment of cyber attacks as rapid digitisation drove up online-based criminal activity. The cost of cyber threats reached a cumulative total of an estimated $6 trillion in 2021, and recent research concluded that there were 50% more attacks on corporate networks compared to 2020.
Far from winding down at the end of the year, the notorious Log4j flaw caused a spike in attacks in December 2021. Dubbed ‘Log4Shell’ and given a severity rating of 10 out of 10 by the Apache Software Foundation, this open-source vulnerability saw hackers launch more than one million attacks on computers worldwide, driving home the ever-pressing need to refine cyber security processes in the wake of the pandemic.
From phishing attacks to ransomware scams, companies worldwide have been affected by cyber crime — even global corporations like JBS SA, which suffered a cyber attack at the end of May 2021. The meat processing giant was forced to pay an $11 million (£7.8 million) ransom to retrieve customer data and get networks back online. And it is not just the big companies that are at risk. In 2021, 43% of cyber attacks targeted small businesses, causing devastating financial and reputational damage.
Business is also increasingly facilitated by cloud-based technology thanks to modern development techniques and easily consumed code. This technology has led to increased demand for and widespread use of features like online shopping, cryptocurrency and the mainstream implementation of technology such as the internet of things and artificial intelligence.
As a result of such code being developed to enable business processes, hackers will continue to ramp up their efforts in 2022, targeting vulnerable systems via cloud services, mobile phones, phishing scams and more to cause further disruption to organisations and supply chains.
Pioneering a more resilient digital infrastructure
Much like the pandemic, it is better to take preventative action than risk a wide-scale crisis, the consequences of which can be devastating. So, as the threat of a breach continues to grow in 2022, governments and organisations must ensure they have the proper cyber security protections in place.
The cost of cyber criminal activity became the single largest economic disaster in history last year. And should the rate of growth in cyber crime continue at the current 15%, the cost of cyber crime could touch $10.5 trillion by 2025. Additionally, some global states are carrying out cyber operations to steal secrets and disrupt democratic processes, presenting one of the most prolific security threats facing our world to date.
Since the founding of the National Cyber Security Centre in 2016, the UK government has been working with industry experts to provide cyber security advice and support for the public and private sectors. A National Cyber Force was created to combat security threats in 2020, and in December 2021, the government announced a new national cyber security strategy for 2022.
One of the primary goals of this strategy is to implement a whole-of-society response to strengthen our national cyber power and security — an approach we encourage all business leaders to mirror within their organisations. Cyber security requirements are constantly evolving and changing, but improving a few key areas will ensure systems have robust cyber protection.
1. Support
No matter how advanced a business’ technology is, it must be accompanied by the necessary cyber security measures to keep systems functioning optimally and growing data volumes secure from a breach.
Underinvesting in cyber security will not only cause businesses to fall behind in the modern world but may also put undue strain on IT departments. So, to mitigate against cyber security talent shortages, IT teams must be supported with reasonable budgets and resources. Understanding the capabilities and maturity of security controls is becoming one of the most popular approaches to supporting and investing in improved security control.
2. Incentivise
Many cyber attacks and breaches are attributed to human error, with one report revealing that an alarming 97% of people could not distinguish between a legitimate email and a phishing attempt. Fortunately, simple cyber hygiene awareness training can prevent nearly 80% of cyber threats.
Encouraging employees to see cyber security as a collective responsibility with company-wide education and training will go a long way to minimising the risk of staff unconsciously inviting an attack — especially those delivering technology, which is more likely to present exploitable vulnerabilities.
3. Update
The majority of businesses now use technology to generate value and improve efficiency, causing leading technology giants such as Apple and Microsoft to become the most valuable companies in the world.
But to enjoy the advantages of digital transformation, businesses must ensure they are constantly updating their cyber protection in line with good practices and government regulations. By enlisting the help of a trusted provider to implement a comprehensive approach to security, companies can certify that all on-site and remote systems have adequate protection.
Burning Tree provides an uncompromising approach to cyber security. Contact our team of Hampshire-based information security consultants on 01252 843014 or email info@burningtree.co.uk to speak to a specialist about our security improvement services.
