2019 was not a quiet year in cybersecurity. In fact, Risk Based Security branded 2019 as “the worst year on record” in terms of breach activity. With the first nine months of the year resulting in 5,183 breaches and 7.9 billion exposed records (a 33% increase in total breaches compared to Q3 2018), this claim is certainly not unfounded.
We recently published an infographic on our website that gives a top-down overview of major cybersecurity activity in 2019. As the data suggests, cyber-attacks are becoming increasingly sophisticated and difficult to detect, and it’s becoming significantly more expensive and time-consuming for organizations to detect and repair the damage inflicted by a malicious actor.
Now that we’re a few weeks into 2020, what can we expect to see in terms of new and/or continued cyber threats? What should you be aware of in order to better protect your organization in the future? We asked our CTO/CDxO, Jeff Wilhelm, for his input on which cyber issues he expects to become increasingly prevalent in 2020. Here’s an overview of the some of the top trends in cybersecurity we identified as being the most impactful to your organization in the new year, as well as how you can respond to them.
(1) Evolution of Phishing Attacks
The Situation
Phishing is one of the most well-known and most discussed cybersecurity attack vectors, yet thousands of organizations still fall victim to malicious emails each year. According to Verizon’s 2019 Data Breach Investigations Report, in a study of 41,686 security incidents, 32% of breaches involved phishing. The unfortunate reality is that phishing emails are becoming more and more difficult to detect. Hackers are increasingly exploiting urgency and personalization in phishing attacks, coercing users into clicking links, providing confidential information, or performing some other action, such as purchasing gift cards, to benefit the cybercriminal. Phishing emails may leverage deceptive subject lines, domain spoofing, visually similar fonts and logos, shortened URLs or embedded links, and threats of business interruption to trick users.
What you Can Do
- Consider Employee Security Posture Training
Your employees are the first line of defense when it comes to security, since they are your company’s biggest attack vector. To keep your company secure, they must understand the mechanisms of spam, phishing, spear-phishing, malware, and social engineering and be able to apply this knowledge in their day-to-day jobs.
- Invest in Office 365 ATP & Microsoft Defender ATP
Office 365 Advanced Threat Protection safeguards your organization against malicious threats from email messages, links, and collaboration tools. Microsoft Defender ATP helps your organization prevent, detect, investigate, and respond to advanced threats with endpoint behavioral sensors, cloud security analytics, and threat intelligence. Both solutions will significantly improve your organization’s ability to detect and block a phishing threat before it can even get to an employee’s inbox.
Single Sign-On (SSO) and Multi-Factor Authentication (MFA), combined with conditional access, are two solutions you can implement to strengthen the security of your login process. SSO is a session and user authentication service that allows you to apply one set of credentials to access multiple applications, improving both security and convenience of the login process.
MFA requires two pieces of evidence from a user, such a password and an authenticator app code, when logging in to an application. By itself, MFA is a great way to provide an added layer of security but can become cumbersome to the user if the process necessitates a verification code upon every login attempt. That’s where Conditional Access comes in. Conditional Access leverages machine learning to build a risk profile about a user to determine whether it makes sense to prompt that user for MFA. For example – a user accessing an account on their work computer during typical business hours would very likely not be prompted with MFA. However, a user accessing their account with a new device in a remote location would be prompted to enter additional credentials to verify their identity. Conditional Access works in tandem with MFA to make the login process less intrusive to the end user without sacrificing security.
(2) Continued Growth of the Cybersecurity Skills Gap
The Situation
According to a report by the Center for Cyber Safety and Education, the global cybersecurity workforce needs to grow 145% to meet the demand for skilled cybersecurity talent. In the U.S. alone, the cybersecurity workforce gap is nearly 500,000, and it needs to grow by 62% in order to meet the demands of the current business market. What’s more – 51% of cybersecurity professionals say their organization is at moderate or extreme risk due to cybersecurity staff shortage. The key takeaway here: the volume of malicious cyber activity is growing disproportionately to the volume of talent available to defend against it.
What You Can Do
Due to the growing cybersecurity skills gap, hiring experienced personnel to manage your security stack can be a daunting task for even the largest of organizations. Consider partnering with an organization like Envision to manage and automate security solutions on behalf of your company. A holistic security and compliance approach delivered by an experienced third-party vendor not only provides peace-of-mind, but it also frees up resources on your end to focus on other business goals and objectives.
(3) Increased Migration to Cloud-Based Security Platforms
The Situation
By 2022, the cloud security market is expected to hit approximately $13 billion. Now more than ever before, organizations are turning to cloud-based security platforms due to their flexible, scalable, and cost-effective nature. However, moving to a cloud-based security platform isn’t without its drawbacks, particularly if you’re using cloud security as a “bolt-on” to your overall security strategy. Adopting a cloud-solution when your current security stack is already weak or flawed will only further complicate things for your IT team and muddle your vision for future security initiatives.
What You Can Do
If you do plan on adopting a cloud-based security platform in the near future, a word of advice: cloud security is only PART of your overall business security strategy, and it will only be beneficial if your organization is structurally prepared for such a change. As the Cloud Security Alliance states, “Without the right organizational mindset, governance and compliance, architecture, skilled manpower, understanding of service level agreements and the shared responsibility model, just to name a few, an enterprise is essentially not yet ready to take on anything cloud-based.” If you’re ready to get started with a cloud-security solution that integrates seamlessly with your current security architecture and vision, we can help.
Need Help Planning for 2020? We Can Help.
If last year is any predictor of what is to come, 2020 will be the busiest year yet for cybercriminals. Phishing attacks are becoming increasingly advanced and difficult to detect, the cyber skills gap will continue to grow, and the adoption of cloud-based security platforms is on the rise.
While the issues we discussed in this blog are top priorities for many organizations, they are just the tip of the cybersecurity iceberg. Did anything in this article make you stop and rethink your current cyber strategy? Is your organization prepared to handle both new and familiar threats? We want to help. Contact our security experts today to begin a conversation about your unique security needs and goals as you head into the new year.
Explore our cybersecurity services to find out how you can further protect your organization and its people.