Cybersecurity threats today are more rampant than ever before. And the scale has escalated to heights they’ve never reached before. Last week, the New York Times reported the following on the current cyberwar attacks between Israel and Iran:
“Iranians couldn’t buy gas. Israelis found their intimate dating details posted online. The Iran-Israel shadow war is now hitting ordinary citizens.”
On an organisational scale, US-based PurpleSec recently reported that cybercrime was up about 600% due to the coronavirus pandemic. Compromised credentials seem to be the root cause with customer personal data accounting for almost 44% of all data exposed during security breaches.
Research from the Ponemon Institute and IBM reported the average cost of a data breach in 2021 was about $4.24 million per incident, the highest value recorded in 17 years. Several factors have contributed to this, including (i) the rapid shift to remote operations during the pandemic leading to the average data breach becoming $1 million more expensive on average; (ii) surging costs of healthcare breaches to about $9.23 million per incident; and (iii) compromised credentials, the most prominent cause of data breaches, providing leverage for future breaches.
Concurrently, the adoption of encryption, security analytics and Artificial Intelligence ranked as the top three mitigating factors to these threats; saving companies an average $1.4 million per data breach compared to those who did not employ said tools. US-based tech magazine GovTech further reported that “for cloud-based data breaches studied, organizations that had implemented a hybrid cloud approach had lower data breach costs ($3.61 million) than those who had a primarily public cloud ($4.8 million) or primarily private cloud approach ($4.55 million).” According to Gartner, “by 2024, organizations adopting a cybersecurity mesh architecture will reduce the financial impact of security incidents by an average of 90%.”
Threats to Security
Organisational cybersecurity threats have been growing at a rather steady rate over the past decade, but have only now started to truly boom. Here are certain key threats that organisations are possibly set to face in the coming year:
- Supply chain attacks: TechRepublic reports that “cyberattacks no longer just impact the targeted organization but often have a ripple effect that harms partners, providers, customers and others along the supply chain.” With data breaches and malware infections becoming more common, however, governments are expected to improve regulations to protect vulnerable networks better.
- Phishing attacks: The top three types of data compromised in a phishing attack include credentials, personal data, and medical information, with estimates from US-based RiskIQ placing the global cost of an average breach at about $17,700 a minute. Incidentally, Verizon reported that organizations see about a 5% drop in stock prices in the six months following a phishing breach.
- The weaponization of Deepfakes: According to US-Israeli software firm Check Point, “cybercriminals will increasingly use them to steal money, manipulate stock prices and sway the opinions of people via social media. As one example from 2020, attackers used technology to impersonate the voice of a director of a Hong Kong bank to trick a bank manager into transferring $35 million into their account.”
- The role of cryptocurrency in cyber-attacks: Check Point writes, “after seeing reports of stolen crypto wallets triggered by free airdropped NFTs, Check Point Research (CPR) investigated OpenSea, the world’s largest NFT marketplace. The investigation led to the discovery of critical security vulnerabilities on OpenSea’s platform that, if exploited, could have led hackers to hijack user accounts and steal entire crypto wallets of users, by sending malicious NFTs.”
Mobile malware attacks set to rise: Amidst the global rise of mobile wallets and payment services, cyber criminals are increasingly turning to mobile malware as an attack vector. In fact, research has even found that in 2021, almost half the organizations interviewed found at least one employee who had fallen victim to a malware app download.
Read more of our blogs
- Climate change action unlocks new business
- Why are old conglomerates breaking up?
- 2022 Data Science Trends