The pandemic accelerated the digitalization of companies to levels that no one would have imagined. Organizations are increasingly adopting cloud solutions, applications, and experiences to support a more dynamic workforce with growing needs that has grown accustomed to hybrid and remote work models.
This same dynamic has generated new and increasingly sophisticated threats: today cybersecurity is the number one risk faced by all companies.
For example, ransomware attacks are up 150% in 2021, 579 password attacks are carried out every second, and nation-state attacks are also on the rise.
In addition to significant business interruptions, these attacks also result in devastating economic damage. The cost of cybercrime reached $6.9 billion, according to the FBI’s IC3 2021 report.
5 steps to cyber resilience
Microsoft Security conducted a survey of more than 500 security professionals to understand emerging security trends and the top concerns among security leaders (CISOs). Chief Information Security Officer).
This is how CISOs are addressing the increasingly sophisticated cyber threat landscape.
- Embrace vulnerability as a fact of hybrid work
61% of security leaders say the cloud is the digital function most susceptible to attack, and two in three say working hybrid has made their organization less secure.
Network and cloud vulnerabilities are the number one security concern for security leaders today, surpassing even the perennial threat of malware. Roughly half (45%) cite email and collaboration tools, the tools of remote work, as their most vulnerable digital feature.
What can security leaders do in the face of this threat? Since the main vulnerabilities in the cloud are administrator errors, such as misconfiguration and inconsistent application of security policies, Microsoft research suggests that it’s a good idea to have specialists working on cloud security and who understand cloud systems inside and out (even if they don’t have the traditional knowledge).
- Limit how far ransomware attackers can go
Ransomware is ramping up just as corporate networks proliferate in the cloud multiverse. Nearly one in five security leaders report being the victim of a ransomware attack in the past year, and roughly one ransomware ranks third among their top security concerns.
The financial cost is only part of the story. Approximately half (48%) of ransomware attack victims report that the attacks caused significant operational downtime, sensitive data exposure, and reputational damage. Furthermore, on average, organizations that paid the ransom recovered only 65% of their data, with 29% recovering no more than half.
What can security leaders do? Adopt Zero Trust principles. Ransomware attacks boil down to three main entry vectors: Remote Desktop Protocol (RDP) brute force, vulnerable Internet-facing systems, and phishing. Organizations can limit the scope of damage by forcing attackers to work harder to gain access to multiple business-critical systems.
What is Zero Trust? Instead of assuming that everything behind the corporate firewall is secure, the Zero Trust model assumes there are breaches and checks each request as if it originated from an open network. Regardless of the origin of the request or the resources it accesses, Zero Trust teaches us to “always trust and always check”.
In this way, each access request goes through a complete authentication, authorization and encryption process before access is granted. Micro-segmentation and least privilege access principles are applied to minimize lateral movement. Sophisticated analytics and intelligence are used to detect and respond to anomalies in real time.
- Elevate cybersecurity to a strategic business function
Knowledge is power in today’s security threat landscape. More than half of security leaders surveyed feel vulnerable to a significant cyberattack. Those who feel most vulnerable are also the most mature in their security posture.
Nearly all (98%) of the respondents who felt extremely vulnerable to an attack were implementing Zero Trust and assuming breach and optimizing resiliency rather than protection. It is this resilient security posture that elevates security from a protection service to a strategic business enabler.
- Recognize that you may already have what you need to manage growing threats
Mature security organizations are realistic about the threats inherent in today’s increasingly complex digital environments, and optimistic about their ability to manage future challenges.
Two years from now, security leaders anticipate that even the most vulnerable aspects of their current digital environment will become less of a burden. For example, while nearly 60% of leaders see networking as a vulnerability today, only 40% see this problem as persisting two years from now. Concern for all other functions drops similarly at the two-year perspective.
What can security leaders do? Ensure the comprehensive implementation of security tools. Prioritize a strong Zero Trust strategy and ensure comprehensive implementation to act as the foundation of your security model and guide future investments and projects.
- Implement Security Fundamentals
With staff and budgets shrinking, it’s more important than ever for security leaders to manage risk and set the right priorities. Many leaders say strengthening their cyber hygiene to prevent common lines of attack, especially through their growing digital footprint, is their top priority.
Almost all cyber attacks could be thwarted by enabling multi-factor authentication (MFA), enforcing least privilege access, updating software, installing anti-malware, and protecting data. However, low adoption of strong identity authentication persists.
What can security leaders do? Start with identity. Having strong identity protections, whether it’s MFA, no password, or other defenses like conditional access policies, minimize the opportunity and make it that much harder to raise the attack bar. Find more information about identity here.
Towards cyber resilience
The current moment is one of transition. As organizations have increased their reliance on workplace flexibility and accelerated their digital transformation in recent years, they have been exposed to new and more serious attacks.
To achieve resiliency against attacks, organizations must practice good cyber hygiene, implement architectures that support the principles of ZeroTrust and incorporate cyber risk management into the business.
We invite you to participate in the Microsoft Cybersecurity tabletop exercise on-demand session to experience from the inside a hypothetical cybersecurity incident that affects an e-commerce company. Sign up here.