WORRYING NUMBERS, WORRYING TRENDS

According to the 2023 Canadian Cybersecurity Study, businesses are under increasing pressure from cybercriminals as both the frequency and sophistication of attacks continue to escalate. Around 40% of respondents said they had faced more than 250 security-related attacks or threats throughout 2022. Just as concerning, approximately 10% of all cyberattacks over the same period were successful.

Compared to the previous year’s report, the number of attacks resulting in a breach – defined as the unauthorized removal of data or files – increased by 130%. Distributed denial of service (DDoS) attacks, involving brute-force waves of requests to a targeted system that force it to shut down, almost tripled year-over-year. Infiltrations, where an attacker breaks in but does not remove data, were also up by a factor of three.

CDW says the growing sophistication of cyberattacks is a concern. Also worrisome is the burgeoning number of entry points and endpoints as businesses increasingly migrate over to cloud-based infrastructure and end-users lean more heavily on mobile devices. The pandemic-driven shift to home and hybrid workplaces has accelerated the adoption of smart devices like smart speakers and appliances – which further raises the risk level for corporate exposure.

NOT KEEPING PACE

In a news release, CDW warns, “Threat detection and response is falling short amidst an increasingly challenging IT environment.” The researchers are also concerned organizations aren’t doing enough to keep up, adding, “While organizations are taking steps in the right direction to secure their IT assets, there is room for improvement to protect data and devices spread across various networks.”

These concerns are validated by the data: fully 62% of respondents said shortfalls in cybersecurity skills were compromising their ability to protect against cyber incidents, while 73% said it took them more than a week to recover from a cyberattack.

The report says the typical Canadian business takes 7.1 days to detect an incident – with some responses taking as long as 14.9 days. That’s just becoming aware of them: recovery takes an additional 25.6 days on average – or a total of up to 48 or so days to manage an incident from end-to-end.

CDW says this makes Canadian businesses vulnerable to greater risk of reinfection, loss of customer trust, and higher incident recovery costs.

THE ONLY SOLUTION IS CHANGE

The researchers include a number of recommendations organizations should follow if they want to reduce their threat profile, including:

1. Automate security response processes. Most organizations traditionally manage cybersecurity with task-based teams that tend to operate in silos, often using manual tools and processes to identify threats and respond to them. Instead, build repeatable threat detection and asset monitoring workflows using commonly available frameworks, such as Mitre’s Adversarial Tactics, Techniques and Common Knowledge (ATT&CK).
2. Adopt a zero trust culture. Face it: strictly perimeter-based security methodologies are no longer enough. Placing all protections around the edge, then allowing anyone to roam around unencumbered is a recipe for disaster. Zero trust assumes every access request comes from a malicious source and applies least-privilege access to all resource requests throughout the infrastructure.
3. Inject security into cloud migration. Too many organizations accelerated their push into the cloud during the pandemic, and in doing so failed to design security into this new distributed architecture. Opportunistic cybercriminals are taking advantage of the resulting weak points. Revisit data and systems access policies and controls to ensure they’re optimized for the cloud and invest in security tools and processes to ensure alignment with the as-a-service landscape.
4. Shift from DevOps to DevSecOps. The frightening new world of cyberinsecurity dictates a new approach to developing, implementing, and managing software. Security teams can no longer afford to operate in isolation from development and operational teams – rather security must be holistically embedded into the development process. Ensure stakeholders collaborate to identify vulnerabilities throughout the development lifecycle and empower developers to address them from the start.

THE BOTTOM LINE

The data in this latest report reinforces the stark truth that the threat landscape isn’t going to resolve itself anytime soon. Organizations are under intensifying pressure to change how they implement security, and how they build and sustain a culture that adapts to future threats. The very future of their business depends on their ability to proactively – and efficiently – respond.

We’re working on a game-changing platform, StringNetwork, that’s designed to address many of the weaknesses inherent in current approaches to security and connectivity. Check it out here and sign up if you’d like to be among the first to learn more.