Cybercrime is one of the most pressing challenges facing businesses today. According to a recent report, the global annual cost of cybercrime is expected to top $8 trillion by 2023. As businesses embrace digital transformation and new ways of operating, they are also exposed to an increasing number of cyber threats like data exfiltration and ransomware. The rapid pace of technological change has made it difficult for companies to keep up with the latest threats and to stay ahead of the curve.
How cybercrime has evolved
Cybercriminals have evolved, turning into well-established and well-funded organizations. They have also changed their methods, attacking in new ways and focusing on different types of industries. Like the corporations they target, they are reinvesting profits from basic ransomware attacks back into the business to expand their criminal enterprise and deliver new types of threats and attacks on organizations. They are targeting individuals, monitoring their social media, obtaining e-mail addresses, phone numbers and life events, and attacking them with precision using perfectly written spear phishing attacks. To build more advanced capabilities, they are doing what every corporation is doing. They are aggressively hiring the best talent they can find to design, build and test new attack services. Gone are the days where it was easy to identify a cyber-attack, businesses need to be cognizant of every little detail, link or ask they are receiving.
As fast as businesses have embraced digital transformation and new ways of operating so, too, have their adversaries.
Preparing internal security teams
For business security teams, this wave of innovation means new and more sophisticated attacks to manage. As security leaders have seen the rise in the importance of data, attackers have realized the value of it, too, and have focused much of their effort on acquiring it. Whether it is patient data from a healthcare system or employment data from a major corporation, acquiring data has become a priority.
Once inside the target environment, attackers move laterally and vertically — patiently expanding access all the way to gaining domain admin and root access. With greater access, they target backup systems to delete, or compromise backups. Then they start exfiltrating data and data mining for valuable information such as credit card numbers or other sensitive personally identifiable information (PII). Then they lock up the data with encryption.
To retrieve the data, an organization would typically need to pay a ransom. Now attackers have three demands and ways to collect more money: they will offer to decrypt an organization’s data, delete the exfiltrated data and/or return control of a domain back to the organization. Triple extortion, triple the pain. That is the result of tireless innovation, investment and engineering.
One of the biggest challenges in combating cybercrime is the skills gap within the labor market. While cybercriminals are investing heavily in their own infrastructure and services, there is a shortage of qualified professionals in the field of cybersecurity. This has created a negative employment trend, with fewer people entering the security field and more companies struggling to find the talent they need to keep their systems secure. Companies should consider education as a key tool to combat this employment trend. By creating a cybersecurity education program internally, companies can invest in their talent, train individuals and teams to keep up with the evolving threat landscape.
Engaging a third party
IT teams are overwhelmed, and they have more products and tools than ever before that need to be constantly managed. One of the biggest cyber risks is an unmanaged or unmonitored tool. Large attacks can happen this way, due to a tool being configured incorrectly. Internal teams have the potential to use tools more effectively and optimize their spending towards finding a solution.
No amount of tools can help mitigate the problem of cybercrime without people. Companies cannot simply automate their way to security. People are the key to running and managing security systems, and without the right talent, companies will struggle to detect and respond to threats in a timely and effective manner.
One of the ways businesses can overcome the skills gap in cybersecurity is by adopting managed detection and response (MDR) strategies. MDR solutions provide companies with the resources they need to detect and respond to threats, even when their IT teams are exhausted. Engaging a third party can be a crucial step in removing the burden from internal teams. The goal of engaging a third party is to obtain an unbiased assessment of what a company has, evaluate the tools and determine that the tools are being used effectively.
Cybercrime is a growing problem that businesses cannot ignore and will need to incorporate into how they approach 2023 priorities. To stay ahead of the curve, companies need to invest in the right people and technology and adopt a proactive approach to security. By doing so, they can minimize the risk of cyberattacks and ensure the safety and security of their data and systems.
This article originally ran in Today’s Cybersecurity Leader, a monthly cybersecurity-focused eNewsletter for security end users, brought to you by Security magazine. Subscribe here.