Who’s ready to fight cybercrime in 2018? Don’t all raise your hands at once. If you’re a CIO or CISO, you’re expected to provide cybersecurity and Protect sensitive data.
But given the threat landscape, there’s no such thing as 100% security:
- The volume of spam emails increased 4x in 2016 and keeps growing.
- Last spring’s WannaCry ransomware had a global cost of $8 billion and Petya cost $850 million.
- Cybercrime will triple the number of unfilled cybersecurity jobs, reaching 3.5 million by 2021.
- According to CSO, the cost of cybercrime across the globe was $3 trillion a year ago and is expected to exceed $6 trillion annually by 2021. Be warned — 2018 is a critical year for reinforcing cybersecurity at all levels of the organization, right up to the CEO and board.
What cybersecurity trends will shape 2018?
According to ISF (International Security Forum, these key cyber trends should command your attention:
- Think “Cyber Mob.” According to ISF, the maturation of cybercrime has led to what it calls “CaaS,” or Crime-as-a-Service. Increasingly, organized criminal syndicates are selling ready-to-go scamming tools and services, removing a primary barrier of entry for non-technical would-be hackers. For 2018: The resulting rise of malware, phishing and social engineering hacks directed at individuals makes it imperative to focus on how users and their devices connect to your network.
- IoT (Internet of Things) puts us in peril. The upsurge of IoT devices opens more pathways to sensitive data. Lack of transparency makes it almost impossible to know what information smart devices capture and transmit, and to whom. For 2018: It’s time to raise awareness about IoT devices, understand the risks and find ways to gain as much control as possible over the security of these devices.
- The supply chain is a weak link. Security of supply chain data is fragile across industries. When data is “out there” and you lose control of it, your sensitive data can be compromised. For 2018: Identify the most vulnerable and riskiest areas in your supply chain, then proactively implement solutions that build protections directly into supply chain processes.
- Be prepared for new regulations. New regulations are straddling the lines between enabling innovative security practices, ensuring basic societal protections and designing regulations that aren’t so complex as to deter compliance. For 2018: All eyes on the EU’s General Data Protection Regulation (GDPR), which takes effect in early 2018. Companies should have an action plan that addresses GDPR requirements and how to leverage them for competitive advantage.
- Board expectations must sync with reality. Boards know that cybersecurity is a priority and have in the past approved increases to IT budgets. But in too many cases, the board isn’t plugged into the extent of the problem and has unrealistic expectations. For 2018: CIOs and CISOs must anticipate threats and articulate them to the board, making a compelling case that under-resourcing the cybersecurity function will have long-lasting negative consequences to the organization’s reputation and the bottom line.
2018 will be the year that leaves companies with no choice but to address the global rise, sophistication and impact of cybercrime. As a managed IT security services provider, Megatronics is here to guide you, using a multi-layered approach, providing protection at every layer: from the DNS layer, to the network, to the endpoint.