Wednesday, August 17, 2022

Cybersecurity Today and Where It's Going: A Mid-year Review

By: Sentia   Categories:Thought Leadership, Security, Cyber Security, Data Security

Cybersecurity Today and Where It's Going: A Mid-year Review

It's hard to believe that we are already just a few months shy of 2023. In this mid-year review, we take a quick look at the current state and continued evolution of cybersecurity. The corporate landscape is awash with news of organizations that have fallen victim to costly ransomware attacks, social engineering scams, data breaches and leakages, and malware attacks that have caused costly consequences, such as damaged reputation, huge fines, and disrupted business operations. Therefore, if your company does not want to make headlines tomorrow, it is essential to remain abreast of the mid-year cybersecurity trends and statistics in 2022.

Insider Threats Continue to be a Nuisance

Insider threats are hard to defend against since they are security risks within an organization. Insiders like current or former employees and third parties use their knowledge of company systems and networks or misuse their authorized access privileges to cause harm. According to a 2022 report by the Ponemon Institute, insider threats continue increasing. The report shows that insider threats have increased steadily since 2020 and will continue rising beyond 2022. Specifically, the report cites that insider threat mitigation costs have increased from $11.45 million to %15.38 million, representing a 34% rise.

93% of Company Networks Can Be Compromised

New research revealed that attackers could breach and compromise 93% of company networks to gain unauthorized access to internal network resources. Hackers require an average of two days to exploit vulnerabilities and penetrate internal networks. Also, credential compromise accounts for 71% of network breaches as attackers target weak passwords to exploit and access secure admin-level accounts. Compromised credentials can enable attackers to gain domain admin access privileges and exploit them to move laterally within the compromised network, servers, and computers. Therefore, any cybersecurity program should prioritize network and perimeter security to prevent network intrusions.

Cloud Solutions Are More Susceptible to Attacks

Cloud storage and computing have become central to business operations for companies that want to compete effectively in the modern business environment. Many companies rely on different cloud solutions, which saw the cloud computing market generate approximately $400 billion in 2021. Despite the cloud’s advantages, almost 50% of participants involved in a survey stated that their organizations' operations were disrupted due to different types of cloud attacks in 2022, and 15% recorded decreased sales; as a result of cloud attacks. Due to the cloud's importance in running critical business operations, cloud security and resiliency are pertinent to protecting against cloud attacks.

Companies Are Underprepared to Address Cybersecurity Threats

Cyberattacks continue to increase in complexity and frequency, requiring organizations to step up their cyber defences and data protection practices. Yet, despite company efforts to increase cybersecurity investments and implement advanced cyber defences, a 2022 report involving 1,200 organizations across thirteen industries in sixteen countries found that 30% lack enough budgets to realize robust cybersecurity defences. Also, a quarter of the respondents cited challenges in securing the proliferating physical and digital systems, including IoT, resulting in heightened security risks. The report also revealed that 41% of executives believe their organizations have not aligned their cybersecurity initiatives to keep up with digital transformations.

Work From Home Initiatives are Facing Increased Risks

The remote working strategy has been adopted extensively following the ravaging global pandemic. However, this has provided attackers with a more attractive path for executing attacks like ransomware since remote workers often access sensitive company resources and networks from devices and home networks that lack hardened security. In addition, 81% of cybersecurity experts face difficulties ensuring secure access for remote workers due to changed job functions and accelerated adoption of work-from-home approaches. Also, 20% of organizations attribute their data and security breaches to remote workers, and 24% of businesses have had to incur unbudgeted costs to address security breaches caused by the work from their shift.

Software Supply Chain Attacks are a Menace in 2022

A 2022 report revealed that software supply chain attacks affected 62% of large enterprises and 73% of software organizations. In addition, the report revealed that 30% of the participants responding to a survey were moderately or severely impacted by a software supply chain issue in 2021. A different survey revealed that 82% of organizations are susceptible to software supply chain-based attacks. The increase of sophisticated supply chain attacks, such as Kaseya and SolarWinds, has caused supply chain threats to attract the attention of the C-suite executives. Thus, 54% of organizations consider securing the software supply chain a top priority, and 70% of container users significantly focus on securing their software supply chains in 2022.

Cybersecurity Risk Exposures are Key Factors in Partnership Decisions

Cybersecurity programs are as strong as their weakest links causing many companies to see external partners and suppliers as a potential security weakness. Therefore, businesses are increasingly using cybersecurity resilience and health assessments as determining factors informing their partnership decisions. According to Gartner, 60% of organizations will leverage cybersecurity exposure and resilience to inform who they partner with by 2025. As a result, many companies stand to lose business opportunities due to inadequate cybersecurity resilience or failure to pass a cybersecurity health assessment. Gartner further predicts that industry-standard cybersecurity rating schemes will become vital as companies vet the entities they want to partner with in business operations.

A Cyber Resiliency Strategy and Cybersecurity Health Check are Essential

A cyber resiliency strategy that outlines your organization's vision to realize a cyber-resilient and robust program is essential as we approach the end of 2022. Developing a cyber-resiliency strategy ensures that your company can continue delivering strengthened cybersecurity processes, technologies, and people to strengthen threat detection and attack prevention capabilities. More importantly, Sentia can help build a cyber-resiliency strategy that addresses your company's ability to respond and recover from breaches, intrusions, and attacks. The strategy includes disaster recovery, incident response, and business continuity plans.

Moreover, Sentia’s cybersecurity health checks and assessments analyze your company's security controls t determine their ability to mitigate cybersecurity challenges, including threats, vulnerabilities, and exposures. A health check also detects weak links in your cybersecurity programs and recommends the necessary improvement measures. 



We are a high-value, trusted, Canadian IT solutions provider dedicated to delivering secure and reliable IT solutions across a wide variety of industries. We are committed to helping our customers meet and optimize their business goals.

Other posts by Sentia
Contact author

Contact author