The latest report on Information and business Security from the global Insurer Hiscox is full of startling revelations. The report states that over one-fifth of the enterprises operating in the U.S and Europe are on the verge of bankruptcy due to the unremitted barrage of cyberattacks. Even several small and medium enterprises in India have lost up to INR 7 Crore due to cyber attacks in the last year. These varied strikes orchestrated by criminal masterminds across the globe have multiplied further during the last couple of years with the pandemic further catalyzing targeted attacks across major industries. There is an urgent need for ‘an around the clock’ comprehensive risk mitigation framework and businesses are gradually waking up to this stone cold reality.
With both costs and the threat matrix expanding at a voluptuous rate, even a standard investment in enhancing your organisation’s cyber security architecture can work in your favor. However, the essential thing here is investing in the right set of cybersecurity tools that can effectively manage and neutralize cyber-attacks on an everyday basis.
A Barracuda report found 87% of Indian organizations had security breaches once while 79% of them suffered at least one ransomware attack in 2021. The research also found that staff working predominantly from home had a significantly higher network security breach rate. Indeed, companies in India mostly functioning with a ‘Work from home’ model had a network security breach rate of 91% compared to 86% in companies predominantly encouraging their staff to work from office premises.
It is no surprise that attacks are causing organizations to lose enormous sums of capital. A recent report from IBM concluded that the average cost of a data breach is now over a record-setting $4.2 million. Severe incidents do not only lead to palpable expenses like third-party forensics, IT overtime, and regulatory fines, but also result in potential legal costs, customer churn, and reputational harm. The report points out that there are other major financial effects that SMB owners may not consider instantly such as:
- The cost of alerting customers post-incident
- Significant hardships in attracting new customers
- Loss of business partners
Organizations are also attesting to the fact that remote working during the pandemic has made them more prone to cyber-attacks. While staff working at home were more prone to click on phishing links and embroiled in other risky behavior, many were forced to invest in more cloud infrastructure during the pandemic. At the same time, the use of remote access infrastructure like remote desktop protocol (RDP) also multiplied and was abused by threat actors. These trends are in synchrony with the top attack vectors appearing in the report.
It is evident that organizations must respond to these attacks by locating a more efficient way of protecting against email-borne social engineering attacks and misconfigured and unpatched cloud and remote access infrastructure.
Here are a few best cybersecurity practices that can prove instrumental in neutralizing major attack vectors:
- A Comprehensive email securityincluding advanced phishing and impersonation protection
- Security awareness training to enable employees in detecting social engineeringattempts more effectively
- Multi Factor authentication on all sensitive cloud, RDP, and on-premises accounts
- More streamlined cloud-ready remote accessfor staff, which is an improvement on legacy VPNs
- Incident response planning and regular testing
- Continuous cloud monitoring and remediation to ensure compliance with security policy
- Web application firewalls to mitigate the risk of vulnerability exploitation
- Cloud-ready firewallsto block zero-day and other attacks
- Regular backups including one copy offsite and offline
- Cyber insurance. Although premiums are fast burgeoning, organizations with best practice security controls in place may be able to strike better deals and increased coverage
Cyberattacks are nothing short of a dragon-level threat for countless businesses. Thus, it’s imperative to invest the necessary time and resources to avert these contingencies and keep cyberattacks at bay.