To say the last few years have been turbulent is somewhat of an understatement. From remote working to increased cyberthreats, businesses have been forced to adapt quickly and overcome many hurdles, says Sascha Giese, SolarWinds Head Geek for the IT management software company.
As we head into 2023, it’s important to reflect on these changes and what we, as a community, have learned. The IT concerns we had pre-pandemic aren’t the same now, especially when it comes to cybersecurity. So, what changes to the cyber landscape should businesses keep front of mind as we move to the new year?
Some things never change
While we’ve seen the cybersecurity landscape evolve, the threat of ransomware isn’t going anywhere—we’ve been talking about it for years and will continue to do so well into the future.
More specifically, ransomware introduced by users still poses a huge risk to businesses. Frankly, it’s an easy way in, and holding information for ransom often leads to a big payday for the hacker or organisation.
Everyone knows or should know a 100% secure business isn’t possible. Cybersecurity is never bulletproof, as you can’t completely eliminate breaches, prevent all threats, stop zero-day threats in zero-time, and the list could go on.
In many cases, ransomware doesn’t have a person behind the attacks—it’s scripted. Ransomware attacks are the equivalent of kicking the tires of cars to check if there’s an alarm—exploiting low-hanging fruit, like users in everyday situations.
System complexity is hampering security
Since the start of the pandemic, there’s been a dramatic increase in the complexity of IT systems. In fact, according to the latest SolarWinds® IT Trends Report, more than half of IT professionals say IT complexity is the number one issue facing their organisation.
This added complexity is a result of various factors, such as organisations having to quickly scale to support remote employees. As a result, networks have increased exponentially to accommodate additional security and remote access software and manage and monitor remote devices.
Increasing system complexity makes it far more challenging for IT teams to secure their environments. In fact, most feel they don’t have enough understanding of the latest technology, while businesses aren’t giving teams a chance to expand their knowledge.
And lack of knowledge and time has a significant impact on security—often exposing system vulnerabilities susceptible to compromises. Unfortunately, employees don’t know what they don’t know, and this can be detrimental to the business.
IT complexity is a shared challenge and requires a coordinated effort across the business. Security professionals should be working closely with their colleagues from across operational teams. But change really needs to come from the C-level, which usually has an insufficient understanding of the daily problems caused by business requirements.
Microservices deployed across multiple hyper-scalers are a fitting example. It’s an interesting technology and does have advantages when talking about availability and scalability, but at what cost?
External threats are on the rise
For the first time in more than five years, external threats are a bigger problem than internal ones. This worrying trend is something all businesses should be aware of.
First of all, we’re looking at a rise in state-sponsored attacks. It’s no longer a couple of hackers in it for the challenge. Instead, we’re dealing with highly organised and well-funded groups operating like well-oiled machines.
It’s not only the criminals getting more sophisticated—so are the tools they’re using. Artificial intelligence isn’t exclusive to legitimate business functions. Anyone can purchase a framework, train it, and use it for whatever they see fit, no matter their intentions.
The same applies to resources. The unlimited resources of hyper-scalers are open to anyone willing and able to pay. Cybercrime is, like most crime in general, a business. There’s money involved. And as it continues to grow increasingly more sophisticated, cybercrime becomes more lucrative for adversaries, and the culprits become ever harder to catch.
Looking to 2023
Unfortunately, there’s no secret sauce for solving cybersecurity. But low-hanging fruit can also be picked by organisations. The good news is lowering risk and mitigating impact doesn’t require an army of geeks. Each business, whatever the size, can introduce the basics of cybersecurity best practices—and fortunately, they haven’t changed much since 2020.
For example, having an excellent backup strategy along with continuous testing is still a good countermeasure for dealing with ransomware attacks. Additionally, ongoing user training will always be a significant pillar of a reliable security concept. Frequently running phishing tests to identify potential problems before they manifest should also be a fundamental measure. What must change, though, is the awareness of business leaders on how big the cyberthreat really is. And security can no longer be an afterthought.
Big multi-nationals are lucrative targets for sophisticated cyber operations. And while organisations at the enterprise level usually have a security budget, there’s always room for improvement.
There must be plans in place for inevitable situations, and every member of your team should be trained to deal with emergencies—there’s no time for spinning in circles. Fire drills are commonplace for a reason, so why not use minor incidents to test your policies, alerts, and strategies? It’s also beneficial to have public messaging ready for when an attack does happen.
There’s no place for the “it won’t happen to me” mindset, either, as small businesses can easily fall victim to attacks as well. A restaurant could find themselves in a situation of someone asking for £1,000 to restore access to reservation and payment systems on a Friday evening. While this may not be a substantial one-time cost, if a system continues to remain vulnerable, the likelihood of facing the issue multiple times is heightened.
Whatever your business, size, or budget, don’t strive for perfection; remember, any measure to help increase security is better than none. Start small and continue to build your security over time to lessen vulnerabilities to ensure your business is as safe as possible in 2023 and beyond.
