Connect with us
Our website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Technology

Risk from cryptocurrency turmoil will be one of 2023’s key cybersecurity trends

Risk from cryptocurrency turmoil will be one of 2023’s key cybersecurity trends 3

Risk from cryptocurrency turmoil will be one of 2023’s key cybersecurity trends 4By Jon Fielding, managing director EMEA, Apricorn

The primary cyber threats faced by financial organisations and banks during 2022 largely evolved from the huge upheaval in working models triggered by the pandemic. IT teams scrabbled to balance productivity and continuity with protecting networks, systems and data, while hackers took advantage of the resulting vulnerabilities by intensifying tactics such as social engineering and ransomware.

As we head into 2023, organisations have got a much better handle on addressing the gaps in their security defences, and cyber criminals will continue to hone their chosen techniques to find their way around them. Within this context – and taking into account the broader global operating environment – there are four key trends I believe we all need to plan for over the coming 12 months.

Trend 1. Economic challenges, staff shortages and tech layoffs will lead to increased risk. The scarcity of resources and a worsening skills shortage will put additional strain on IT teams. I predict that an increase in breaches and data loss events may occur as a result of those with responsibility for cybersecurity being stretched too thin.

Devolving some of the accountability for guarding the business against cyber-attacks on to individual users will help to mitigate the risk, and this requires an investment in comprehensive, ongoing employee education.

Employees are the front line when it comes to preventing cyber-attacks. However, 72% of the IT leaders that responded to Apricorn’s 2022 Global IT Security Survey said their organisation’s employees did not believe they would be targeted by attackers looking to access company data, due to perceptions that the business was either too small or was adequately protected.

Raising awareness of the specific threats facing the organisation, and training people in best practice measures to defend against them, is vital for changing these perceptions and building a broad culture of security.

Trend 2. There will be an rise in ransomware attacks driven by instability in the global cryptocurrency market. Ransomware attackers have often demanded payments in bitcoin and other cryptocurrencies, and the weakening of the crypto market may push fraudsters to try and make up their losses with additional attacks.

An effective, formalised and well-rehearsed data backup protocol will strengthen resilience against the ransomware threat, particularly where an attack may compromise more than one data source. The 3-2-1 method is regarded as industry best practice: make at least three copies of your data, stored on at least two different media, with a least one copy held off-site.

I’d advise going a step further, and adding an offline location to that list; perhaps mandating employees to back up the data they create and handle locally, on a secure encrypted removable storage device that can be disconnected from the network. Having a copy that is kept safely out of the reach of hackers is particularly important where employees are working remotely.

Trend 3. The ability to recover and restore data will be as highly prioritised as defence. With a variety of threats and risks – both internal and external – that could lead to data loss, IT professionals need to make sure that they not only back up their data, but that the backup is usable.

While 99% of the IT leaders surveyed by Apricorn said their organisation had a backup strategy – and more than 70% had used it – just over a quarter (26%) found they were unable to fully restore all information. A partial recovery could still lead to damaging business disruption.

Data backups are only effective when the data is recent, accurate, and accessible; if it’s corrupted, compromised or out-of-date this will only hinder recovery efforts. Putting data backup plans and procedures to the test on a regular basis using breach and attack simulations, and improving them where necessary, should be a key part of the cybersecurity strategy in the coming year.

Trend 4. Companies will be more exposed to losing intellectual property (IP) or having R&D efforts thwarted by data breaches or leaks. This will be driven by nation-state threats, market competition, and internal threats from disgruntled or negligent employees.

To shield this valuable data, there needs to be a push for data encryption across all levels of the business. The mandatory and automatic encryption of all data as standard – whether it’s at rest or in transit – will ensure it remains fully protected. Even if a hacker gains access to a database, or a staff member leaves a USB containing sensitive information in an Uber, the information will be unreadable to anyone who doesn’t possess the decryption key.

According to Apricorn’s 2022 survey, 32% of IT leaders have introduced a policy to encrypt all corporate information in the last year. In total, almost half (47%) of organisations now require the encryption of all data. The stakes for not doing so are only getting higher: 16% of IT leaders admitted that a lack of encryption had been the main cause of a data breach within their company, up from 12% in 2021.

While it’s likely to be a case of ‘evolution rather than revolution’ when it comes to cyber threats in 2023, attackers will inevitably become more sophisticated in their approaches. The impact of global events, together with risks stemming from the way we do business – such as an increasing reliance on cloud storage, for example – will open up new access points. As ever with cybersecurity, it will be a combined focus on people, policy and technology that puts organisations in the strongest possible position to win the battle ahead.

Global Banking and Finance Review Awards Nominations 2022
2023 Awards now open. Click Here to Nominate

Advertisement

Newsletters with Secrets & Analysis. Subscribe Now