By Jon Fielding, managing director EMEA, Apricorn
The primary cyber threats faced by financial organisations and banks during 2022 largely evolved from the huge upheaval in working models triggered by the pandemic. IT teams scrabbled to balance productivity and continuity with protecting networks, systems and data, while hackers took advantage of the resulting vulnerabilities by intensifying tactics such as social engineering and ransomware.
As we head into 2023, organisations have got a much better handle on addressing the gaps in their security defences, and cyber criminals will continue to hone their chosen techniques to find their way around them. Within this context – and taking into account the broader global operating environment – there are four key trends I believe we all need to plan for over the coming 12 months.
Trend 1. Economic challenges, staff shortages and tech layoffs will lead to increased risk. The scarcity of resources and a worsening skills shortage will put additional strain on IT teams. I predict that an increase in breaches and data loss events may occur as a result of those with responsibility for cybersecurity being stretched too thin.
Devolving some of the accountability for guarding the business against cyber-attacks on to individual users will help to mitigate the risk, and this requires an investment in comprehensive, ongoing employee education.
Employees are the front line when it comes to preventing cyber-attacks. However, 72% of the IT leaders that responded to Apricorn’s 2022 Global IT Security Survey said their organisation’s employees did not believe they would be targeted by attackers looking to access company data, due to perceptions that the business was either too small or was adequately protected.
Raising awareness of the specific threats facing the organisation, and training people in best practice measures to defend against them, is vital for changing these perceptions and building a broad culture of security.
Trend 2. There will be an rise in ransomware attacks driven by instability in the global cryptocurrency market. Ransomware attackers have often demanded payments in bitcoin and other cryptocurrencies, and the weakening of the crypto market may push fraudsters to try and make up their losses with additional attacks.
An effective, formalised and well-rehearsed data backup protocol will strengthen resilience against the ransomware threat, particularly where an attack may compromise more than one data source. The 3-2-1 method is regarded as industry best practice: make at least three copies of your data, stored on at least two different media, with a least one copy held off-site.
I’d advise going a step further, and adding an offline location to that list; perhaps mandating employees to back up the data they create and handle locally, on a secure encrypted removable storage device that can be disconnected from the network. Having a copy that is kept safely out of the reach of hackers is particularly important where employees are working remotely.
Trend 3. The ability to recover and restore data will be as highly prioritised as defence. With a variety of threats and risks – both internal and external – that could lead to data loss, IT professionals need to make sure that they not only back up their data, but that the backup is usable.
While 99% of the IT leaders surveyed by Apricorn said their organisation had a backup strategy – and more than 70% had used it – just over a quarter (26%) found they were unable to fully restore all information. A partial recovery could still lead to damaging business disruption.
Data backups are only effective when the data is recent, accurate, and accessible; if it’s corrupted, compromised or out-of-date this will only hinder recovery efforts. Putting data backup plans and procedures to the test on a regular basis using breach and attack simulations, and improving them where necessary, should be a key part of the cybersecurity strategy in the coming year.
Trend 4. Companies will be more exposed to losing intellectual property (IP) or having R&D efforts thwarted by data breaches or leaks. This will be driven by nation-state threats, market competition, and internal threats from disgruntled or negligent employees.
To shield this valuable data, there needs to be a push for data encryption across all levels of the business. The mandatory and automatic encryption of all data as standard – whether it’s at rest or in transit – will ensure it remains fully protected. Even if a hacker gains access to a database, or a staff member leaves a USB containing sensitive information in an Uber, the information will be unreadable to anyone who doesn’t possess the decryption key.
According to Apricorn’s 2022 survey, 32% of IT leaders have introduced a policy to encrypt all corporate information in the last year. In total, almost half (47%) of organisations now require the encryption of all data. The stakes for not doing so are only getting higher: 16% of IT leaders admitted that a lack of encryption had been the main cause of a data breach within their company, up from 12% in 2021.
While it’s likely to be a case of ‘evolution rather than revolution’ when it comes to cyber threats in 2023, attackers will inevitably become more sophisticated in their approaches. The impact of global events, together with risks stemming from the way we do business – such as an increasing reliance on cloud storage, for example – will open up new access points. As ever with cybersecurity, it will be a combined focus on people, policy and technology that puts organisations in the strongest possible position to win the battle ahead.