2020 kicked off with a slew of cyberattacks that not only brought on mass hysteria but also unveiled the ill-prepared state of companies and organizations around the world. As ransomware crippled Travelex, reports revealed a Saudi-backed attack on Jeff Bezos’ phone while the U.S. reported thousands of attacks per minute from Iran. Studies and reports have shown that many enterprises and organizations are unprepared, and face more frequent and sophisticated attacks due to outdated cybersecurity technology and practices.
Although new solutions exist, the adoption rate has been sluggish due to inefficient and cumbersome evaluation methods. As the intensity of cyberattacks rises, enterprises and organizations must look into more efficient methods to evaluate and adopt cybersecurity technology to safeguard their data.
Cybercrime continues to be on the rise
Ransomware has spiked significantly, with an increase of 365% from Q2 2018 to Q2 2019 through phishing campaigns and exploits of outdated infrastructure.
One such attack was on Travelex, hit this past New Year’s Eve by a group called Sodinokibi, and was forced to shut down its services after refusing to pay the $6 million ransom. While it resumed services weeks later, it sustained extensive losses, and the lingering threat of this happening again in the future remained. This crisis demonstrated a concentrated shift towards targeted attacks disrupting services in order to extort large ransoms. This was enough to affect foreign-currency transactions across other banks causing a ripple effect that impacted over a dozen U.K. banks. A study found that such targeted attacks on small and mid-sized financial institutions could be amplified to cripple major U.S. banks and affect 38% of the entire U.S. financial system.
With cybercrime estimated to cost $6 trillion in damages by 2021, enterprises are pressed to adopt new security technology and practices to protect their business and customers.
Challenges to adopting cybersecurity technology
There are numerous challenges to adopting new cybersecurity solutions such as legacy systems, budget restraints, data security, regulations, and time.
Outdated infrastructure and software are often the most vulnerable to cyberattacks. For example, ransomware attacks in 2017 (WannaCry, NotPetya) used the EternalBlue exploit to access hundreds of thousands of unpatched Windows systems. Any new cybersecurity solution must be compatible with an organization’s legacy systems, which might be unsupported and contributing to technical debt. Unfortunately, companies would devote a majority of their IT budget to supporting aging software or modernization efforts, which drains the cybersecurity budget.
Another issue with evaluating cybersecurity technology is the risk of breaking regulations by compromising sensitive data during a proof-of-concept (PoC) or testing process. Third-party vendors or red team testing may carry bad actors who can use the PoC as an opportunity to infiltrate a company’s network and compromise a company’s data. The potential risk is mitigated by heavily regulated industries where it’s often forbidden to use company/customer data or connect to a working environment. However, this limitation prevents organizations from accurately evaluating the performance of technology and can create unforeseen issues during implementation. Furthermore, gathering and analyzing results become tedious and time-consuming when processing multiple cybersecurity solutions. Each one can take months to evaluate and multiple competing vendors can add up to more than a year before the solutions can be compared side by side.
Improving evaluation methods
Although the challenges are daunting, new technologies such as AI, dedicated PoC service platforms, and cloud technology have spurred new methods and improvements to the evaluation process.
AI automation opens the door for new methods that solve many of the data security and regulation challenges. One AI technique takes a sample of a company’s data in order to generate another test set that would be similar to the original but carries no risk of being compromised since it is not actual customer data. Rather than using data that contrasts a company’s existing records, this method allows a company to remain compliant while evaluating the cybersecurity solution with more realistic datasets for better results.
This can be taken one step further by using AI in conjunction with cloud technology to replicate a company’s entire work environment. Legacy systems can be included to test for vulnerabilities and allow for more security evaluation methods such as red teaming and penetration testing. While AI replicated data already reduces the risk, hosting the evaluation setting on a closed cloud server allows for easy monitoring and security controls should anything unexpected occur during a test. The added benefit of cloud technology is that this new process can be scaled to allow for multiple PoCs to run simultaneously. Not only will it be more secure, but it can potentially reduce years-long projects to just a few months.
Enterprises with limited resources and budget might not lack the ability to use both AI and cloud technologies, but there is the option of using a dedicated PoC platform. By automating the monitoring process, compiling results, and creating an analysis report, a PoC platform will reduce the number of time-consuming tasks. As it performs most of the heavy lifting, employees can focus their efforts on comparing different solutions and plan for implementing the technology. A PoC platform will be cheaper and easier than building AI and cloud capabilities from scratch with no experience and provides the main benefits.
Committing to cybersecurity
Evaluating cybersecurity technology is a difficult process with numerous challenges and the increasing frequency of cyberattacks signals an ever-approaching threat. New methods and technologies allow enterprises to meet both security and regulation needs while saving time and resources. However, the future of an organization’s cybersecurity ultimately depends on their commitment to innovate and adopt new solutions in earnest. From executive buy-in to new security policies, cybersecurity depends on the people as much as it does on new technology. A successful evaluation or a compatible security solution is pointless if a company refuses to implement these innovations.
As cyberattacks become the most prominent threat to the global economy, enterprises can no longer afford to stagnate on cybersecurity. Organizations have the ability to evaluate and choose the best-suited innovations to safeguard their information and operations. Unwillingness to do so will place a company in the crosshair for the next cyberattack.