The profile of enterprise cybersecurity has never been higher. Some of the most conspicuous trends revolve around ransomware, security-as-a-service, and zero trust.
Ransomware Rising
Ransomware attacks are very much on the rise. The European Union Agency for Cybersecurity noted a 150% rise in ransomware in 2021 and expects that trend to continue in 2022. High-profile victims have included Colonial Pipeline, UKG (Kronos), JBS, Kaseya and SolarWinds. Even bigger names are likely to be on this year’s ransomware honors list.
Why? Due to the millions in ransom payments rolling in, cybercriminal groups like DarkSide, REvil, and BlackMatter are reinvesting the funds to become more organized. Security firm Kela discovered, for example, that cybercriminals have been using analytics to determine the profile of the ideal U.S. victim. Hackers are particularly interested in companies with at least $100 million in revenue and that are using virtual private networks, remote desktop protocols or tools from Citrix, Palo Alto Networks, VMware, Fortinet and Cisco. They shy away from organizations in education, government, health care or the nonprofit sector. Presumably, these verticals either refuse to be held to ransom, don’t have the budget to pay or can cause a backlash against the hacking group (such as patients being endangered in hospitals due to systems being shut down).
To make matters worse, the criminals have gotten greedier. They not only want money, but also threaten reputations by exposing attacks, blackmailing companies with the threat of exposing corporate or personal dirty laundry, and selling intellectual property to competitors.
Thus, organizations must be better prepared when it comes to ransomware prevention, mitigation and overall response. Modern incident response tools are a good place to start, as well as bringing all patches up-to-date and training personnel to avoid clicking on phishing e-mails.
Security-as-a-Service Brings Much-Needed Help
The complexity of modern computing environments coupled with the threat posed by ransomware and malware has caused many companies to realize they need help. Instead of relying on their own security tools, they are increasingly looking to the cloud for security-as-a-service solutions. These solutions often are provided by a managed services provider (MSP) or managed security services provider (MSSP).
Equity Methods, a provider of valuation, financial reporting and human resource advisory services, makes a sharp distinction between what technologies it operates internally and what it offloads to its MSP adryTech. The company’s MSP delivers a broad range of services, including security services such as e-mail protection, content shielding and Web application firewall.
Zero Trust Helps Thwart Cyberintruders
Traditional cybersecurity practices involve what could be characterized as a “castle and moat” model. Threats are kept out by safeguarding the perimeter of the network. The problem with this approach is that it assumes any user with the right access credentials is legitimate and can be trusted to move freely through the system. This is part of the reason why phishing and ransomware wreak so much havoc. Organizations can erect many security defenses, but one gullible user clicking on a malicious link or attachment enables cybercriminals to compromise systems.
The zero-trust model restricts network access to only those individuals who need it. By relying on contextual awareness, access is granted to authorized users using patterns based on identity, time and device posture. No user or device is given default access. Everyone must pass security protocols such as access control steps and user identity verification. Authenticator apps and codes sent to a smartphone are some of the ways zero trust is being implemented.
