With many businesses having implemented knee-jerk solutions to quickly allow for remote working last March, the cracks are now starting to show in terms of the lack of attention to security details. As businesses swiftly procured and deployed new IT products and services to get through the initial lockdown, many were not anticipating a more permanent shift towards remote working. While both SMEs and enterprise businesses did what they had to do to enable continuity in a crisis, stringent security measures fell by the wayside.
As we look towards the latter half of the year and prepare for a more virtual long-term workplace, it’s time for business leaders to acknowledge the key cyber threats facing them and remedy any weaknesses. Pulling together analysis from global cyber trends and insights from the Acronis Cyberthreats Report, here are four key security challenges business leaders need to be aware of in loo2021 and beyond.
The rising threat of ransomware
Ransomware attacks are on the rise, and as techniques become more and more sophisticated, businesses’ data security will continue to be under threat. The average cost of recovery from these attacks has reportedly more than doubled in 2021, and with an increase in extortion attacks, businesses must act now to build more robust layers of security into their infrastructure in order to protect their most sensitive data.
Cyber health in a hybrid working environment
Unsurprisingly, the global pandemic and the mandated home working restrictions have had a huge impact on the security health of many businesses. From rash cloud migration to rapid deployment of quick-fix home-working solutions, the sticky-plaster infrastructure that many implemented in the early weeks of the first lockdown will not hold up in the face of serious security risks for the long term.
As we move into the latter half of the year and many businesses put the wheels in motion for hybrid and remote working for the long term, cybercriminals will continue to seize the opportunity and target remote workers in a more vulnerable home network environment.
Cloud Security and MSPs
The rapid shift to the cloud has left many businesses struggling to secure the public cloud without introducing restrictive, uniform security policies across their team. Likewise, in recent years cybercriminals have seized the opportunity to attack cloud MSPs, as an increasing number of small and medium-sized businesses appoint managed service providers for their IT needs.
It’s for this reason that MSPs have become a significant target for cybercrime as attackers can infiltrate private information of numerous SMBs in one place. It’s more important now than ever for businesses to fully research their service providers and ensure that cyber protection procedures are as robust and modernised as possible to protect against vulnerability.
Adjusting security measures for automated attacks
Cybercrime has become a well-oiled machine in recent times, with professional attackers reaching industrial-scale operations and using big data to automate processes, source new victims and generate more targeted, customised attacks on individual organisations.
What’s more, with the average lifespan of a modern malware sample at 3.4 days, legacy detection and response methods have fallen behind, unable to stay ahead of the ever-evolving strains of malware created on a daily basis.
Automated attacks will likely increase in the coming months, as they allow attackers to scale up their operations significantly. To mitigate this trend, cybersecurity teams must work to understand new tools and services used by threat actors and adopt automation as a defence to protect against these attacks.
The mass shift towards home working has opened up significant vulnerabilities for businesses and accelerated cybersecurity trends that were evolving even before the pandemic hit. With SMEs particularly in the spotlight as a potential target for attack, and the threat of ransomware and automated attacks gaining traction, it’s crucial for business leaders to acknowledge that security is no longer an optional investment but a critical aspect of their continuity.
Now is the time for businesses to reassess the reliability and security credentials of their MSP’s. With SMEs often most vulnerable, it’s important that enterprises share best practices and resources when it comes to security, from a social responsibility standpoint, so that organisations can come together and take the right steps to protect themselves, their employees and their data.
The next few months will be a pivotal time for businesses large and small as they navigate the new systems, processes and routines surrounding hybrid and remote working. Implementing a robust, proactive security strategy has never been more paramount.
By Terry Storrar, Managing Director, Leaseweb UK