Cyber threats were among the many things that intensified when the COVID-19 pandemic ripped through society beginning late 2019 and early 2020. The ways in which cyber criminals approached their targets, and the targets they chose in the first place, shifted. Cyber criminals’ tactics and targets changed alongside shifts that were taking place in society because of the pandemic, such as the increased cyber threat pressure on supply chains and healthcare organizations. Remote work, too, had a very direct impact on the ways cybercriminals went about their nefarious business.
How long will these changes continue to affect organizations? In 2022, the effects are still real. A new report from the World Economic Forum in collaboration with Accenture provides a comprehensive global cybersecurity outlook for this year. What lingering challenges are businesses facing as a direct and indirect result of COVID-19? What can organizations do to become more resilient in the face of changes they can’t predict or avoid?
In supply chains, there is some finger pointing and fear around SMEs (small and medium-sized enterprises) and their role in the ecosystem. If fact, 88% of survey respondents in the World Economic Forum’s report said they view SMEs as a key threat to supply chains, partner networks, and ecosystems. A lack of dedicated cybersecurity resources isn’t helping businesses of any size. More than half (59%) of respondents reported a shortage of skills internally would make it difficult to respond to a cybersecurity incident if one were to occur, suggesting that recruiting and retaining cybersecurity talent is a key challenge.
Within organizations, the data suggests a divide in how security issues are perceived and handled within leadership. Among security executives like CISOs (chief information security officers), the ability to respond to an attack with adequate personnel was perceived as one of an organization’s main vulnerabilities, while business executives like CEOs (chief executive officers) appear “less acutely aware of the gaps,” the report says. The divide goes even further. While 92% of business executives surveyed said cyber resilience is integrated into enterprise risk-management strategies, only 55% of security-focused leaders agreed.
The World Economic Forum’s global cybersecurity outlook for 2022 also suggests the threat of ransomware continues to grow, with 80% of cyber leaders saying ransomware is “a dangerous and evolving threat to public safety.” In one example of how important vigilance can be, the British Council is under fire yet again after a data breach was recently discovered, addressed, and publicized. The British Council has been a victim of ransomware in the past, and now, an independent cybersecurity researcher and MacKeeper report they found an open and unprotected Microsoft Azure blob repository with more than 144,000 files containing personal information of British Council students, including names, email addresses, student IDs, and more.
MacKeeper says an unnamed public search engine indexed the blob container, and the impact is yet unknown. For the British Council, the situation is embarrassing and potentially reputation damaging, even though in this recent case, the fault lies more so with the third-party data provider than with the British Council itself.
One way organizations can improve their cyber resiliency is by pursuing digital transformation. In the World Economic Forum’s report, 81% of respondents agreed that digital transformation is the main driver in improving cyber resilience, and 87% of executives said they plan to improve their organizations’ cyber resilience by strengthening resilience policies, processes, and standards for how to engage and manage third parties. These steps are crucial in safeguarding companies’ data in this cybersecurity war. Constant vigilance will be necessary going forward, as well as an investment in a team of experts who can protect this increasingly important asset.
Want to tweet about this article? Use hashtags #IoT #sustainability #AI #5G #cloud #edge #digitaltransformation #machinelearning #cybersecurity #ransomware #COVID19 #healthcare #supplychain #data#WorldEconomicForum #Accenture #MacKeeper #BritishCouncil