With rapid advancements in technology, companies are increasingly challenged in the area of cybersecurity. Fraudulent activity and economic crime rates remain at an all-time high, which poses a threat to businesses that are being impacted in ways more diverse than ever before.
‘Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks’ –
(Cisco Systems 2022)
The significance of cyber safety weighs heavy, especially when it pertains to business. Businesses are often challenged by the importance of having adequate security systems in place to ensure their operations are protected.
With a multitude of factors to be aware of, this article highlights the common misconceptions and other considerations surrounding cybersecurity attacks as well as trends to look out for in the next year.
Statistics and Safeguarding Considerations
Firstly, let’s debunk the common misconception regarding cybersecurity solely relating to external threats such as hackers or malware.
PwC highlights that over 50% of cyber-attacks are linked to internal sources – exemplifying the high levels of cybersecurity risk currently at hand. In addition to this, we see approximately $50 billion lost annually, according to the US Department of Commerce, with 90% of significant losses caused by employee theft.
With over half of ‘cybercrime’ being committed categorised as an ‘inside job’, let’s look at some of the questions businesses need to be asking themselves to carefully consider their cyber safety and operational procedures relating to IT.
- Are we assessing threats (both internally and externally) well enough?
- Are there any gaps in our access risk, compliance, and risk management processes?
- Are the fraud-fighting technologies that we’ve deployed providing expected value?
- When an incident occurs, are we taking the right action?
To address the risks within the current cybersecurity climate, it is important for Chief Information Security Officers (CISOs) and their teams to make the ‘transition’ from their role as ‘technologists who prevent breaches’ to ‘corporate strategists’ who manage ‘cyber risk’. Let’s look at some trends to be mindful of.
Trends In Cybersecurity – What to Look Out For
1. Management of expanding attack surface
With more businesses transitioning online, attack surface is continuing to expand. This is why it is important to consider the steps required to minimise the risk of attack to improve your business’ cyber safety. By monitoring the attack surface, you are enabling the identification and blocking off any threats or security breaches that may come your way, as well as preventing overexposure of services to the outside elements – which increases the risk of cyber-attack.
Effective attack surface management reduces the likelihood of attacks across the attack surface area. An attack surface management solution provides continuous visibility into your digital footprint, allowing you to identify, protect and manage activity at every touch point. Some best practices that you should consider:
- Implement strong security measures such as firewalls, antivirus software, password policies, endpoint detection and response and intrusion detection/prevention systems
- Update all systems (including open-source software) to reduce the risk of malware attacks
- Conduct regular security audits including vulnerability management and penetration testing to reveal potential cybersecurity risks
- Restrict access to devices and data with internal controls in place. E.g., restricting access based on job or role
2. Identity management and defence systems
Identity and Access Management (IAM) refers to the security and disciplinary frameworks in place for the management of digital identities and proposed solutions. It involves the authentication and authorisation of one’s identity prior to accessing resources or performing cyber-related actions. Ultimately, identity management structures should be implemented to make certain that an individual (through their digital identity) has authorised access to the correct resources.
Practices such as enabling a multi-factor authentication system (MFA) and single sign-on (SSO) can add an extra layer of security. Having a second form of authentication will prevent unauthorised entries in case organisational passwords are compromised. Similarly, by using SSO, users in the organisation can access a variety of independent cloud resources by logging into a single portal – which also happens to be great for access risk management.
3. Cybersecurity mesh (CSM)
Cybersecurity mesh is an efficient and adaptable approach to addressing cyber-related threats within an organisation. Cybersecurity mesh involves the enforcement of security policies across an organisation to protect computer systems and networks from being hacked. CSM provides your organisation with multiple defence boundaries to increase the security of your networks and databases. CSM facilitates real-time identification of cyber-attacks, ensuring a reduced number of security breaches.
If you are planning to implement a cybersecurity mesh to your business, here are some best practices to take into account:
- Identify the right vendors that leverage APIs and support interoperability
- Deploy common datasets and frameworks to support the holistic analyses of security and performance state as well as emerging threats to empower the organisation with the best course of action in the event of a cyber attack
- Activate security automation with the ability to create new protections when data analytics detect unusual activity or unknown threats
- Incorporate machine learning and AI to rapidly launch a threat response sequence across the entire ecosystem the moment a threat is detected
4. Distributed cyber judgement
Cyber judgement refers to one’s ability to make risk-related decisions independently. By developing an enterprise’s cyber judgement and instilling this within employees, the organisation’s focus can shift to higher-risk, higher-impact security issues –efficient use of its resources. Whilst the CISO sets the policy for cyber judgement, leaders in other parts of the organisation can make decentralised security decisions, achieving greater levels of productivity and cybersecurity.
Approaches to distributed cyber judgement include:
- Assign trust sources based on controls maturity and quality of interactions with information security
- Implement local risk decision governance, where departmental leaders are supported by the information security function but operate without direct oversight unless triggered by certain metrics
- Employ regular training on effective risk management embedded in decision makers’ workflows, like project risk assessment
- Shift policy from internal reference material to functional tools for informed information risk decision making
5. Creating a cyber-resilient culture
Cyber resiliency is a key element to consider in cybersecurity practice. Although it may not directly correlate to the technical side of a security breach, creating a culture that is cyber-resilient is important as it links to the holistic nature of digital security and sets the tone for quick response and recovery when an attack occurs. A focus on continuous improvement and resiliency will assist in a conscious effort to bounce back from cybersecurity breaches or challenges.
Common practices of a cyber-resilient culture include:
- Prioritisation of system activity for proactive risk management, rather than only dealing with vulnerabilities that need to be fixed
- Identification of potential (and common) attacks, their effects and consecutive economic impact
- Development of internal capabilities to deal with change management, incorporating some type of cyber risk assurance
- Viewing the GRC function as an enabler for business outcomes
What’s Next?
Now that there’s an established understanding of the nature of cyber-attacks and the trends in cybersecurity, perhaps you may consider the implementation of some of these ideas to assist in the development of a secure cyber presence.
Now more than ever, it is time to elevate the importance of protecting businesses against internal threats as a key element of your cybersecurity strategy. It’s time to evolve your existing SAP application security model, along with your SAP security operations, governance, and compliance process to safeguard your core ERP systems. At CompliantERP, we specialise in implementing unique solutions without the need for specialist in-house resources or large enterprise budgets. Get in touch today.