According to the 21st Annual Global CEO Survey by PwC, around 62% of global CEOs are concerned about cyber threats affecting their company’s growth potential. As a result, it’s unsurprising that CIOs would be pressured to raise IoT security spending, momentarily negating productivity advantages.
Companies are still struggling to make cybersecurity a priority: Most cyber leaders are unable to exercise strategic impact because cybersecurity is considered a back-office function.
How to re-evaluate cybersecurity
Today’s enterprises must begin with the concept that cybersecurity is a shared responsibility. For example, spear-phishing involves the use of tailored information in an email to persuade recipients to open attachments or visit a phony website. It’s still one of the most common sources of compromise, and companies need to do a good job of teaching their employees about it. Businesses that teach users basic cyber hygiene and conduct tests to see if they fall for such tricks are helping to make security a part of everyone’s job.
Also Read: Top Three Security Mistakes CISOs Make today
Instead of adopting siloed security that isn’t adequately integrated with other solutions or the network, enterprises should establish a unified security framework that encompasses the entire attack surface and can deliver automated protection that can respond to occurrences. A cybersecurity mesh platform, for example, can help organizations decrease complexity and boost security across their networks. This type of framework, on the other hand, must do more than just provide integrated security technologies. It also needs to provide security and networking convergence, which makes it easier to react to new business requirements like work-from-anywhere (WFA). It necessitates the collaboration of different systems in order to provide users with secure availability of resources that may be spread across multiple places, such as a data center or the cloud.
Post-pandemic trends among emerging risks
The cybersecurity community has seen a number of attack vectors that leverage the COVID-19 theme as bait or as a technique to hide malicious activities from surveillance and detection in recent months. As a result, modifications in the most common attack patterns are unavoidable as COVID-19 infections appear to be declining in several regions. However, it appears that these changes are encouraged by the usage of complex and well-developed campaigns at precisely selected moments, rather than by attempts to rapidly and readily exploit the pandemic theme (as was the case in the start, when malicious actors immediately created scam campaigns).
The cybersecurity industry has recently been aware of a slew of attempts to imitate informational applications, as well as the fact that malevolent operations can take place behind a convincing infection map or fictional ‘infection radar.’ In other words, such apps function as remote access Trojans (RATs) on the smartphones of their users. When a RAT is placed on a device, the threat actor has the ability to not only gather and manipulate sensitive data but also to conduct a variety of surveillance actions. Despite the fact that such efforts have been spotted all over the world, it appears that attempts to launch such attacks grow primarily in specific places and only when that territory has another COVID-19 outbreak. To put it another way, threat campaigns are closely related to the number of illnesses and people’s opinion of the pandemic – when individuals are more worried, threat actors utilize the COVID-19 theme more.