Attack Worries Increase as Pandemic Continues25 juin 2020
Read the original article: A survey of executive decision-makers conducted by Deloitte finds deep concern about the threat landscape in the next 12 months. The survey reveals 69% of executives expect the number and size of cyber events targeting their organizations to increase in the year ahead.
Deloitte polled 880 C-suite executives about their concerns when it comes to business resiliency amid the pandemic as it continues to unfold. It found 24% are worried about greater exposure to both insider threats and other kinds of nefarious activity. And providing uninterrupted security coverage was cited by 22% as a top concern.
As a result, more than half (57%) of organizations polled said they plan to increase their security spend in an effort to combat disruptions.
We spoke with Deborah Golden, US Cyber & Strategic Risk leader, Deloitte Risk & Financial Advisory, for a deeper analysis on the findings.
Security Boulevard: Why do you think C-Suite executives are urged more than ever before to make cybersecurity a top priority?
Deborah Golden: CISOs and their organizations had to digitally transform in a matter of weeks, instead of originally planned months or years to support remote work and expanded digital collaboration needs as a result of the COVID-19 pandemic. With the push to a more virtualized work environment and bad actors taking advantage of business disruption across domains, leaders are forced to acknowledge both greater threats and an expanded attack surface. In addition, with more brand experience happening digitally, security and trust are paramount to an organization’s ability to be successful in the modern age. As such, cybersecurity is a strategic imperative for organizational resilience.
Security Boulevard: What factors are behind the perception that the number and size of cyber events targeting organizations will increase?
Golden: In recent months, several organizations have cited an increase in click-bait, phishing attempts and misinformation campaigns. Further, organizations are acknowledging that they now collect more and more sensitive information related to COVID-19 and otherwise that makes them more attractive targets for attack.
Without significant investment in protecting these new data stores and building capacity to combat increasing frequency and sophistication of attacks, organizational leaders may feel woefully ill-prepared to prevent and respond to cyberattacks.
Security Boulevard: Please speak to some of the new concerns around threats in a long-term remote working culture.
Golden: For many organizations, remote work isn’t a new challenge, but the scale and extent to which they rely on remote work now may represent a significant change. With sustained remote operations, organizations will have to fundamentally rethink how they deliver security services. For instance, incident response in a highly distributed work environment will require some organizations to perform forensics on home/private networks, which ultimately brings both data privacy and legal considerations into focus. Further, global organizations must deal with a complex tapestry of cross-border regulatory, cultural and privacy expectations.
Security Boulevard: Fifty-seven percent noted they will increase security spend. What kinds of tools and tech do you think CISOs will be investing in to address this?
Golden: There are several important tools in a cybersecurity team’s arsenal that help combat today’s heightened threat environment. Threat intelligence and threat hunting techniques—often from various sources including commercial providers, industry groups and government agencies—can collectively be leveraged to achieve a broad, proactive approach to threat identification, assessment and resolution.
To address the exponentially expanded cyberthreat landscape, it’s critical for CISOs and other leaders to consider “cyber intelligent” approaches embedded with artificial intelligence and machine learning to support the efforts of an already stretched-thin cyber workforce.
Security Boulevard: What else should CISOs be considering when it comes to supporting remote workers longer-term than initially anticipated?
Golden: While insider threat programs are not “new,” they are drawing increased interest during the current economic downturn. Departures from normal behavior or traffic patterns pose new challenges and this type of program aids in the identification of potential internal, nefarious acts from individuals already “inside the network.” Looking forward a few months, I anticipate greater use of automation and advanced artificial intelligence/analytics in cybersecurity programs as organizations work to realize improved program efficiency, manage increasing pressure to move toward variable cost models, and allow cyber talent to focus on higher-value work.
As remote work continues, organizations should look to adjust the basics, including security policies and training programs, as greater attention and emphasis is placed on securing home networks and personal devices as well as pushing awareness of targeted social engineering attacks.