It’s been said that everyone’s social security number probably has been compromised and is somewhere out there on the dark web. While we can’t know for sure, more than one security expert has said it’s a safe assumption that your identity data has been stolen at least once and more likely, multiple times. In other words, you’ve been hacked whether you know it or not, and you will get hacked again.
If that doesn’t scare the living daylights out of you, it gets worse. Cyber risk has grown post-COVID with more people working from home. Just between March and April of this year, the FBI reported a 400% increase in cyberattack complaints. As former National Security Agency head Michael Rogers warned in a recent FT story, “the attack surface has just exploded.”
The reality is that cybersecurity has gotten a lot more complicated as we’ve migrated to the cloud. It’s no longer as simple as when we kept all our data on our own machines on-premise. Large enterprises might have a technology infrastructure spread across on-premise, private cloud and public cloud, with multiple software-as-a-service (SaaS) providers. That’s brought tremendous cost advantages, convenience and capability – but also complexity. No one vendor can protect all your data. Amazon Web Services won’t look after your Microsoft Azure data and vice versa. Ultimately, the responsibility for everything is on you.
For corporations, the stakes are high. The 2020 Cost of Data Breach Report published by IBM Security interviewed 524 organizations that experienced data breaches the past year and found that the average cost of a breach was $3.86 million. That includes lost business and the cost of notifying other parties and putting together a response. On average, it took 207 days to identify a breach and 73 days to contain it.
The good news is that cybersecurity technology has been advancing too with an array of solutions: Firewalls, which monitor and keep bad traffic out, have been around for a long time but still are needed in the cloud and still take up more than a quarter of IT budgets. Endpoint security focuses on the end-machines and devices in your network, including traditional anti-virus protection. Identity and access management is about who gets access to what, including password management and two-factor authentication. An important newer concept here is “Zero Trust,” which is what it says it is — trust no one and verify everyone even within your firewall because bad actors will get past your firewall.
Secure web gateways stand between a user and a software-as-a-service in the cloud, like Microsoft Office 365, inspecting traffic between the two. And a newer solution is Security Orchestration, Automation and Response or SOAR. This collects traffic data across various network touchpoints and automates responses to pre-defined security alerts. This kind of automation frees up your IT professionals for better things, which is important because there just aren’t enough data security professionals out there to chase down every threat.
An important final note is that even with better technology, technology is never enough on its own. Cybersecurity also is about people and processes. Your organization needs trustworthy, competent people who are trained to follow a process. The IBM study above found that 52% of data breaches were caused by malicious attacks. But human error caused 23% of breaches and a “system glitch” caused 25%. And among the malicious attacks, 7% involved a malicious insider, but 19% stemmed from cloud misconfiguration. That’s a lot to worry about.