1 / 6

Cybersecurity 2022_ The Year in Review by Seceon Thought Leadership - Seceon

Cybersecurity affected everyoneu2019s life and lifestyle u2013 it adjusted the price of gas for your car, if you could get a steak at a restaurant, if or when you could see your doctor, and whether or not your favorite gaming site compromised your personal financial data. Call Us: 1 (978)-923-0040 Visit: https://www.seceon.com/

Companyseceon
Download Presentation

Cybersecurity 2022_ The Year in Review by Seceon Thought Leadership - Seceon

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cybersecurity2022:The YearinReviewbySeceonThoughtLeadership-Seceon +1(978)-923-0040 info@seceon.com Cybersecurity2022:TheYearin Review by Seceon Thought Leadership bySeceonThoughtLeadership|Feb2,2023|aiMSSP,aiSIEM,aiXDR,Awards,CyberSecurity Company,CybersecuritySolution, RansomwareDetection|0comments

  2. Cybersecurity2022:The YearinReviewbySeceonThoughtLeadership-Seceon 2022 wastheyearthatcybersecurityaffectedeveryone’slifeand lifestyle – it adjusted the price of gas for your car,if you could get a steakatarestaurant, iforwhenyoucould seeyourdoctor,and whether or not your favorite gaming site compromised your personal financial data. Increased pressure was applied to those who are cyber professionalsand practitionersborneout of astricter regulatory climate andwewillundoubtedlyseegovernment and standards bodiescontinuetoclampdownonorganizationswhoflout or minimalizetheiremphasisoncybersecurity. We all know the 2022 data breach headlines (e.gCopper Mountain Mining, Mizuno, Intrado, Rackspace, T-Mobile, and a vast global list of public and private sector organizations). But what businesses need to askisHOW do these attacks happen and what canwe do to avoid this? This is where our job as business risk managers needs to clearly convey all the actions taken by cyber criminals to compromise digital assets and what we need to do to protect our organizations and be resilient(protect,detectandrecover)fromattack. Let’sstartoutbyusing ransomwareasthe“Badness-o-meter”of Cybersecurity,thatisusing thepervasivenessand impact ofthis economiccrimeasthemeasureofimprovingordecliningeffectiveness in our industry. We often don’t know what, or if, aransom was paid. There are many instances, as in Colonial Pipeline in 2021, where we know that the$4.4 million ransomwas paid. Payingaransom shows anextreme failurein yourresilience,preparedness, and readiness. Let’s not forget top threat actorsarevery well funded and in many cases, attackers are doing significant research to understand what an organization isable to pay, in order to increasethe likelihood of the paymentamountdemandedbytheextortioner. Wedoknowthis.Thatthenumberoforganizationsgloballythatwere victimizedbyransomwareroseslightlyto66%in2022(anincreaseof 3%over2021).68%ofthosevictimspaidtheransomin2022,a decrease of 19% from 2021. This is an important improvement but almostsevenofeverytenisstillveryhigh.

  3. Cybersecurity2022:The YearinReviewbySeceonThoughtLeadership-Seceon 16%oforganizationshavebeenhit3+timeswith ransomware indicating alack of cybersecurity fundamentals and hygiene in those organizationsalongwithneglectingtotaketheremedialstepsneeded to not be a repeat victim. 56% of those attacked lost revenue, 50% lost customersand43%hadsignificantreputationandcredibilityloss. What we clearly see in 2022 arelarger individual attacks than ever before. 11% of ransomware attacks had their extortion dollar figures exceed $1 million in 2022 with an overall average ransom of $220,298 for the full year.However, the ransom payment amount isminiscule comparedto the recovery and impact cost of $4.54 million in 2022, downjustabitfrom$4.62millionin 2021. GlobalRansomwaredamagecosts (again,notthe ransom amount itself)areexpectedtomoveto$265billion by2031 putting ransomwareinthetop50of GrossNational Productsizesinthe world. Lastly, according to the World Economic Forum ( WEF), “by 2025, it’s estimatedthat463exabytesofdatawillbecreatedeachdayglobally – that’s the equivalent of 212,765,957 DVDsper day!” But asmore data is produced and the value of data (often categorized as “cost per record”)skyrockets,wecanonlyexpectthatmorebadactorswill attempt to successfully exploit theemerging threat vectorbrought on by surgingdatavolumes.As billionaire Warren Buffett oncenoted, dataisclearlythenewoil. Though someof these statistics aremoving in an improved direction, theincreasingsophistication ofcybercriminalsaddingArtificial Intelligence (AI) to their endless array of zero-day exploits and social engineering attacks is absolutely terrifying. Research firm Cybersecurity Venturesnow predictsthat therewill beanew ransomware attack every 2 seconds (down from 11 seconds at the beginning of 2022) as ransomwareperpetratorscontinuetorefine their malware payloads andrelatedextortionactivities. Furthermore, operationalattacksurfacesandprivacy/PIItargeted attacksareincreasingmainly asmillions moreIoT, IoMT,IIoT devices come online, with some estimates at more than 50 billion devices globllyby2030,aswellascountlessorganizationsoperatinginhybrid

  4. Cybersecurity2022:The YearinReviewbySeceonThoughtLeadership-Seceon fashion (cloud andon-prem)with alargely remote workforceinthe aftermathofthe2020-2021pandemic. Now lets look deeper at what we at Seceonpredicted for 2022, then let’s look at what we predict is going to happen in 2023. Thanks for joiningusonthisjourney! 2022SeceonPredictionOne:WewillseeHigh Employeeturnoverincybersecuritywith recruitmentandstaffingcontinuingtobea majorissueon aglobalscale In2022,theglobalcybersecurityindustrysawadramaticrisein employeeturnover. Thiswasduetoanincreasingly competitivejob market,withalargenumberofqualifiedcandidatescompetingforthe samejobs.Companieshadtoadjusttheirhiringstrategiesto stay aheadofthe competitionandrecruitthebesttalent.ISC2currently estimatestheworkforcegapat 3.1million professionalsworldwide. There appears to be a shift inentry paths for those newerto cybersecurity.26%ofproswithlessthan3yearsexperiencestartedin afieldotherthanITorcyber,whereasjust1in5,20%with8ormore yearsofcyberexperiencestartedinafieldotherthanITorcyber. Moreover, we have a divide in the cyber workforce with most graduates fromcollegesanduniversitiesmovingtowardtechnicalareasin cybersecurity,with very few inthedomain ofGovernance,Riskand Compliance (GRC), at a time when the biggest need is in GRC. This is a significant risk.Talent isscarce.If you can’t obtain the skillsets you needtoeffectivelymanagecyberrisk,thenyour cyberriskwill go unmitigated, which will leadto exposures, high costof insurance(or loss of insurance), and leave you open to attacks, ransoms and data breaches. According to ISC2, 57% of organizations have unfilled roles theycannotfindasuitablepoolofcandidates. Additionally,theemergenceofcloud-basedtechnologyand automationmeantthatmanyofthetraditionalrolesincybersecurity neededtoevolvewithonlysomeoftheexistingworkforcemakingthe journey with others leaving their positions in search of new opportunities.Despitetheseshifts,thedemandforcybersecurity

  5. Cybersecurity2022:The YearinReviewbySeceonThoughtLeadership-Seceon professionals continued to grow, and the industry remained one of the mostsought-aftersectorsinthetechindustrywithzeropercent unemploymentforjobseekers. 2022SeceonPredictionTwo:Expectadditional ComplianceRequirements Companiesaroundtheworldsawanincreasedemphasis on complianceacrossindustries.Thisincludedmorestringent requirements for data security, privacy, and compliance with a range of laws, regulations, and standards. Organizations of all sizes, from small businessestolargecorporations,hadtoadhere to increasingly complex regulations and policies regarding the protection of personal data and the handling of sensitive information. Companies also had to takeextrameasurestoensuretheirsystemswereprotected from cyberattacksandothermalicious activities.In turn,cybersecurity professionals had to stay up-to-date with the latest security standards and technologies, as well as ensure their systems were compliant with newand existingregulations.Businesseshadtoinvestinnew technologiesandstrategies to meet thenew requirements,suchas cloud computing, threat intelligence, and artificial intelligence. Overall, thefocusoncompliancein2022resultedinaheightenedawareness on cybersecurity threats andastronger senseof responsibility among all stakeholders. Boards of Directors are now asking questions about cyber threats, capabilities, and what they can do to help guide their constituent companies, especially in this area we call risk management and establishing the fact that compliance is non-negotiable. Executive Order14028, therecentrevisionsintheFTCSafeguardsRule,the adoption of several state privacy initiatives (California CPRA, Colorado, Connecticut,Utah Virginia),andrecentdirectivesfrom CISAareall indicativeofincreased scrutinyandlegislativeactiontorequire adherencetosoundcybersecurityandprivacypractice. 2022 Seceon Prediction Three :The quality ofAI algorithms, scalabilityofplatforms behindthosealgorithmsandtheaccuracy ofthe resultsproducedwillbecome forefrontofSOCdemands. AI-poweredcybersecuritytechnologycontinuedtoadvanceatarapid morecentralized.Thisenabledorganizationsto paceandbecome e betterdetectandrespondtosecuritythreats.Automatedsecuritytools,

  6. Cybersecurity2022:The YearinReviewbySeceonThoughtLeadership-Seceon such as machine learning and predictive analytics, were used to better identify and block malicious activities. At the same time, cloud-based securitysolutions werefurtherdevelopedandadopted,allowing organizations to better protect their data andsystems. Cloud-based solutions made it easier to detect and contain threats, as well as to quickly respond toincidents.Theadoption of zero-trust security models also saw a surge in popularity in 2022. This model is based on always verifyinguser identity andaccessrights, rather than trusting users who are already in the system. This helped organizations keep their data andsystemssecureeven when they were accessedfrom outside their networks. Finally, the use of encryption and tokenization also became more widespread in 2022. These security measures help protectdatafrombeingaccessedorstolen,evenifthedatais intercepted. Further, math applied to use cases, should result in a more efficientandeffectiveSOCwithlessalertsandnoisebeinggenerated. AI also offerstheadvantageofsupplying asystem of measureby usingsecurityanalyticstomeasureriskinaprobabilisticmanner, overcomingthechallenge of not being able to quantify the likelihood andimpactthatathreatcanbeimposedonanenvironment. Tomorrow, we will introduce our 2023 Cybersecurity Predictions in Part IIofourblog.Welookforwardtoyourfeedbackandquestions. Address - 238 Littleton Road Suite #206 Westford, MA 01886 Phone no - +1 (978)-923-0040 Email Id - sales@seceon.com Website - https://www.seceon.com/ RecentPost

More Related