What was the impact of decentralised working? An exponential increase in the volume of new operational challenges confronting organisations, addressing the cyber skills gap, the growth of supply chain attacks, and the ever-increasing social engineering scams. These topics will be discussed in greater detail as we highlight the six key cyber security challenges that organisations faced in 2021.
1. Addressing the Cyber Skills Gap
One of the biggest challenges that organisations faced throughout 2020 and 2021 was the growing shortage of cyber security skills. With 3.5 million cyber security jobs unfilled in 2021, many businesses simply couldn’t hire enough cyber security professionals to secure their infrastructure against external attackers. Those who struggled to address this gap found that they either had to increase their budget and spending to attract qualified cyber security professionals to fill vacant roles or manage on ‘best efforts’ with an understaffed security team. 1. Addressing the Cyber Skills Gap The potential of managed security services to address the cyber skills gap is a key reason why the global managed detection and response market is expected to grow significantly. By 2025, it is expected that 50% of organisations using MDR services for threat monitoring, detection and response functions that offer threat containment and mitigation capabilities. However, some organisations considered their best alternative to address the skills shortage by incorporating managed security services into their infrastructure. By outsourcing elements of their security requirement, they were able to increase their security competencies but without the need of hiring in-house. Solutions such as Managed Detection and Response (MDR) and Incident Response (IR) services ensured that they maintained valuable access to cyber security expertise on a subscription basis, rather than paying for new hires upfront.
2. Mitigating Supply Chain Attacks
Throughout 2021, attacks on the supply chain presented a persistent threat to enterprises, with attackers targeting third-party service providers to gain access to the data of downstream organisations. Between January 2020 to early July 2021, 24 significant supply chain attacks were reported, with 50% of the attacks attributed to well-known Advances Persistent Threat (APT) groups. It is predicted 2. Mitigating Supply Chain Attacks that there will be a four times increase in supply chain attacks in the coming 12 months. The uptick in supply chain attacks has meant that companies have to be much more diligent about which third parties they include in their extended technology supply chain, as any third-party access increases the risk of a data breach.
Organisations have often provided excessive access and permissions to employees, partners and other third-parties. By implementing least privileged, and assigning all persons and software necessary permissions only, an organisation will mitigate risk. Privileged Access is a key tool in the fight against supply chain threats.
3. Remote Working is the New Norm
The widespread adoption of remote working has led to some significant security challenges, as employees use their own devices to access enterprise resources and systems, while moving beyond the protections of the office network. While half of employees say they now see their work devices as personal devices, 84% of IT decision-makers worry such behaviour increases their company’s risk of a security breach. In the distributed world, strong identity policies are essential. Many organisations are making Identity the cornerstone of their Zero Trust journey. Getting the basics like multi-factor authentication 3. Remote Working is the New Norm (MFA) right allows for focus on Privileged Access and Enhanced Entitlements. In addition to the tools and policies, in 2022 organisations are going to have to be much more proactive in supporting their staff with adequate training to become more securityconscious. Simple steps of security best practices provide them with the knowledge of how to select strong passwords for accounts and devices, encrypt Wi-Fi connections with VPNs, regularly update devices and software, and spot phishing scams.
4. Social Engineering and Phishing Attempts
As organisations’ defences become more decentralised, attackers have relied increasingly on manipulating employees to get access to sensitive information. In fact, throughout 2021, the most common type of cyber-attacks were phishing attacks, which targeted 83% of UK organisations. Phishing attempts were widelyused because an attacker only needs to impersonate a trusted individual or company and email the victim to trick them into giving up sensitive information, to get access to privileged data. One example of this was the Office 365 spear-phishing campaign that took place throughout 2020 and 2021, where a fraudster sent Office 365 customers invoice-related emails with XLS. HTML attachments to trick them into visiting a fake portal site and entering their login credentials. 4. Social Engineering and Phishing Attempts Phishing and social engineering style attacks are popular tools for cyber criminals because there’s no single software solution that can stop them, as they only need to trick an employee into logging into a fake website or handing over their login details to gain access to information they wouldn’t have had otherwise.
5. Getting to Grips with Cloud Security
While many organisations migrated to the cloud during the pandemic, leveraging new cloud applications and using technologies like containers and microservices to enhance productivity, only few have successfully protected all their environments from malicious threat actors. For many, the discussion on whether to move to the cloud instead became a discussion about how to get there securely and remain secure while there. According to an IDC survey of 200 security decision-makers, 98% of companies surveyed had experienced at least one cloud data breach in the past 18 months compared to 79% in 2020. This indicates that while cloud adoption has unlocked new collaborative possibilities and enhanced agility for 5. Getting to Grips with Cloud Security organisations, it has also increased the potential for security vulnerabilities and the need for new, cloud-friendly approaches to cyber security. These include but are not limited to concepts such as cloud security posture management (CSPM), cloud workload protection platforms (CWPP) and cloud infrastructure entitlement management (CIEM), that are tailored to be effective in the increasingly diverse hybrid cloud environments where enterprise workloads are processed. Another approach on the rise is Secure Access Service Edge (SASE), where an organisation determines which devices or entities have access to cloud systems to offer employees secure zero-trust access to the cloud.
6. IT Security Changes to OT Security
As modern threats become more complex, not only endpoints in office environments are targeted but also Operational Technology (OT) systems in industrial environments. This growing attraction to industrial systems leaves essential sectors such as manufacturing, energy, utilities, and healthcare highly vulnerable as attackers attempt to cause operational disruption.
Research shows that over 90% of OT organisations have experienced cyber incidents in the past year. These attacks included phishing attempts to malware, insider beaches, vulnerability exploits, mobile security breaches, ransomware, and DDoS attacks. Many of these attacks not only put systems out of action and reduce physical safety of employees at risk.
The vast volume of sophisticated OT attacks indicates the need for industrial organisations to transition away from traditional ITfocused security approaches to OT-focused ones. This shift will allow them to proactively ensure the security and availability of their equipment and continuous patching further ensures that there are no vulnerabilities for attackers to exploit.
If you have concerns around any of the areas highlighted in the above challenges or would like to discuss any of these areas in further detail please contact us to arrange a meeting with some of our expert team.