By CISO TJ Minichilo
Work may never be the same again as the world continues to grapple with the pandemic as the world transitions from an office-based business environment to a fully remote working environment, and now a mix of the two. According to one survey, only 11% of companies expect all employees to return to full-time positions. National Association of Entrepreneurs. The new normal is a hybrid model. More than half of knowledge workers At least part of the week I work remotely.
risky business
As COVID-19 accelerates the already growing threat attack surface, the security implications are far-reaching. Cybercriminals know that many home environments are unsafe and that new data paths between offices and remote workspaces increase their chances of success.
last year, Google Verizon detected a record 2 million phishing websites and saw an 11% increase in phishing breaches. 2021 Data Breach Investigation Report. Ransomware attacks have doubled.
The cost of attacks is also increasing. By 2021, the cost of a data breach rose to the highest average in 17 years since IBM and the Ponemon Institute began producing data. data breach cost report. Naturally, if remote operation was a factor, the cost of a breach increased by more than $1 million. Demand for ransomware has skyrocketed and cyber gangs are demanding money not only to decrypt files, but also to stop selling data stolen during an attack. There is no guarantee that they will respect you. acer He is said to have demanded a ransom of $50 million. JBS while paying $11 million Kia Motors sold for $20 million.
The more breaches and more expensive, the more likely the price of cyber insurance – if you can get it – will skyrocket or even double over the next few years. an industry insider says.
Despite these ominous threats, employees routinely downplay the need for security. Nearly half of the world’s workers 2021 HP Wolf Survey They complained that the security measures were a waste of time. Thirty-six percent said meeting deadlines outweighs the risk of exposing their organization to data breaches, and some admitted that they attempted to circumvent security policies. As security professionals, it is our responsibility to protect our employees from themselves.
The response of the IT security team, who kept the company’s security intact and believed (correctly) that their concerns were being ignored, was far more disastrous. 76% of IT professionals said security was pushed back from business continuity during the pandemic, and 91% felt pressured to compromise on security for the same reason. 83% said telecommuting has become a “time bomb” for network breaches.
A new approach to data security
Clearly, traditional data protection measures are not shortening the era of hybrid work. Leaked connections to corporate networks and applications are growing exponentially, and a single click of a phishing link for an employee can lead to a security breach, ransomware attack, or both. For cybercriminals, the rewards are greater than ever.
Regular security training can help educate and raise awareness of employees, but organizations need more robust ways to protect sensitive information.
Imagine that data can become its own stronghold against cybercriminals by protecting itself. What if your data could have been injected with so much intelligence that it could automatically refuse to open if it was in an unauthorized location or in the hands of an unauthorized user on an unauthorized device? What if you could be constantly aware of your surroundings and report to owners in near real time from anywhere in the world? And what if data owners had strong controls to allow, revoke, or deny access to their information, regardless of the platform or device on which the information is stored?
Self-protecting, intelligent, self-aware data represents a large-scale security paradigm shift that is proactive rather than reactive or remedial. This automated, fine-grained control frustrates and repels threat actors while keeping sensitive data safe without reliance on overburdened operators or IT staff.
Keyavi launched this groundbreaking technology last year. Because in the age of hybrid work, the stakes are too high to give cybercriminals an edge.
To learn more, visit: keyavi data.
About the author
TJ Mini Chilo of keyavi data Chief Information Security Officer (CISO) and Vice President of Cyber Threat and Intelligence. He is a nationally renowned cybersecurity and intelligence expert, helping detect and stop many of the world’s most important cyberthreats. He has held strategic intelligence roles in the financial services, military and energy sectors, including Global Head of Threat Intelligence at National Grid and Morgan Stanley, Deputy Director of the Citigroup Cyber Intelligence Center, Chief Cyber Intelligence Officer at Merrill Lynch, and Chief Intelligence Specialist. from the Ministry of Defense. follow him Twitter and LinkedIn.
I think you can add something like Given this, as a security profession, we must help our employees protect themselves.