Five cyberattacks most commonly victimize U.S. businesses, according to data gathered by Statista. Phishing schemes top the list at 37%, followed fairly closely by network intrusions at 30%. Down the scale considerably are the inadvertent disclosure of data or login credentials (12%), lost or stolen records or devices containing records (10%), and the misconfiguration of systems, system settings, or system software (4%).
Numerous sources have identified phishing as the primary cause of cybersecurity incidents or data breaches.
Those actions typically involve clicking on links, opening attachments, or sending a reply to the spoofed email.
Phishing relies on employees who are too busy, who are distracted, or who are poorly trained in spotting suspicious or spoofed emails. (Or, in rare cases, suspicious or spoofed phone calls.)
Popular Phishing Formats. The most popular phishing format today, by far, is spear phishing. This is a highly focused attack targeting an individual, a group of users, or a single company. It takes a rifle rather than a shotgun approach, in which the phishers criminally gather information about their specific target in order to be more successful.
Another common type of phishing is whaling, which attempts to exploit high-level executives or other high-value targets with appeals they are likely to respond to. Another is clone phishing, in which attackers use a legitimate employee or executive email they have stolen and tweak it to look like an authentic part of an ongoing email conversation.
According to a survey by ISACA, when employees were asked to choose between a secure Internet connection and a fast connection, one-third went for speed over security. And 20% admit to having been victimized by a phishing scheme. Phishing works.
More and more companies, especially SMBs, are using cloud-based services for collaboration, data backups and storage, and other important business needs. These and other services fall under the general term Cloud Computing.
Clients store their data with a cloud service provider and access the data over the Internet. Cloud service providers may maintain multiple cloud locations, and some value security more than others. These facts present a number of data security challenges, most of which are the responsibility of the cloud service client.
According to McAfee, a well-known U.S.-based computer software security company, the cloud computing customer is responsible for protecting their data from security threats and controlling access to it. This is true in every cloud service, from cloud software such as Microsoft Office 365, Azure, and Teams to infrastructure services like VMware and Amazon Web Services.
Common Challenges. One of the most common challenges for cloud service clients is the inability to monitor and control their data as it comes and goes between cloud applications and their users’ computers. This is closely related to having incomplete control over who can access sensitive data in the cloud. Another challenge is the lack of visibility to their data and lack of certainty as to exactly what data is in the cloud.
Recent ransomware attacks have involved large service providers and their multitudes of clients, as in the Blackbaud incident. As a result, cloud service providers and their clients are increasingly becoming the targets of malicious attacks. Many believe that if a company like Blackbaud can be victimized, and in turn its downstream clients, it can happen to any service provider.
All of this has compelled cloud service clients to become more proactive in managing their cloud security, both in-house and at third parties. Increasingly, clients are recognizing that they must implement better controls at virtually all points.
The third theme that is driving changes this year is the shortage of skilled information technology and data security professionals. The supply of skilled, experienced, and/or certified labor appears to be shrinking just as demand for these services is growing. This is all the more surprising given our public education system’s focus on science, technology, engineering, and mathematics (STEM) education in the past decade or more.
Negative Impact. Tech teams are often overwhelmed by the sheer volume of data their networks and systems collect. With staff sizes down due to the skills gap, it is easier for staff to overlook event alerts and improperly prioritize events requiring attention. Often there is no way to separate noteworthy or actionable events from background noise that can mask a data breach or other cybersecurity event.
Clearly, we must continue promoting STEM education among elementary and high school students, and technical certifications among tech workers new to the cybersecurity profession. The need to have humans at the helm is not going away. However, at least one emerging solution promises to address the skills gap sooner rather than later.
Three themes are dominating the cybersecurity landscape this year.
The skyrocketing number of phishing schemes leading to ransomware attacks is driving greater corporate investment in employee security training. Spear-phishing targets employees as whale-fishing targets executives and all levels and groups within an organization require training to learn to recognize suspicious emails.
With universes of data stored and used in the cloud, service providers have become highly attractive targets for ransomware attacks that also impact their downstream customers. Those clients are increasingly proactive in demanding accountability from their cloud service providers, as well as in hardening their own cybersecurity for cloud applications.
A cybersecurity skills gap in the U.S. has contributed to IT staff shortfalls and increased vulnerability in many businesses. A growing inventory of cybersecurity software is leveraging machine learning and artificial intelligence to bridge the gap and provide new levels of data protection.
The need for smarter employees, smarter software, and smarter cloud security is driving solutions that are the hot themes of 2021.