To be able to succeed in the post COVID-19 era, CISOs will need to reallocate their budgets and begin planning for strategies and offerings to safeguard their organisation. Adam Gordon, Country Manager ANZ at Varonis, discusses some of the budget priorities for CISOs in 2021, from ransomware detection technology to remote data security.
2020 was a tough year for CISOs around the world – and 2021 will continue to pose new challenges. The rapid introduction of new services to facilitate the transition to remote working has resulted in a phenomenal increase in cyber-risk and its safe to say no CISO has been left with an empty plate of work.
To be able to succeed in the post-COVID-19 era, CISOs will need to reallocate their budgets and begin planning for strategies and offerings to safeguard their organisation. There are four key security challenges that will most likely impact every CISO this year.
Ransomware’s reign of terror growing stronger each day
Ransomware attacks are increasing in prevalence – and unfortunately, commercially successful organisations make attractive, high-profile targets for hackers. If a business is doing well, its share price is rising and it’s getting media attention, and it’s also getting attention from ransomware developers and deployers.
Hackers will likely be able to identify the market analysts who regularly contact its senior executives to inform their analysis. They will most certainly know the names of those executives, and just one carefully crafted spearfishing email could deceive a CFO into downloading ransomware or malware and precipitating untold damage on the business and its reputation.
According to Verizon’s 2020 Data Breach Investigations report, ransomware is the number one cyberthreat facing large organisations, and it’s growing.
It’s well-known that paying the ransom doesn’t always resolve the problem. Even if it does, it can put the company in breach of the law if it is a US-based company, or the subsidiary of one: specifically, the International Emergency Economic Powers Act (IEEPA) or the Trading with the Enemy Act (TWEA).
This indicates the need for CISOs to be able to detect and disable ransomware before it can do any damage; highlighting the need for ransomware detection technology as one of the budget priorities for CISOs in 2021.
Using automation to find the needle in a haystack
Data security and compliance go hand-in-hand. Data can go anywhere unless user access is constrained and that creates risk for any organisation and its customers. It’s essential that all the data a company holds is subject to appropriate rules, but the challenge of achieving this is becoming greater.
According to Varonis’ 2021 Financial Data Risk Report, new hires at financial institutions have, on average, unrestricted access to 11 million files from the day they join. If staff are working remotely, every connection is a potential attack vector that could give a criminal access to everything your own employees can open, copy, change or delete.
Aside from external hackers, organisations need to be aware of insider threats. In 2020, COVID-19 put unusual, and often invisible, stresses on people at every level in most organisations. Heightened stress levels led to abnormal behaviour and greater vulnerability, and according to Forrester, can lead to an increase in insider threats.
Regardless of whether this abnormal behaviour is a result of internal or external threats, it’s possible to detect such behaviour before it manifests into a threat. Security tools powered by AI can establish baseline behaviour patterns of how people use technology, and automatically notify security teams when there is significant deviation. For example, these tools can raise an alert if an employee is accessing sensitive files that have no relation to their role, which may indicate intent to harm their organisation.
With data privacy legislation in many jurisdictions becoming tougher each year, protecting a company’s files manually is an impossible task. Automation tools that classify files raise an alert if they are moved and restricted access should be an essential part of any CISO’s cybersecurity budget.
Protecting your network, wherever it’s being accessed from
Remote data security should be an essential part of every CISO’s budget.
It’s clear from the experience of 2020 that remote working is here to stay. It not only shifts costs from capital expenditure to operating expenditure, but also enables an organisation to access good talent no matter where it is located.
The downside is that remote working brings a considerable increase in security risk, through the use of home Wi-Fi networks for example, which are often shared with family members and connected to notoriously insecure devices. Every additional connection to the corporate network is another potential attack vector.
Click below to share this article