Since the pandemic, working environments have changed dramatically as the workforce shifts to remote working. This trend is very important to the CISO, for both ensuring that remote workers are set up with the correct security measures in place and also for ensuring that workers are properly security trained.
As workers are more likely to be distracted in their home environments, without someone to immediately ask should they come across a suspicious looking email, the risk of insider threats increases massively.
As a result, Security Training should be a top priority for CISO’s who have home workers in their team.
According to Forrester, 60% of security incidents in 2022 will result from issues with third parties.
Recent attacks such as the SolarWinds attack have marked the growing sophistication of cyber criminal techniques, threatening organizations that choose not to invest in third-party risk management.
The 2020 SolarWinds attack which caused over 18,000 of their customer’s data, including major firms such as Microsoft and government agencies to be leaked, was caused by a supply chain attack of their adopted software “Orion”.
Disguised as a security update, victims were unknowingly downloading malware onto their systems, allowing the criminals to gain access and lay dormant for 9 months.
This major attack highlighted the importance of vendor risk management and has led to many CISOs adopting frameworks such as Zero Trust Network Access (ZTNA).
The Zero Trust model is often associated with the phrase “Never Trust, Always Verify” and with strong authentication in place, attacking via a third party would be much more difficult for a malicious actor.
In a post COVID world, cloud migration is becoming a necessity for businesses, with former Gartner analyst, Brad LaPorte predicting that by the end of 2022, 70% of all enterprise workloads will be deployed in cloud infrastructure and platform services.
CISO’s are therefore wary of the fact that this cloud migration is likely to attract cyber criminals, and so ensuring cloud security will be another priority for the CISO.
This increasing demand for cloud-based security may also act as another driving force for organizations to adopt superior frameworks such as Zero Trust (ZTNA).
Over the past year, Ransomware attacks in the UK have doubled according to the director of GCHQ, Jeremy Fleming for which he continues that “Criminals are making very good money from it and are often feeling that’s largely uncontested.”
The impact of these attacks is supposedly set to cost the UK hundreds of millions of pounds, mostly stemming from the costs of immobilising businesses.
There are a number of factors that can lead an organization to become vulnerable to a Ransomware attack such as; outdated software and devices, browsers that aren’t patched, lack of backing up data and insufficient attention to cybersecurity.
CISO’s will have cybersecurity on top of their priorities. Ransomware attacks can have crippling consequences for businesses, and investing in cybersecurity is a small price to pay in comparison to the risks.
The General Data Protection Legislation (GDPR) is now entering its fourth year. Since the data privacy law began, the pandemic has caused a growing use of digitalization.
This growth has caused emerging trends of data security. For example, GDPR is being adopted on a more Global scale, for which according to a recent IAPP poll, GDPR compliance grew by 7% in 2021.
As well as this, the increase of new digital software with this growing digitalization is leading to nations curating their own national privacy laws to avoid breaches of security.
Global growth and emergence of updated laws are just a couple of the signs that GDPR may be revised in the near future, which may likely affect many organizations this year.
Book your demo with one of our trendiest cybersecurity partners, who are keeping up with the ever-changing world of cybersecurity, implementing the latest Frameworks such as Zero-Trust into their solutions and ensuring that you are covered from every aspect.
Wether it be security flaws in cloud migration, third party risk or remote workers, the vulnerabilities are there and the risks are increasing. To be fully prepared, book your demo below to learn more about the latest solutions from Censornet.
Protect your data in the cloud
Share this story
We're a community where IT security buyers can engage on their own terms.
We help you to better understand the security challenges associated with digital business and how to address them, so your company remains safe and secure.
