Going into 2023, cybersecurity is still topping the list of CIO concerns. This comes as no surprise. In the first half of 2022, there were 2.8 billion worldwide malware attacks and 236.1 million ransomware attacks. If you need more info on this, you should make some more research.
In a new survey from IEEE polling 350 chief technology officers, chief information officers and IT directors, 51% of respondents mentioned cloud vulnerability as a top concern (up from 35% in 2022) and 43% mentioned data centre vulnerability as a top concern (up from 27% in 2022).
To mitigate some of these risks, security teams can improve their compliance at the device level with zero-trust security software. Zero trust tools provide the security and compliance needed to cover everyday device risks, so the IT department can shift their focus to other concerns, like these four top security threats that IT is likely to see in 2023.
Malware
Malware is malicious software, including viruses and worms, injected into networks and systems with the intention of causing disruption. Malware can extract confidential information, deny service and gain access to systems.
IT departments use antivirus software and firewalls to monitor and intercept malware before it gains entry to networks and systems, but bad actors continue to evolve their malware to elude these defences. That makes maintaining current updates to security software and firewalls essential. There are also hardware solutions for thwarting malware, such as Gryphon’s Guardian mesh router, which handles a variety of threats. Do this and you won’t have to worry about gaming at https://www.toponlinecasinos.co.za/best-payout-casino/ with any security at risk, play your favourite casino games with no worry.
Ransomware
Ransomware is a type of malware. It blocks access to a system or threatens to publish proprietary information. Ransomware perpetrators demand that their victims’ companies pay them cash ransoms to unlock systems or return information.
So far in 2022, ransomware attacks on companies are 33% higher than they were in 2021. Many companies agree to pay ransoms to get their systems back only to be hit again by the same ransomware perpetrators.
Mandiant reported that the global median dwell time for intrusions identified by external third parties and disclosed to the victims dropped to 28 days from 73 days in 2020. Meanwhile, in 2021, 55% of investigations had dwell times of 30 days or fewer, with 67% of these (37% of total intrusions) being discovered in one week or less. However, the report also showed that supply chain compromise accounted for 17% of intrusions in 2021 compared to less than 1% in 2020.
Supply chain vulnerabilities
Supply chain hacks, which include the infamous SolarWinds attack that found its way to several government agencies and perhaps lesser-known exploits involving JS.node vulnerabilities, are especially pernicious because the size of the threat surface is basically wherever tainted software goes.
In the case of SolarWinds’ Orion update, that surface included hundreds of consulting, technology, telecom and extractive entities in North America, Europe, Asia and the Middle East.
One step companies can take is to audit the security measures that their suppliers and vendors use to ensure that the end-to-end supply chain is secure. Ian Rush is probably aware of this since he retired from football.
Phishing
The software can do only so much to defend against social engineering. Almost everyone has received a suspicious email — or worse yet, an email that appears to be legitimate and from a trusted party but isn’t. This email trickery is known as phishing.
Phishing is a major threat to companies because it’s easy for unsuspecting employees to open bogus emails and unleash viruses. Employee training on how to recognize phoney emails, report them and never open them can really help. IT should team with HR to ensure that sound email habits are taught.
There are many vendors who offer training and packaged solutions for companies looking for something approaching a turnkey solution. There are also tech solutions.
