Today’s job market is inundated with job offers and postings, meaning top-tier candidates have their pick of the litter. Attracting and retaining quality employees requires more than just a competitiv...
#BeCyberSmart: Overcoming 2021's Greatest Cybersecurity Challenges
Cybersecurity Awareness Month has arrived! The theme for 2021 is “Do Your Part. #BeCyberSmart.” This message is meant to empower individuals and business leaders to own their role in protecting their part of cyberspace. If everyone does their part, we can build a safer and more resilient digital environment for everyone to enjoy.
The first full week of Cybersecurity Awareness Month focuses on best security practices and highlights general cyber hygiene to keep your data—and your clients’ or customers’ data—safe from cyberattacks.
Many broad and consequential cybersecurity breaches in the past year have provided a chilling reminder to business leaders around the world about the heightened threat of cyberattacks. As a result, cybersecurity has become a board-level issue for many firms in 2021.
- Corporate leaders have already begun elevating the importance of cybersecurity to their companies.
- But recent high-profile attacks show how much more needs to be done in the year ahead.
In this blog post, we’ll evaluate data from the World Economic Forum's Global Risks Report 2021, which ranks cybersecurity high among global risks to businesses. We’ll also take a look at the top four cybersecurity challenges that businesses need to overcome to thrive in 2022 and beyond.
Challenge #1: Increasingly Complex Digital Landscape
Digitization was already a major component of our lives before COVID-19 hit in 2020, but the global pandemic increased rates of digital adoption across the board. Businesses that might not have leaned as heavily on technology pre-pandemic are doing so now. Restaurants, for example, have largely embraced managing to-go orders in a digital environment.
We wouldn’t have been able to navigate the major transition through the pandemic without increased reliance on digital technology, but this also means we’re more vulnerable to cybersecurity threats today.
Challenge #2: Remote Work Decreases Efficacy of Traditional Network Perimeter
One of the most broad-reaching effects of the COVID-19 pandemic has been the massive shift to remote work. Statistics from a survey conducted by Upwork found that over half the American population was working remotely at least in some part in Q2 2021, and 41% of those workers are fully remote.
This shift in the traditional work model has created unique cybersecurity challenges for employers, including the decreased efficacy of their trusted security tactics. According to Deloitte, “Remote work has obliterated many remnants of the traditional network perimeter, and with it the concept of perimeter security, where virtual “fences” keep the bad guys out. Identity has become the new paradigm of enterprise security – if you can ensure that only the right resources are accessed by the right people doing the right things, then you have a more secure environment.”
Two ways to do this are:
- Keeping administrative access separated for a need-to-know only basis. This also prevents a perpetrator from getting all the keys to the kingdom in one stroke.
- Deploying multi-factor authentication for access to ensure that the perimeter is only available to those with permission to access it.
Challenge #3: Fragmented and Complex Regulations
According to the World Economic Forum’s 2021 report, “Privacy and data protection regulations are necessary, but can also create fragmented—and sometimes conflicting—priorities and costs for companies that can weaken [their cyber] defense mechanisms. Within organizations’ budgetary boundaries, companies have to defend and protect against attacks while they also seek to comply with complex regulations.”
If you have cyber liability insurance for your business, you want to make sure your broker has a thorough understanding of the complex regulatory landscape that affects your organization.
Challenge #4: More Interconnected Businesses Now Vulnerable to Supply Chain Hacks
According to the report mentioned above, “Organizations operate in an ecosystem that is likely more extensive and less certain than many may recognize. The concentration of a few technology providers globally provides many entry points for cybercriminals throughout the digital supply chain.”
In a supply chain hack, cybercriminals target a company’s trusted vendors or IT-service providers with the goal of inserting malware into the “supply chain” of software updates that they provide their clients. These vendors and IT companies tend to have hundreds of clients, so a successful supply chain attack would grant cybercriminals virtually unlimited access to all of their clients’ data and the customer data for each company in the supply chain.
Cybercriminals have tended to target major companies and key pieces of infrastructure in the past, but given that supply chain hacks allow criminals to access entire networks of companies from a single access point, small and mid-sized businesses that wouldn’t otherwise look like appealing marks are now much more vulnerable to attack.
One easy way to help your organization be less susceptible to vendor and supply chain attacks is to make sure that tight procedures are in place in the event that any accounts receivable or payable accounts are authenticated to the primary source if a change is requested. Remember, most accounts do not change their bank accounts. Make sure your employees challenge those that do!
Related Reading: Supply Chain Hacks Threaten U.S. Companies. Is Yours Protected?
While cyberattacks are devastating for those who are ill-prepared, cyber liability insurance provides valuable resources to help regain lost business. Although prevention should be the primary focus of your cybersecurity strategy going into 2022, it’s wise to have a plan in place in the unfortunate event that you are faced with a breach. Cyber liability insurance will help ensure that you’re prepared for any repercussions from a cyberattack or data breach, including loss of trust from employees and customers.
As we kick off Cybersecurity Awareness Month 2021, remember to #BeCyberSmart for your business!
Related Categories
Fraud & Cyber SecurityJeffrey Julig
Jeffrey Julig joined SWBC in January 2016 and currently serves as Senior Vice President and Chief Information Security Officer (CISO). He leads a dedicated team of security and business continuity professionals, ensuring the protection of SWBC’s diverse business lines from internal and external threats. His mission is to safeguard the security, privacy, and resiliency interests of the organization and its clients. Before joining SWBC, Jeffrey served in the United States Air Force for over 25 years, honing his leadership and technical skills in high-risk, no-fail national security environments. He attended the Department of Defense Cybercrime Investigations Training Academy (DCITA) and is a former certified digital forensics examiner. He completed the San Antonio FBI Citizens Academy and is currently a member of Cybersecurity San Antonio and InfraGard San Antonio. Jeffrey earned a Certificate of Achievement in Advanced Cybersecurity from Stanford University and completed Stanford’s Cybersecurity and Executive Strategy course. He holds a Bachelor of Science in Cybersecurity from the University of Maryland University College. Additionally, he earned 14 professional certifications, including Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Information Privacy Technologist (CIPT), and global information assurance certifications (GIAC) in Strategic Planning, Policy, and Leadership and Law of Data Security and Investigations.
Let Us Know What You Thought about this Post.
Put your Comment Below.