Increased Recognition of Cybersecurity Spurs Investment, but May Ignore Internal Risk

Featured article by Grayson Kemper is a Content Developer at Clutch

First, there was WannaCry. Then NotPetya. Now, it’s Equifax.

Parliamentary staff members, the Democratic National Convention, and Hillary Clinton’s campaign were all hacked in the past year.

The recent global cybersecurity history is pockmarked with incidents that have grabbed global headlines, produced outrage, and caused political strife.

What’s more, the cyberattacks listed above are distinct in their size, source, and categorization. WannaCry and NotPetya were large-scale ransomware attacks. Equifax suffered a breach from hackers exploiting an outdated patch in their web application framework. And, Parliament, the DNC, and the Clinton campaign were all penetrated through email phishing scams.

These incidents ultimately illustrate shifting attitudes on cybersecurity. Cyberattacks are no longer incidents, but events, and the coverage and attention they receive demonstrate both the constant presence and growing public awareness of cybersecurity issues.

Omnipresence of Cyber Threats

The FBI reports that since the beginning of 2016, approximately 4,000 cyberattacks occur daily.

“Attacks are eye-opening for companies of all sizes, but in particular for larger companies,” said Tom DeSot, CIO of cybersecurity firm Digital Defense, in a recent Clutch cybersecurity survey.

WannaCry, for example, caused approximately $8B worth of damage worldwide, while Equifax exposed personal information of over 100 million people. If those numbers don’t open companies’ eyes, it’s hard to imagine what will.

Investing in Cybersecurity Technology Protects From External Threats

Cybersecurity events initiate a reactionary chain of events that drive companies to recognize cyber concerns: the higher the stakes of a cybersecurity event, the more attention they receive, which leads to more pressure on companies, particularly large companies and enterprises, to shore up their cyber defenses

Clutch’s survey indicates that 70% of large US companies plan to invest more in cybersecurity over the next year. Companies also say that protection from external threats is the primary benefit of a cybersecurity policy. Thus, investing in cybersecurity represents means to increase protection from malicious external attacks.

“Companies that invest more in cybersecurity can afford to hire in-house resources or a cybersecurity company to combat cyber threats,” the survey reads.

In fact, one-third of the respondents said investing more in technology will improve cybersecurity policy the most of any particular measure or policy revision.

Internal Vulnerabilities: Human Error

However, increasing technology investment may not be the most effective method to ensure cybersecurity. As opposed to technology investments meant to keep pace with the evolving cybersecurity landscape, examining simple, internal gateways may best defend contemporary cyberattacks.

According to Symantec’s 2017 State of Internet Security (link),

While cyber attacks managed to cause unprecedented levels of disruption, attackers frequently used very simple tools and tactics to make a big impact. Zero-day vulnerabilities and sophisticated malware now tend to be used sparingly and attackers are increasingly attempting to hide in plain sight. They rely on straightforward approaches, such as spear-phishing emails and “living off the land” by using whatever tools are on hand, such as legitimate network administration software and operating system features.

Companies surveyed by Clutch indicate suffering similar patterns of cyberattacks: over half of companies experienced a phishing attack over the past year.

Email phishing attacks, though, are a product of internal error as much as they are external malicious intent. CompTia’s 2016 “International Trends in CyberSecurity” report indicates that human error outstrips technology risks as the major cybersecurity pain point for companies across the globe, a problem that is increasing over time.

Modern work practices contribute to the degree of human risk businesses are subjected to. An increase in remote working and “bring your own device” (BYOD) policies expose company networks. 89% of companies allow companies to work remotely, and 10% allow them to do so without any restrictions. The lack of oversight of unrestricted remote work, even for a group as small as 10%, opens a massive vulnerability for infiltration and attacks.

Solution for Internal and External Threats: Communication and Training

To curb internal risk, companies focus on clear communication and proper training of their cybersecurity policies. At least three-fourths of firms implement communication, monitoring, and training regulations or guidelines as part of their cybersecurity policies.

Formal and effective communicating and training processes better inform and teach employees the cyber risk landscape their companies face and how to respond to them. Better informed employees reduce internal exposure and prepare companies to respond effectively to external attacks.

Bio: Grayson Kemper is a Content Developer at Clutch, a B2B research and reviews firm based in the heart of Washington, DC. He specializes in IT and SEO research.