April 2021 Roundup – Latest News, Trends & Updates in Data Centric Security
Security Spending Doubles but Two-Fifths of Firms Suffer Breaches
Cybersecurity spending across the US and Europe has surged over the past year, but so too have security breaches, from 38% to 43% of businesses surveyed by Hiscox.
It revealed that the average firm now spends more than a fifth (21%) of its IT budget on cybersecurity, an increase of 63% in a year, with mean spending per firm more than doubling in two years — from $1.45 million to $3.25 million.
However, this money isn’t necessarily improving outcomes, given that successful attacks are on the rise. Over a quarter (28%) of those targeted suffered five or more such attacks, with almost a fifth (17%) claiming the financial impact materially threatened the company’s future.
Ransomware had a major impact on organizations last year: 16% suffered attacks and over half (58%) paid up, rising to 71% in the US, according to the report.
Businesses are not fully secure as they have not been focusing on their security strategy as a core focus. They have been taking security steps only when there is a security breach. Multiple factors combining and the recent pandemic rise have given the opportunities for hackers to exploit the vulnerabilities.
There has been an increased interest in the dark web for data and hackers are paid a huge amount to hack databases of businesses. While most businesses have been taking a perimeter security approach, it is not a viable solution now. Data that is exchanged between various parties and downloaded on their systems are more open to attacks.
Businesses must ensure that they protect their data especially their intellectual property with a strong security solution that would protect the data and not allow unauthorized access even if it is downloaded on a partner or vendor system. Protecting the data with a strong data-centric solution based on the Zero Trust principle may be the only solution that can prevent such breaches.
Cybersecurity Services Market to be Worth $192.7bn
The global cybersecurity services market will be worth $192.7bn in seven years’ time, according to a new report by Grand View Research, Inc.
Researchers believe that the market size, valued at $91.15bn in 2020, will expand at a compound annual growth rate (CAGR) of 10.2% from 2021 to 2028.
This clearly shows that the frequency and intensity of cyber scams and crimes have increased over the last decade, resulting in huge financial losses for many businesses.
As incidents of cybercrimes increased significantly, businesses worldwide have diverted their spending on advanced information security and data security technologies to strengthen their security infrastructure.
The number of insider threats as well as the need to meet the compliance requirements have also forced businesses to invest in security solutions and real-time alerts of cyberattacks.
Large enterprises with more revenue share have increased their spending on security solutions and services to be prepared against any cyberattacks.
Ransomware Recovery Costs Near $2M
The cost of recovering from a ransomware attack has more than doubled in one year, Sophos researchers report.
The average total cost of recovery from a ransomware attack has more than doubled in a year, increasing from $761,106 in 2020 to $1.85 million in 2021. The average ransom paid is $170,404.
The figures come from Sophos’ new survey, “The State of Ransomware 2021”. The report also reveals that only 8% of organizations managed to get back all of their data after paying a ransom, and 29% received no more than half of their data.
Cybercriminals use ransomware to block organizations from accessing their critical business data to extort ransoms. Organizations should use a data protection solution that blocks unauthorized access and provides data encryption effectively.
Access control defines which users have authorized access to which files and data and it explains what specific operations can be performed by the user on the specific data. Fine-grained access control policies can help prevent unauthorized access.
Data encryption protects data wherever it resides. Once data is encrypted it becomes useless for the cybercriminal and since it is already encrypted it becomes difficult for the ransomware to detect it and attack. Organizations should therefore have strong detection mechanisms to quickly identify breaches and have a restoration process in place.
Attackers Actively Seeking, Exploiting Vulnerable SAP Applications
Analysis of threat activity in mission-critical environments prompts CISA advisory urging SAP customers to apply necessary security patches and updates.
Threat actors are actively exploiting unpatched vulnerabilities in SAP applications, including in mission-critical environments such as enterprise resource planning (ERP), supply chain management (SCM), product life cycle management (PLM), and customer relationship management (CRM).
In some instances, attackers are developing exploits for newly vulnerable cloud-hosted SAP applications less than 72 hours after the company has released patches for them, according to a new report from Onapsis and SAP.
Threat actors leverage faults in unsecured SAP applications exposed to the internet to commit financial fraud, deploy ransomware or disrupt businesses.
SAP applications that bypass common security and compliance controls are usually more prone to attacks. Hackers steal sensitive information, stop operations or disrupt critical business processes.
They usually target Supply Chain Management, Customer Relationship Management, Enterprise Resource Planning, Human Capital Management, and Product Lifecycle Management solutions.
One of the main reasons for such attacks is the governance gap in terms of cybersecurity and compliance of their mission-critical applications that allows external and internal threat actors to access, exfiltrate and gain full control.
SECUDE is an established global data security provider offering innovative data protection for SAP users. It’s products leverage Microsoft Information Protection (MIP) to protect data and other intellectual property downloaded from SAP.
It’s innovative Zero Trust approach allows enterprises to maintain a high level of control and security over data extracted from within SAP and outside the organization.
Healthcare organizations implementing zero trust to tackle cyberattacks
It is widely known that the healthcare industry is a primary target for cyberattack, with increasingly sophisticated and highly motivated adversaries seeking to exploit both human and technological vulnerabilities more frequently than ever before.
To better defend their networks, systems, and devices from an ongoing barrage of attack techniques, healthcare organizations are increasingly turning to zero trust architecture, which does away with the traditional security perimeter, assuming that every user and every device on the network could potentially be malicious.
In a Zero Trust approach, every device is treated as a threat vector and anything that cannot be verified is denied access. Given the interconnected nature of the future, it is clear that the current perimeter-based security model that most healthcare organizations use will no longer be effective.
Zero Trust security isn’t accomplished by deploying a single tool or platform, rather, the approach usually involves technologies from all these categories – device security, network security, workload security, identify and access management, visibility tools, and orchestration platforms.
The Zero Trust model in healthcare is much safer because the perimeter is no longer there – it is constantly moving, and constantly being accessed by a range of people of devices, with varying degrees of protection. When done right, Zero Trust can protect the integrity and availability of patient data and care.