A survey of 1,600 chief information security officers found that more than two-thirds of them (68%) expect a “physical cyberattack” on their organizations in the next 12 months.
The survey, which forms the basis of the annual “Voice of the CISO report” by Proofpoint, an enterprise security company, showed a clear shift among security chiefs in attitudes toward future threats to their organizations. Just 12 months ago, less than half of CISOs (48%) saw a cyber attack on their horizon.
This apparent change suggests that security professionals see the threat landscape as heating up once again, the report noted, and they have readjusted their concern levels to match.
“As we emerged from the pandemic, security leaders realized they were able to implement more long-term controls to protect their work environment, so there was a sense of peace,” said Lucia Milica Stacey, Global Resident CISO at Proofpoint.
“However, as the volume of attacks continues to rise, along with geopolitical tensions and global economic uncertainty, a lot of the optimism is gone,” he told TechNewsWorld.
reasons for pessimism
According to security experts, several factors may be contributing to CISOs’ concerns about rising cyber attacks.
“New vectors of attack continue to emerge – software supply chain compromise, third party and SaaS systems involving APIs, AI-related security risks – each requiring new defensive strategies and skills,” said Carl Mattson, CISO of Nonum Security , a provider in Palo Alto, Calif., of a cloud-native API security platform.
“Meanwhile, traditional threats like ransomware or web application attacks are never going away,” he told TechNewsWorld. “With security budgets and staffing levels remaining largely flat, the stage is set for greater risk exposure this coming year.”
The proliferation of endpoints in the enterprise also gives CISOs increased cause for alarm.
Darren Guccione, CEO of Keeper Security, a password management and online storage company, said, “IT leaders are finding it increasingly difficult to gain comprehensive visibility, security, compliance and control to protect every employee, on every device, from every location. ” in Chicago.
“The expanding attack surface specifically related to cyberattacks is on the rise and IT security teams are competing for talent as macroeconomic conditions tighten budgets,” he told TechNewsWorld.
Adoption of the model as a service by threat actors increases the likelihood of an organization being attacked over the next 12 months. “Phishing as a service and ransomware as a service enable a significant increase in the number and scale of cyber attacks,” explained Avishai Avivi, CISO of SafeBreach in Tel Aviv. , Israel.
“At that point, it becomes a statistical reality,” he told TechNewsWorld. “The more attacks, the more likely an attack is to succeed.”
insider threat to data
Proofpoint also reported that CISOs believe employee turnover poses a risk to data security. More than eight out of 10 security chiefs (82%) told researchers that employees leaving their organization contributed to a data loss incident.
“Resource constraints and large staff turnover are likely underlying reasons for the high percentage of CISOs concerned about the loss of sensitive data due to employee turnover,” Stacey said.
The report said the two sectors most affected by turnover were retail (90 per cent) and IT, technology and telecommunications (88 per cent).
These trends leave security teams with a nearly impossible challenge, it continued. When people are gone, it’s hard to stop them from taking data.
Some organizations require written guarantees from former employees that they will delete all company data. Others threaten potential employers with potential liability if an employee shares any data from their old job. But none are even close to being a satisfactory solution.
“Many employees, upon their departure, try to take some aspect of their job with them,” said Daniel Kennedy, research director of information security and networking at 451 Research, which is part of S&P Global Market Intelligence, a global market research company. Is.
“For vendors, this could be contact or customer account information. For other employees, it could be a form of intellectual property, models they worked on or code, for example,” he told TechNewsWorld.
“When I was a CISO,” he recalled, “I was definitely concerned with the hits on our various data loss platforms and departing employees. I could usually predict when someone was going to resign based on their behavior. going to give
The growing concern of CISOs about insiders contributing to data loss represents a departure from previous thinking on the subject.
“The recent shift from ‘it is wrong to distrust employees’ or ‘we hire the best people’ to ‘we have to expose ourselves to all kinds of threats’,” said Saurya Biswas, technical director of risk management and governance. There is a change in the thinking of ‘to be protected from’.” At NCC Group, a global cyber security consultant.
“Recent US defense leaks by insiders Jack Teixeira, Chelsea Manning and Edward Snowden may have helped shape this narrative,” he told TechNewsWorld. “It’s not the prevalence of malicious insider trading that has changed, but the awareness around it.”
The level of employee mistrust displayed in the survey probably says something more about a company’s overall culture, maintained Daniel Schwalbe, CISO of DomainTools, an Internet intelligence company in Seattle.
“But it can also be attributed to the rise in remote working, which makes some CISOs feel like they are losing visibility into where their data ends up,” he told TechNewsWorld. “The current realities of a remote workforce have thrown pre-pandemic corporate networks out the window.”
Call for Cyber Resilience
Proofpoint’s report also found that most organizations are likely to pay the ransom when affected by ransomware. Three out of five CISOs (62%) surveyed believed their organization would pay to restore systems and prevent data release if attacked by ransomware in the next 12 months.
CISOs’ organizations were increasingly relying on insurance to shift the cost of their cyber risks, the report said, with 61% saying they would claim cyber insurance to recover losses incurred in various types of attacks .
“Over the past five years, there has been a general incentive for cyber insurers to pay the ransom and have the cost covered by their premiums,” said Chris Cooper, CISO and a member at Six Degrees, a cyber security consultancy in London. ISACA Emerging Trends Working Group.
“Fortunately, this is changing, as paying the ransom only instigates incidents,” he told TechNewsWorld.
“There is also growing evidence that some groups are coming back for a second bite at the cherry,” he added.
Ryan Kalumber, executive vice president of cyber security strategy at Proofpoint, urged security chiefs to remain steadfast in protecting their people and data despite the challenges they face.
“If the recent devastating attacks are any indication, CISOs have an even more difficult road ahead, especially given uncertain security budgets and new job pressures,” he said in a news release. “Now that they have returned to a higher level of concern, CISOs must ensure they focus on the right priorities to lead their organizations toward cyber resilience.”