Table of Contents
Today’s CISOs are facing a perfect storm. Cyberattacks are increasing year over year, and new technologies like AI are empowering attackers. Meanwhile, the amount of data CISOs are defending is growing.
The ever-changing threat landscape requires CISOs to continually evolve their approach to cybersecurity. Last year alone, 85% of UK IT and security leaders reported experiencing a significant cyberattack, with 36% of those victims experiencing at least one ransomware attack.
Given the scale of the threats, CISOs must develop and implement a cyber strategy that puts resilience and recovery at its core, regardless of where their data is stored.
Vulnerable cloud architectures
As data volumes and the number of devices that need to access it have exploded, many businesses have become increasingly reliant on the cloud. To put this growth in perspective, in 2023, 13% of a typical organization’s data was stored in cloud architectures, compared to just 9% in 2022. By comparison, on-premises dropped from 77% in 2022 to 70% in 2023.
This is a problem, as attackers are also paying attention to these trends, and hybrid environments have become a real focus area for cyberattacks. Many of the organizations that suffered a cyberattack last year were targeting multiple touchpoints, such as cloud and SaaS.
Simply put, cloud computing carries inherent risks because it stores regulated data with fewer security capabilities and less visibility than on-premises assets. So while the benefits of cloud storage cannot be disputed, mismanagement of cloud architectures continues to lead to security blind spots:
1. 70% of all data in a typical cloud environment is object storage. This is a common blind spot for most security devices because it is typically not machine readable.
2. Unstructured data (such as text files) and semi-structured data present another security blind spot because these data types vary greatly in machine readability.
3. More than 25% of object stores contain data subject to legal or regulatory requirements, such as protected health information (PHI) and personally identifiable information (PII).
CISOs must address these security blind spots in their cloud architecture if they want to manage the impact of cyberattacks. A robust security cloud helps organizations maintain data integrity, continuously monitor risks and threats, and restore normal operations when infrastructure is compromised.
The most vulnerable sectors
While cyberattacks occur in most industries, some sectors are at greater risk than others. One example is healthcare, which remains a prime target for ransomware attacks.
Healthcare organizations have secured 22% more data than the global average, and this is only set to increase. The typical healthcare organization saw its data estate grow by 27% last year alone, leaving CISOs scrambling to discover and re-secure all the data in question.
Worryingly, not only does the healthcare sector hold more sensitive data than the average organization, which is highly sought after by cybercriminals, but each cyberattack on them is also more damaging. It is estimated that 20% of the average healthcare organization’s total sensitive data is impacted each time a successful ransomware encryption event occurs, compared to 6% for the average organization. That means one-fifth of a healthcare organization’s sensitive data is impacted during a ransomware event, posing a significant threat to their operational resilience, business continuity, and the potential loss of highly personal patient records.
These numbers are incredibly significant, but it’s true that any organization that regularly handles sensitive data is at risk of a ransomware attack. By understanding the blind spots they need to look out for to ensure their data is safe from plundering hands, CISOs can be better prepared for the future and ensure a better approach to cyber resilience within their organizations.
Budget and personnel pressure
While CISOs are increasingly having to juggle every aspect of their role – including protecting more data – there is one element that has surprisingly remained unchanged: budget.
As we are expected to deliver more with the same resources, it is clear that this increasing pressure is having a negative impact on mental health. Strikingly, 96% of senior IT and security leaders reported changes in their emotional and/or psychological state as a direct result of a cyberattack, with 38% worried about job security.
Organizations must take steps to manage the human costs of security breaches, ensuring their workforce is equipped to meet the increased demands placed on them following an attack.
Delayed action on resilience
It’s an uncomfortable reality that cyberattacks are becoming increasingly inevitable. But it’s a reality. That’s why cybersecurity professionals need to adopt a posture of cyber resilience and prepare to recover from an attack, not just defend against it.
Until recently, the priority for cyber resilience has been neglected – but now rules are coming to support the priority for cyber resilience. The Digital Operational Resilience Act, or DORA, is an EU measure that will come into force in early 2025. It will provide a uniform set of requirements for the security of network and information systems of companies and organisations active in the financial sector, as well as the third parties that provide ICT-related services to them.
Similarly, in 2023, the new NIS2 directive was introduced, an update to the Security of Networks & Information Systems Regulations. It applies to companies working with critical EU and UK organisations. NIS2 enforces collaboration to encourage a culture of robust security protection.
By addressing current blind spots, CISOs can ensure data integrity, mitigate the effects of attacks, and ensure business continuity in uncertain times.
Because the only storm you can prepare for is the storm you see coming.
We provide an overview of the best malware removers.
This article was produced as part of TechRadarPro’s Expert Insights channel, where we showcase the best and brightest minds in the technology sector today. The views expressed here are those of the author and do not necessarily represent those of TechRadarPro or Future plc. If you’re interested in contributing, you can read more here:
