President Joe Biden recently issued an urgent warning to American business leaders, telling them to strengthen their companies’ cyber defenses immediately.
Speaking at the Business Roundtable Quarterly Meeting in Washington, Biden said Russian President Vladimir Putin is likely to use cyber attacks as a form of retaliation against the US for its actions to counter Russia's incursion on Ukraine.
Separately, Biden said that the administration would "continue to use every tool to deter, disrupt, and if necessary, respond to cyber attacks against critical infrastructure," but acknowledged that "the federal government can't defend against this threat alone."
The administration recommends several steps to help private-sector companies prevent against cyber attacks, including:
- Using multi-factor authentication
- Consulting with cybersecurity professionals to make sure systems are protected against all known vulnerabilities
- Changing passwords across networks to prevent stolen credentials from being used
- Backing up and encrypting data
- Educating employees on cybersecurity
Cyber Incidents During Pandemic
The President’s warning comes at a time when cyberattacks are on the rise.
Peter Firstbrook, Research Vice President at Gartner who provides analysis on infrastructure security, said recently: “Organizations worldwide are facing sophisticated ransomware, attacks on the digital supply chain and deeply embedded vulnerabilities. The pandemic accelerated hybrid work and the shift to the cloud, challenging CISOs to secure an increasingly distributed enterprise – all while dealing with a shortage of skilled security staff.”
In fact, cybercrimes increased over 600% last year, while the average cost of a single data breach was a record-breaking $4.24 million, reports a recent weekly newsletter published by LinkedIn, Hiring in Cybersecurity. “As we enter 2022, the global cybersecurity market landscape will get even more hostile and unstable. Businesses will struggle to keep up with the continuously shifting cybersecurity and digital transformation requirements.”
The global cybersecurity job market is an exponentially growing market with a huge demand for cybersecurity professionals, the LinkedIn newsletter reports. As companies work to modernize, they are also hiring a greater number of cybersecurity experts to design, engineer, and maintain their cybersecurity solutions and digital infrastructures. However, the rising demand for cybersecurity professionals far outstrips supply: The number of cybersecurity job postings has grown by 94% in just six years, and cybersecurity jobs now account for 13% of all IT jobs.
Action Plan to Rising Threats
Genesis10’s blog, Practical Insights for Cybersecurity, lays out innovative approaches for meeting the challenges of finding cybersecurity talent and the projected shortage of these critical skills including 1) building the skillsets from the ground up or 2) leveraging demographic trends between markets to find cybersecurity resources.
Our strategic partnership with HolistiCyber, an internationally recognized cybersecurity organization with unique strengths, provides our clients the ability to leverage the most experienced and knowledgeable cyber experts. HolistiCyber leverages a multidisciplinary and holistic approach, proprietary and advanced tools, and its unique capabilities to access the Darknet as they continuously adapt and monitor an ever-changing threat environment.
HolistiCyber’s blog offers up the top 5 security strategies CISOs are using to keep their individual networks secure in Q2:
Gathering cyber intelligence about any past, planned, or ongoing attack against your organization or potential partners’ organizations.
Monitoring all information flow to prevent data loss and fraud.Zero trust, segmentation and identity management – segmentation, together with privilege management, are keys to building resilient security programs and company architecture in a cloud-native or hybrid environment, as it creates additional road blocks for attackers to move and escalate laterally once they have breached an organization’s user credentials, endpoint etc.
Automation and risk management tools – certain tools and technology platforms are beneficial in enhancing the security posture from automated identity management, cloud/VPN/network access control, risk monitoring and risk mitigation tools all the way to security operations centers (SOCs), firewalls, anti-virus and much more.
Cyber forensics and investigation – while most organizations are not equipped and lack the knowledge base to run digital forensics on their own or to deconstruct a cyberattack to prevent a recurrence of a similar incident, ideally, there will be a basic breach-mitigation documentation procedure established so that companies can claim insurance properly and prevent fines for non-compliance.
At Genesis10, we are here to help. Let us help put your organization in a proactive position of strength in facing these threats, rather than having to wait for the inevitable hack and loss of revenue and goodwill for your organization.