4 of the biggest cybersecurity risks we face today, according to experts


Cybersecurity is one of the biggest concerns of the moment, but what are the biggest risks we currently face in the UK?

In order to answer this question, we spoke to our network of security leaders in private and government roles and analyzed some of the largest Chief Information Security Officer (CISO) surveys in the market, such as Proofpoint (a leading cybersecurity provider with a people-centric approach), Forgepoint Capital (investors in cybersecurity companies) and Dark Reading (media organization specializing in cybersecurity).

Here’s our take on the four biggest cybersecurity threats that CISOs will continue to face in 2022.

1. The insider threat

Intentional or unintentional, these are the risks posed by each of us at work. Whether it’s opening a malicious file in our work emails from a sender we think is legitimate, or engaging with someone who uses social engineering to steal our business information. access identification while working from home. This is specific awareness training that can help us better understand good cyber hygiene and identify attacks against us before they succeed.

At the other end of the spectrum is the intentional or malicious insider threat. In 2017, an employee of healthcare giant Bupa stole the data of thousands of customers and offered it for sale on the dark web. Protecting our business and customer data from these threats means having the right access controls in place, ensuring we always check and double-check our users, and to maximize protection, implementing artificial intelligence solutions. that flag risky behaviors before they become a problem.

2. Compromised cloud account

With digital transformation a priority for businesses around the world, IT architectures are shifting towards cloud-based and hybrid cloud solutions, leveraging the scalability offered by companies such as Amazon Web Services, Microsoft Azure and Google Suite. The problem is that because data and operations are accessible directly from the cloud, access to a cloud account can open the door to a company’s entire infrastructure, wherever you are in the world.

When using cloud infrastructure, although you can outsource your computing power to one of the big vendors, it is still tied to hardware in a data center. We rely heavily on these cloud providers to protect us from other users of the same infrastructure. Our cohabitants might actually be malicious, hijacking and harvesting information inside the wall.

We need to know what our most sensitive information is, the right protections for it, and not outsource cloud security responsibility entirely to big brands.

3. Supply chain attack

As our protections improve, threat actors are looking for more complex and convoluted ways to gain access to our systems and data and are turning to software vendors, outsourcing providers and partners. Why should they attack 100 organizations individually when you can destroy them all by attacking a single software product they use?

We need strong working relationships with our suppliers and a mutual understanding of the protections in place. When building software, CISOs seek to better control this by ensuring that security is considered throughout the development lifecycle (this is called “DevSecOps”). With the widespread use of open source tools, malicious actors seek to infiltrate vulnerabilities into online libraries used by software developers, in order to take advantage of them later.

4. Incident Response Capabilities

Cybersecurity teams are under a lot of pressure, not having enough talent to fulfill the roles that our companies’ Security Operations Centers (SOCs) need to operate effectively. The only way these small teams can continue to protect us from phishing, malware, distributed denial of service attacks and more is to turn to the use of automated tools. At the same time, CISOs are seeking to reduce their burden by consolidating and simplifying the myriad of tools at their disposal, or even by outsourcing all or part of their SOC function.

All of these factors add risk and pressure that CISOs feel to be able to effectively mitigate risk, but also to respond quickly and effectively to any incident that arises.

Comments are closed.