If you read the headlines across the news and social media, you probably think the world is falling apart !
We’re hearing a word we haven’t heard in a while – layoffs. Microsoft recently announced 200 job cuts, and Hootsuite laid off 30 percent of its staff. Here in Canada, Clearco cut a quarter of its staff amid “significant headwinds.”
And yet, the U.S. jobless claims just hit the lowest level in over 50 years. In theory, we are in full employment – unemployment can’t get any lower !
Then there’s the stock market – stocks are down. One headline reads, “The S&P 500 tumbles nearly four percent to new low for the year, closes in bear market territory.” Another article reports that the tech-heavy Nasdaq, which fell 1.3 percent, has tumbled nearly 30 percent this year.
At the same time… stocks are way up ! The S&P 500 hit its highest level in three months after key report shows slowdown in inflation. U.S. stocks rise sharply after Fed announces a second consecutive hike in interest rates.
Interest rates go up, and stocks go up. That doesn’t make any sense !
Interest rates go up, and there are layoffs… yet, we are in full unemployment.
Nothing makes sense right now. And for business leaders trying to chart the path forward, this constant state of uncertainty is a hard place to be.
Despite the chaos of today’s headlines, business leaders can count on one thing: Cybercrime is on the rise, and it’s getting more sophisticated.
In 2021, ransomware incidents increased nearly 13 percent, a rise as big as the last five years combined. And these attacks are getting more costly for enterprise leaders. Our latest ransomware report revealed an eight percent year-over-year increase in victims paying ransoms of US$1 million or more in the first two fiscal quarters of 2022 alone.
The reality is that the ransomware we see today is multifaceted, much more targeted, and coming from many directions. We can no longer continue “just getting by”. This means learning to embrace the chaos rather than pushing against it.
We know that we are going to continue to see the climb in cybercrime, so now is the time – while the whole world is sitting up and listening – to build your enterprise cybersecurity into an effective, resilient program that not only secures your company, but drives business forward.
Threat actors are constantly working to outsmart cybersecurity programs – it’s up to you and your team to stay one step ahead of them.
The best way to do this is to constantly test, iterate, and improve your cybersecurity program using a mix of manual and automated tools. Red team operations and penetration testing are great for this as they use real-world adversary techniques to test your security posture.
In addition, simulation tools can be used to validate the work your security team does on an ongoing basis. For example, Breach Attack Simulations can help you validate controls managed by security engineers, ensure current detection mechanisms are catching inappropriate behaviors, and even reduce the spend on other efforts like Red Teaming or Pen Testing.
Ask yourself: Are you able to identify all endpoints, risks, and vulnerabilities – and know which to prioritize?
Your answer may be “no” – and that’s understandable. The complexity of today’s digitally transformed enterprise environments – a massive sprawl of endpoints, identities, internal and external access – has made it increasingly difficult to manage.
This is where the pillars of identity come into play:
If you don’t have tools and partners for each of these core areas, then now is the time to invest in them.
The worst time to decide what to do about an incident is after it occurs. Time is truly of the essence when it comes to a cyber breach. The longer a threat actor has access to your system, the more time they have to cause damage, and the more the cost of the incident increases.
Most enterprise leaders have an incident response and post-mortem plan, but that doesn’t necessarily mean that it’s reflective of the current threat landscape. Revisit your plans regularly and pull in the right partner to help you stay one, two, even three steps ahead of the threats.
To Your Success,
I’ve been in infosec for over 30 years and have had the great privilege of evolving and learning as a cybersecurity executive in a space I love. This blog has been set up to help me share the insights I’ve gained and experiences I’ve had with all of you. Every month I will post some advice and recommendations for my fellow Cyber CEOs – from current events to forecasted trends, and enterprise security best practices.
Let’s collaborate and communicate as we strive to keep our organizations (cyber) safe.
Enterprise security teams are adapting to meet evolving business needs. With six global Security Operations Centers, emerging technology partners and a dedicated team of security specialists, Cyderes is well-positioned to be your organization’s trusted advisor in cybersecurity. We’ll help you understand your risk exposure, increase your visibility and ROI, and proactively hunt for the latest threats.