Chief security officers, chief information officers, and chief information security officers have had it quite tough. Apart from having all the typical responsibilities to handle, especially daily operations taking care of an organization’s physical assets, crisis management, and of course, the threat of DDoS attacks and other cyberattacks that have rattled the world today.
The case of ransomware – when did it begin cybersecurity?
Let us consider the case of ransomware. It made its first appearance back in 1989 when the AIDS Trojan was made by a biologist named Joseph L. Popp, who distributed around 20,000 infected floppy disks to those who attended an AIDS conference conducted and hosted by the World Health Organization itself back then.
Recipients of those disks rebooted their devices more than 90 times. The consequence of such resulted in the virus encrypting the C: drive. Afterward, a ransom of $189 was demanded to be sent to the PC Cyborg Corporation through a P.O box based in Panama.
With that being said, the simple encryption method used in it indicates that it was quite easy to recover the content without paying the ransom.
What is ransomware like today?
Today, ransomware has evolved to become one of the biggest network security threats to be dealt with by both individuals and organizations alike. It has now become more complex than it was. How? Because it is now distributed at a higher speed through the internet and private networks by means of using military-grade decryption.
However, things have gone from bad to worse. The threat actors nowadays demand ransom amounting to millions of dollars. This indicates that ransomware will cost businesses around USD$ 20 billion this year and can cost them up to USD$ 265 billion by 2031.
The biggest ransomware payout made so far this year was by CNA Financial, an insurance company. The company is surprisingly known for selling cyber insurance and paid out USD$ 40 million for a single ransomware attack in March this year.
But ransomware isn’t the only cyber threat the world needs to deal with today. Distributed Denial of Service (DDoS) attacks along with Man in the Middle (MitM) attacks as well as insider threats, malware, ransomware, social engineering, spyware, advanced persistent threats (APTs), and other threats now constitute as part of common threats to network security.
Planning for cyber security
What should a Chief Security Officer (CSO) do in light of all the aforementioned information? Experts working at a well-known DDoS protection service based in North York have decided to share key strategies for CSOs, CIOs, CTOs, and CISOs to keep their jobs safe as well as keep both organizations and customers safe from cyber attacks. They are as under:
Creation of a cybersecurity first culture at work
The problem CSOs face is that while most employees at their organizations have some elementary knowledge of best practices in cyber security, that is the only knowledge of cybersecurity they have, unfortunately. Without putting these employees under proper training, knowledge testing programs, and awareness, the biggest security firms face in this regard is the behavior of employees.
Accenture, a well-known name in the world of technology, revealed in a study that less than half of new employees receive training in cyber security. Moreover, they also receive less regular updates throughout their career.
To put in quantifiable terms, four out of ten respondents revealed insider threat programs were of higher priority and despite the fact that approximately three-fourths of respondents agreed that cyber security staff and activities need to be dispersed all over an organization, cyber security still exists as a centralized function in 74% of organizations surveyed.
The creation of a strong and distributed digital security system with a complete change of employee behavior is needed. Moreover, leaders in business should have accountability for the security of organizations, especially cybersecurity.
Security teams need to collaborate with business leaders to make and implement security policies that will really work. Also, those policies should be re-evaluated and re-test periodically to make sure best practices in cyber security are being employed.
Creation of a continuous security education program to keep employees up to date
A culture of security first requires all people being part of such a culture to understand the concept of network security threats and appreciate the efforts being made to counter them. However, such appreciation must be impactful, and hence employees must be trained regularly to ensure their knowledge is always up-to-date.
