Surviving Cybercrime in 2021: Guidelines for Effective Cybersecurity Investments

For over a decade, many enterprises in different sectors have been heavily investing in their digital transformation. During the past months, the COVID19 pandemic outbreak has accelerated this transformation, as most companies had to reduce their physical activities to the bare minimum, while often replacing them with digital processes. This increased digitalization is a source of unprecedented opportunities for innovative activities that boost enterprise competitiveness, increase corporate agility, and enable companies to achieve more at a lesser cost. Nevertheless, this rapid digitalization comes with new challenges: Digital infrastructures and services are in several cases susceptible to cybersecurity attacks. The latter can cause significant disruptions to corporate operation and lead to financial losses. This is evident in recent security incidents like the WannaCry ransomware attack in 2017 and the Mirai botnet in 2016. These incidents caused considerable downtimes to important internet sites and led to notorious financial damage. In this context, enterprises must develop an in-depth understanding of modern cybersecurity challenges and plan for effectively confronting them.

Cybercrime Challenges on the Rise

Despite rising enterprise investments in cybersecurity systems and services, cybercrime incidents are on the rise. This is largely due to the proliferation of possible ways for conducting cybercrime. It is also due to that there is no easy way to eliminate cybergangs. Specifically, most enterprises are nowadays confronted with the following challenges:

• Developing cybersecurity strategies in the era of technology acceleration: The rapid technology acceleration broadens the spectrum of threats and vulnerabilities. As a prominent example, the advent of the Internet of Things (IoT) paradigm opens a new wave of cybercrime opportunities based on vulnerabilities of IoT devices. Likewise, cybercriminals can nowadays AI Systems’ href=’https://www.itexchangeweb.com/blog/the-cybersecurity-challenge-for-deep-learning-systems/’ target=’_blank’>exploit the proliferating deployment of Artificial Intelligence (AI) systems towards launching AI-specific cyberattacks. The latter include for example poisoning attacks during the training of Machine Learning Systems and evasion attacks during their operation.
• No easy way to dismantle cybergangs and eliminate the consequences of their work: In many cases complex cyber attacks are launched by organized, distributed cybergangs rather than by individual hackers. This makes it much more difficult to catch cybercriminals and dismantle their teams. Even when this happens, their practices are inherited by other teams, which continue their criminal acts.
• Rising complexity of cybersecurity attacks: In recent years, cybersecurity attacks tend to be more complex, less predictable, asymmetric, and of large scale. As such they require more sophisticated cyber-defense strategies than in the past, including more experienced and highly skilled cybersecurity officers that are not widely available.
• New Cybercrime opportunities: In several cases, cybercriminals take advantage of infrastructures like the Dark Web and the Blockchain Networks to conduct illegal activities. The growing popularity of these infrastructures provides new cybercrime opportunities. This is an additional headache for enterprises and their security officers.
• Interplay of cyber and physical security attacks: The boundaries between cyber and physical security are gradually blurred. This is evident in the scope of Critical Infrastructures (e.g., energy, gas, and transport infrastructures), which comprise interdependent cyber and physical assets. Modern cybercriminals exploit vulnerabilities in physical security to launch cybersecurity attacks and vice versa. For example, it is common for cybercriminals to compromise physical access control measures as a means of gaining access to corporate networks and launching cybersecurity attacks.

The COVID19 pandemic has intensified these challenges: Physical activities were reduced, and an increased number of digital services were launched. Moreover, the pandemic manifested the importance of digital infrastructures to the trustworthiness of business operations. In this context, enterprises can no longer afford to treat cybersecurity as a defensive investment without a clear Return on Investment (ROI). Rather, they must prioritize cybersecurity investments as a vital element of smooth business operations. Nevertheless, as security budgets are always limited, there is a need for taking educated and effective decisions about security investments.

Best Practices for Effective Investments

Considering the IT and business landscape in 2021, businesses had better consider the following factors when planning their cybersecurity investments:

• Increased collaboration across security stakeholders: As organizations are becoming digitally connected, they are offered increased opportunities for sharing knowledge and information. Therefore, they can nowadays exchange security insights that enable them to confront security attacks. In several cases, it is a good idea for organizations to invest in collaborative security measures, such as collaborative risk assessment and mitigation.
• Integrated cyber and physical security systems: Modern organizations must treat security in an integrated way i.e., they must seek ways for unifying cyber and physical security. In this way, they can prevent cybersecurity attacks that exploit physical security vulnerabilities, and vice versa. Investments in integrated security are not only a matter of technology procurements. They also entail significant organizational changes towards unifying cybersecurity and physical security processes.
• Leveraging innovative technologies: Cutting-edge digital technologies are increasingly empowering novel approaches to cyber-resilience. For instance, machine learning and artificial intelligence techniques are employed to derive predictive insights on potential security incidents, towards boosting the early preparedness of organizations. Recently, blockchain technologies are also used as a means of avoiding information tampering and alleviating single points of failure.
• Enhanced Security Knowledge: Organizations must take advantage of the most up-to-date knowledge about cybersecurity attacks. In this direction, they must invest in acquiring the latest and more complete knowledge bases. It is important to ensure that internal knowledge about security vulnerabilities and threats evolves in-line with the state of the art in cybersecurity attacks.
• Security Education: Cybersecurity is not simply the job of security officers of the enterprise. It is rather a joint responsibility of all employees, as the latter can become points of security vulnerability based on their actions. To establish and execute a proper security policy in the enterprise, companies must invest in security education and training as well. Training investments must not only target the development of internal cybersecurity talent. They should also aim at raising the security awareness of the rest employees as well.
• Prioritization of Budget Allocation: Security investments must prioritize the protection of endpoints that have the highest probability of being attacked. Moreover, attacks with the highest potential impact on the organization must be alleviated as a matter of priority. Overall, in the light of budget limitations, organizations must undertake a risk assessment exercise prior to taking budget allocation decisions. This risk assessment exercise must grade risks in terms of their likelihood of materializing and their impact on the organization.

In an era where cybercrime incidents are on the rise, enterprises have no other option than strengthening their cybersecurity defence. In this direction, cybersecurity investments must be viewed as a vital element of an organization’s resilience and business continuity planning. The final cybersecurity decisions should be taken with the engagement of security experts and the business management of the enterprise, ideally involving senior managers and C-level executives as well. In 2021 enterprises must not only see the digital opportunities. They must also confront emerging security threats as well.  The above-listed guidelines aim at contributing to this direction.