Today’s CISOs are facing a perfect storm. Cyberattacks are increasing year over year, and new technologies, such as AI, are empowering attackers. Meanwhile, the amount of data CISOs are defending is growing.
The ever-changing threat landscape requires CISOs to continually change their approach to cybersecurity. Last year alone, 85% of UK IT and security leaders reported experiencing a major cyberattack, with 36% of those victims experiencing at least one ransomware attack.
With such significant threats to consider, CISOs must evolve and implement a cyber strategy that focuses on resilience and recovery, no matter where their data is stored.
Vulnerable cloud architectures
As data volumes and the number of devices requiring access to this data have skyrocketed, many businesses are increasingly relying on the cloud. To put this growth into perspective, in 2023, 13% of a typical organization’s data was stored in cloud architecture, compared to just 9% in 2022. In comparison, on-premises architecture decreased from 77% in 2022 to 70% in 2023.
This is a problem, as attackers are also paying attention to these trends, and as a result, hybrid environments have become a real focus for cyberattacks. Many of the organizations that fell victim to a cyberattack last year targeted multiple touchpoints, such as cloud and SaaS.
Simply put, cloud computing carries inherent risks because it stores regulated data with fewer security capabilities and less visibility than on-premises assets. So while the benefits of cloud storage are undeniable, poor management of cloud architectures continues to create security blind spots:
1. 70% of all data in a typical cloud instance is object storage, which is a common blind spot for most security appliances as it is typically not machine-readable.
2. Unstructured data (such as text files) and semi-structured data represent another security blind spot because these types of data vary widely in machine readability.
3. More than 25% of object stores contain data covered by regulatory or legal requirements, such as protected health information (PHI) and personally identifiable information (PII).
CISOs must address these security blind spots in their cloud architecture if they want to manage the impact of cyberattacks. A robust cloud security helps organizations maintain data integrity, continuously monitor risks and threats, and restore business as usual when infrastructure is attacked.
The most vulnerable sectors
While cyberattacks are common across most industries, some sectors are at greater risk than others, such as the healthcare industry, which remains a prime target for ransomware groups.
Healthcare organizations acquired 22% more data than the global average, and this number is expected to continue to rise. In fact, a typical healthcare organization saw its data estate grow by 27% last year alone, leaving CISOs with an uphill battle to discover and re-protect all of the data in question.
Worryingly, not only does the healthcare sector hold more sensitive data than a typical organisation – something cybercriminals are keen to target – each cyberattack against it is also more damaging. An estimated 20% of a typical healthcare organisation’s total sensitive data is affected each time a ransomware attack occurs, compared to 6% for the average organisation. That means one-fifth of a healthcare organisation’s sensitive data is affected during a ransomware attack, posing a significant threat to its operational resilience, business continuity and the potential loss of highly personal patient records.
These numbers are particularly significant, but it is true that any organization that frequently handles sensitive data is at risk of a ransomware attack. By understanding the blind spots they need to pay attention to in order to ensure their data is safe from predatory attacks, CISOs can be better prepared to face the future and ensure a better approach to cyber resilience within their organizations.
Budget and staff pressures
While CISOs are being asked to juggle more in every part of their role (including more data to protect), there is one element that has notably remained unchanged: the budget.
With more to be delivered with the same resources, it’s clear that these increasing pressures are having a negative impact on mental health. It’s evident that 96% of senior IT and security leaders reported changes to their emotional or psychological state as a direct result of a cyberattack, and 38% are concerned about job security.
Organizations must act to manage the human cost of security breaches to ensure staff are equipped to meet the increased demands required in the aftermath of an attack.
Late action on resilience
It's an uncomfortable reality that cyberattacks are becoming more and more inevitable, but it is the reality. That's why cybersecurity professionals must adopt a cyber-resilience posture and prepare to recover from an attack, not just defend against it.
Until relatively recently, cyber resilience was a back-burner priority, but regulations are now being introduced to support this priority. The Digital Operational Resilience Act (DORA) is an EU measure that will come into force in early 2025. It will provide a uniform set of requirements for the security of networks and information systems of companies and organisations operating in the financial sector, as well as third parties providing ICT-related services to them.
Similarly, the new NIS2 Directive (an update to the Network and Information Systems Security Regulation) was introduced in 2023, which applies to companies working with critical EU and UK organisations. NIS2 strengthens cooperation to encourage a strong security protection culture.
By addressing current blind spots, CISOs can defend data integrity, mitigate the effects of attacks, and ensure business continuity in uncertain times.
Because the only storm you can prepare for is the one you see coming.
We list the best malware removal programs.
This article was produced as part of TechRadarPro's Expert Insights channel, where we showcase the brightest and brightest minds in the tech industry today. The views expressed here are those of the author, and not necessarily those of TechRadarPro or Future plc. If you're interested in contributing, find out more here:
