SAN JOSE, CALIFORNIA – Security concerns are evolving, and so should responses. This was stressed by IT experts here at NetEvents, a gathering of technology sector experts and opinion shapers, where it was similarly acknowledged that responses to security issues “should not neglect the human factor.”
As background, in 2021 alone, ransomware is said to have affected 66% of organizations, higher by 78% over those detected 2020, according to Sophos’s “The State of Ransomware 2022” report. And since 2020, there have been more than 130 different ransomware strains detected, according to VirusTotal’s “Ransomware in a Global Context” report, dominated by the GandCrab ransomware family (78.5% of all samples received), and with 95% of all the ransomware samples Windows-based executable files or dynamic link libraries.
Not surpsigingly, companuies have been spending on this. As of 2022, IBM – via its “Cost of a Data Breach 2022” report – estimated that an average ransom payment totaled $812,360, though the total cost of a ransomware attack may actually be as high as $4.5 million on average.
For Ken Levine, CEO of endpoint security company Xcitium, “How do we straddle the line between great security and not impacting productivity? That’s the challenge there.”
This is why for him, “We focus on the notion that the malware is already there. What we focus on is how it doesn’t happen again.”
This is particularly true since the “number of attacks and complexity has been increasing. No surprise,” he said, adding that “the threat landscape is scary.”
This is why for him, “Assume that everything unknown that comes into a network is bad. One fo the things we rely on is detection; but we can’t detect everything, and we can’t detect fast enough. So assume everything that you haven’t seen before as bad. Add that extra layer of detection to neutralize and prevent the damage.”
“As they say: The bad guys have to be right once; we have to be right all the time,” Levine said.
For Dr. Srinivas Bhattiprolu, global head of advanced consulting services, Nokia Cloud and Network Services, there are three threats that businesses should consider, i.e. 1. expansion of threat, with everything possible to be attacked; 2. third party exposure since “as you open up your whole ecosystem, you’re at risk”; and 3. lack of cyber hygiene since “we don’t change our passwords.”
For Bhattiprolu, automation coulkd come in handy. “Automate. Invest in security, but look at areas where you can automate the best,” he said. “The number of threats is growing, the complexity is also growing. It’s important to prevent these proactively with the right tools.”
But Bhattiprolu admitted that there’s no one-size-fits-all solution. And so for him, while “we tend to focus on technology, on automation… it’s also important to talk about the people dimension.”
In the end, said Matt Lourens from the Office of the CTO of Checkpoint, the “biggest concern is, we don’t have significant enough prevention methods in place. How do you mitigate, how do you prevent, those are really the questions (that need to be answered).”
He similarly noted that when talking about security – and even technology – vendors, “There’s a lot of marketing hype.” But before caving in, he recommended that the “first thing that’s important to do is you need to convince your organization to put security first. Go to a vendor. Look for a security team; get a start to see what your security risks are. That’s an important first step.”