There has been no shortage of learning opportunities for leadership and IT teams during the COVID-19 crisis, but one (hopefully) lasting lesson learned by both groups is that data management and protection matter.
If cybersecurity wasn’t a priority pre-pandemic, there is no doubt it should be now. Cybercrime is on track to have a global financial impact of $10.5 trillion annually by 2025, up from $3 trillion in 2015. To put that into perspective, Cybersecurity Ventures points out that at this rate, cybercrime will be more profitable than the global trafficking of all illegal drugs combined.
Phishing, ransomware, and other cyberthreats have been on the upswing for several years, but there was a measurable increase in cyberattacks beginning in 2020.
For example, malware increased by 358 percent in 2020, and ransomware increased by 435 percent, which equates to a new ransomware victim every 10 seconds last year.
The increased frequency of cyberattacks since the start of 2020 isn’t the only alarming cybersecurity news to come out of our collective health crisis. IT teams have also been battling new cyberattack tactics and strategies with potentially devastating consequences.
No longer content to exfiltrate your data before encrypting it so it can be sold or exposed on the internet, some ransomware operators are now turning to triple extortion tactics. If you don’t agree to the hackers’ ransom demands, they launch a DDoS attack against your systems to “encourage” continued negotiations.
Another version of triple extortion ransomware involves the operator demanding payment from the victim’s customers, partners, or affiliated third parties to increase pressure for ransom payment from the original target.
Supply Chain Attacks
A large enterprise may work with hundreds of third-party vendors at any given time, and in this age of interconnectivity, each of those relationships increases the risk of a cyberattack on your company.
Third-party attacks, also called supply chain attacks, occur when a hacker infiltrates your systems through a connection with a third party who has access to your network. The recent Kaseya ransomware attack that affected roughly 30 managed services providers—and, by extension, more than 1,000 of their customers—is a perfect example of how quickly a supply chain attack can spread and how much data is at risk.
Despite being the backbone of our society, critical infrastructure sectors are mind-blowingly vulnerable to cyberattacks. During just a few months in 2021, the U.S. has weathered successful ransomware attacks directed at the fuel, food, financial, and healthcare industries.
To date, the worst disruption has been a few-days-long shutdown of a major fuel artery, but without a huge overhaul in cybersecurity measures, it’s only a matter of time before the consequences are much direr.
What to Expect in the New Era of Data Management and Protection
With little fear of sounding melodramatic, it is safe to say that COVID-19 ushered in a new era of data management and protection requirements.
Emerging security threats, new ways of working, and rising demand for consumers’ data privacy are just a few of the factors shaping how IT teams create and enforce data security policies and processes to meet the needs of today’s business environments.
Here are five areas to watch as we continue to navigate our new business “normal” and seek out the most effective approaches to manage and protect data from theft, loss, and even human error.
Software as a solution (SaaS) was a business productivity lifeline when COVID-19 precautions sent millions of employees home to work almost overnight. Cloud-based solutions such as Office 365 were accessible to all, regardless of where your hastily assembled office setup was located.
Today, many businesses are opting to continue their remote work environment, others are bringing workers back into the office, and some are adopting a hybrid model that incorporates both. But regardless of workplace type, SaaS will continue to play a large role in many organizations.
IT teams appreciate the flexibility, scalability, and cost-effectiveness SaaS offers. But there are a few additional precautions IT teams must take to ensure organizations’ SaaS data is both safe from hackers and securely backed up in the event of an unplanned outage.
Many SaaS providers adhere to a shared responsibility model for data protection. This means they will keep their data centers, infrastructure, and software stack, but long-term storage, disaster recovery, and compliant backups and archiving are on the user.
2. Increased Privacy Regulations
Speaking of compliance, it appears GDPR will be getting some more company as more privacy regulations and legislation are poised to roll out over the next year or so.
Consumers have become rabidly protective of their personal data, and now they will have increased control over how their data is used and more recourse in the event of a breach or system failure resulting in data exposure.
3. Zero Trust Initiatives
The SolarWinds attack in late 2020 was a zero trust wake-up call for many CISOs, CIOs, and IT managers. The massive breach—which, ironically, was delivered via a security patch—affected upward of 18,000 people and multiple top-level government agencies, such as the Department of Homeland Security and the Treasury Department.
A zero trust approach to data protection and security is based on the principle that no one should be trusted because anyone can be compromised.
Zero trust frameworks acknowledge that VPN and firewalls aren’t secure enough alone and add extra security measures, including segmenting the network to limit penetration and requiring identity and device authentication throughout the network, not just at the perimeter.
4. Multi-Factor Authentication
Security-conscious organizations recognize that the basic username/password credential combination no longer offers adequate data and network protection.
Multi-factor authentication is the new best practice because it requires users to provide two or more independent credentials, or factors, to prove that they are who they say they are and that they are authorized to complete an action.
In general, multi-factor authentication asks for:
- Something the user knows, such as a password or PIN
- Something the user has, such as a mobile phone and/or security token
- Something the user is—i.e., biometrics—such as a fingerprint or voice command
Encryption helps ensure that only authorized users have access to sensitive data, systems, and applications. Without a key, encrypted data is unreadable and can be stored or transmitted securely.
Like most technology, encryption must evolve rapidly to keep pace with emerging threats and changing infrastructures. Here are a few current encryption strategies businesses are incorporating into their data protection initiatives:
- Bring your own encryption (BYOE): This encryption model allows the data owner to generate encryption keys in-house that can only be used internally. BYOE reduces the risk of relying on a third-party decryption key management vendor, but it does have a few significant weaknesses.
- Blockchain: Blockchain networks are difficult to breach because the data is decentralized and encrypted and then cross-checked during transmission by multiple nodes. The blockchain model also uses automation to take much of the risk of human error out of the data security equation.
It is impossible to know what is just over the horizon as we slowly emerge on the other side of the pandemic. But one certainty is that we must update and re-evaluate our pre-pandemic data management and protection strategies.
The world is different now, and we must be ready to neutralize new and evolving threats. Download What's Next? Data Protection in a Post-2020 World to learn more ways to secure your business environment and create a holistic data protection strategy that will adapt to the rapidly changing threat landscape.