By Terence Gomes
The cloud era has fundamentally changed the way businesses must think about security. It is imperative to think about security at the core of the digital transformation journey. Greater digitalisation entails greater vulnerability to cyberattacks.
Cyber threats have increased rapidly over the years, in forms and numbers. According to Microsoft’s Digital Defense Report 2022, attackers are adapting and finding new ways to implement their techniques, thereby increasing the complexity of how and where they host campaign operation infrastructure. The volume of password attacks has risen to an estimated 921 attacks every second – a 74% increase in just one year.
Cybercrime is already costing economies more than $6 trillion each year, and the number is expected to increase to $10 trillion by 2025. A recent survey by Microsoft shows that 83% of business leaders see managing multicloud complexity as their biggest pain point in 2022.
Security challenges in a hybrid work environment
In the hybrid work environment, the threat of ransomware and extortion is becoming more audacious with attacks targeting businesses. The most effective defense against ransomware includes multifactor authentication, frequent security patches, and Zero Trust principles across network architecture.
Threat actors show clear preferences for certain techniques. Email phishing continues to grow and has become a dominant vector. Given the increase in information regarding these schemes and technical advancements in detection, cyber criminals are now spending time, money, and effort to develop scams that are sufficiently sophisticated.
Securing the ever-expnding digital estate
In a hybrid setup, as personal devices become a part of the corporate network, organisations need to revamp or replace their identity and security solutions to establish the right level of trust. As businesses find ways to facilitate boundary-less collaboration within the organisation and with people outside it, data must flow freely but securely. By safeguarding confidential and personal data, they will earn the trust of customers and employees.
Threats can come from anywhere. An inside-out and outside-in approach to security is essential. A comprehensive, end-to-end approach can help organisations secure their entire digital estate. Security should be ingrained in the design itself.
Organisations should view security for what it truly is – not an add-on, but an engine for survival and success; not a business function, but a part of organisational culture. Business leaders must cultivate a successful security culture in their organisations by understanding its impact on employees, addressing resistance by highlighting the benefits of change, training employees in skills specific to their area of work, and recognising and rewarding champions of change.