Cybersecurity Trends in 2023

Cybersecurity Trends in 2023

Cybersecurity Trends in 2023

Cybersecurity

According to a report recently published by the insurer Hiscox, but cyberattacks in Spain have an average cost per company of 105.000 euros, almost double compared to 2020, which was 55,000 euros. The cost per company reaches, on average, 78,000 euros worldwide.

The reputational damage must be added to the economic cost. Becouse a security breach can cause reluctance or fear among users but clients when hiring their services.

Today we share the trends in cybersecurity in 2023.

Cybersecurity Culture

Businesses will continue to fight phishing, ransomware, and DDoS. Remote work is here to stay, along with the security risks that come with it. Unshielded home networks, untrained employees, and the absence of a cybersecurity culture. Will pose a serious threat to organizations unless they take the proper precautions. A new geopolitical reality. The ongoing war, coupled with the energy crisis, may result in attacks on critical energy infrastructure.

Security Practices improvement

CybersecurityThe CISO is responsible for setting the strategy, additionally cannot implement that strategy if there is no buy-in from other areas of the organization. It is up to the members of each department to apply the controls that the security team recommends or requires. This disconnect between the expectations of the security team and the actual implementation is where things fall apart. In 2023, organizations will look another to solve this problem and place more departmental emphasis on implementing security best practices.

Zero-Trust Architecture

Businesses will address ransomware threats from several ways, from improving cyber skills by working with the security team, to the right security tools such as multi-factor authentication, and training courses. Zero-trust architecture investment to validate access and improve security will increase.

Transparent Cybersecurity with customers

The way companies interact and communicate with their customers will. Need to change in 2023 as the public becomes increasingly aware of ransomware threats and data privacy issues.

As data breaches become increasingly public, rather than trying to downplay or hide the incident, organizations will need to admit the problem and provide details about the steps they are taking to mitigate the problem and prevent future breaches.

Visibility and security of connected devices

Leading organizations will target connected device cyber practices by establishing or updating related policies and procedures. Updating inventories of their IoT connected devices, monitoring and patching devices, refining device acquisition and disposal practices with security in mind , correlating IoT and IT networks, monitoring connected devices more closely to further secure those endpoints, manage vulnerabilities, and respond to incidents.

Supply chains threats

Today’s hyper-connected global economy has led organizations to rely heavily on their supply chains, them threats evolving in complexity, scale, and frequency, so organizations will continue the drive to innovate and mature their transformation capabilities. risk and security.

Organizations are focusing on implementing and operating identity and access management (IAM) capabilities. But trust is at zero that they enforce authorized third-party access to systems and data, and reduce the consequences of a compromised third party.

Shall we talk?

 

Fuentes:

  • Spiceworks.com
  • Venturebeat.com
Principales elementos a incluir en la estrategia de ciberseguridad de una empresa

Principales elementos a incluir en la estrategia de ciberseguridad de una empresa

one size fits all

There is no “one size fits all” when it comes to cybersecurity.

Over the last six months, we have seen an escalation in the number of reported cyberattacks, in their range, sophistication and in their long-lasting impact on businesses such as the Colonial Pipeline attack, and SolarWinds to name just two. These events obviously highlight the importance of having an effective cybersecurity strategy per organization, one size fits all because even if an organization undergoes such an attack, there should be company processes in place to mitigate the severity of the consequences. To do that, companies must monitor and be aware of the main existing security risks and effectively respond to these types of incidents as they occur.

Still, each organization is different in its make-up, business needs, productivity measurements and workflows. Each organization has different network architectures and software. There is no “one size fits all” when it comes to cyber security.

CISOs

Security teams are usually aware that they need to identify the cyber risks most likely to affect their own business’ smooth running and build a security infrastructure aligned with the company’s risk tolerance level. But that is easier said than done.

Even now, with everything that has occurred, many enterprises do not prioritize personnel and budgets for this purpose, often leaving the CIO or CISO and her/his team to “fend” for themselves. Without the appropriate resources and without full company involvement and support, that is a very tall order.

In addition to organizational support, with the plethora of different approaches and tools, identifying the optimal security path requires adopting proactive and scalable methods and the ability to prioritize the different types of cyber threats.

Whether you obsess about cybersecurity every day or you are completely new to the process, there are certain things that you should consider to make your company’s cybersecurity strategy successful. In this post, we’ll reveal five elements you should include in your strategy, regardless of whether you are the sole proprietor of a brand new business or looking to transform the security posture of a large, well-established organization.

    1. Understand the difference between compliance and security.

      In any instance where your company collects personal information or data as part of your relationship with your customers or vendors, you have an ethical if not legal obligation to be a responsible steward of that data. It is not enough to say “we won’t share your personal information” or be able to produce required audit reports if asked, because that’s not really security. The first step to creating a security strategy is knowing what data you collect, where it’s stored, who has access to it, and why. This enables you to establish what is “normal” data use for your organization and makes it much easier to see when someone is trying to steal it.

    2. Make data security everyone’s responsibility.

      Forrester Research recently reported that 80% of security breaches involve privileged credentials. That means an insider either unwittingly or with malicious intent exposed their credentials, and likely sensitive personal data, to a cyber-criminal. Another pillar of a cybersecurity strategy should be educating employees on the fundamentals of how to proactively limit exposing their credentials. This can be as simple as asking people to log out of sensitive databases when finished with them or helping them identify a likely phishing attack. An organization like the National Cyber Security Alliance offers great resources to get you started. It’s also important to consider data access control issues. With the right technology, organizations can apply role-based user privilege access control rules to align individuals; privilege levels with the actual requirements of their job function. Not just once, but on a continuous basis.

    3. Account for the roles of your cloud vendors and ISPs.

      Organizations large and small share sensitive data with cloud-native architectures for a myriad of reasons. AWS’ very useful Shared Responsibility Model explains; very well that cloud vendors provide secure architectures in which their customers can store data; but it’s the customer’s responsibility to apply their security policy to the data. This detail seems to be lost on the vast majority of organizations. Gartner reports that at least 95% of cloud security failures until 2022 are predicted to be the customer’s fault.

      Part of your security strategy should be working with all your cloud-native vendors to ensure that their environments. Many retail and services organizations use ISPs to host their websites. They depend on their ISPs to keep their websites up and running regardless of traffic levels.

      If your website were ever subject to a Distributed Denial of Service (DDoS) attack; an incident whose sole purpose is to make your website and servers unavailable to legitimate users; you could be facing an existential threat. In many instances, to ensure the other websites they host are not subject to diminished performance. One size fits all an ISP will simply shut down a website under a DDoS attack until it stops. Part of your security strategy needs to account for DDoS attacks and have a solution in place to disperse; illegitimate web traffic without shutting down your website and ensure real customer traffic reaches your organization.

    4. Have a plan for if you are breached.

      In spite of best efforts, breaches happen and your data security strategy needs to account for what happens next. You should have a disaster recovery plan in place to secure your network; prevent further damage and identify the breach source as well as inform stakeholders and law enforcement. The plan should turn the incident into a positive by ensuring knowledge gleaned.

While these elements are essential, they are not all you need. We strongly recommend working with cybersecurity experts to accurately evaluate your specific threat landscape; and help you build a sustainable data security strategy for today and the future.

Today’s hyperconnected and decentralized workforce maneuvers within dynamic network; architectures and programs that have moved to the edge and the cloud. Therefore any effective cyber defense strategy must start with open communication between the CIO/CISO. One size fits all security teams, and company executives.

This open line of communication is especially important since 2020.

one size fits all

one size fits all

With the increased number of employees working remotely, security officers face the added challenge of providing remote workers with additional layers of security, as the organization is more exposed to cybercriminals.

Integrating business operations with security personnel helps employees understand security better. It also allows cybersecurity professionals to consider the organization’s business strategy and priorities. While establishing cyber security policies and managing cyber risk solutions and monitoring.

 

Additionally, establishing the following core security principles and policies empowers the CIO/CISO; to focus both on individual applications and the broader company infrastructure.

 

 

Sources:
(1) Security Boulevard
(2) CIO.com
(3) The World Economic Forum

Picture: <a href=’https://www.freepik.es/fotos/negocios’>Foto de Negocios creado por rawpixel.com – www.freepik.es</a>

¿Cómo beneficia a tu organización la gestión de Cuentas Privilegiadas?

¿Cómo beneficia a tu organización la gestión de Cuentas Privilegiadas?

Management

 

Management and authentication of identities

Management and authentication of identities

While IAM controls provide authentication of identities to ensure; that the right user has the right access as the right time. PAM layers on more visibility, control, and auditing over privileged identities. Management and authentication of identities is really important.

In a Tuesday session, titled «Security Leader’s Guide to Privileged Access Management,» Gartner research director Felix Gaehtgens said privileged access management is a crucial component of any security program because of the increasingly large scope of IT environments, users, administrative tools, and IAM data such as passwords, and certificates.

Organizations face multiple challenges on Management and authentication of identities:

More over, insufficient oversight and auditing: Most organizations lack adequate controls to regulate the privileges and use of highly privileged accounts. However, but regulations such as Sarbanes-Oxley (SOX), J-Sox and GLBA dictate that organizations must demonstrate who has access to what data and resources, when, why and who approved such access and defined rights.

Importance of Auditing over privileged identities

Shared access to account IDs and passwords;  The typical problem with shared accounts is that everyone uses the same ID and password, which creates compliance challenges, as it is impossible to determine who has access to the accounts and who actually performed a specific action.

So, inadequate segregation of duties: IT resource personnel who use and maintain privileged; accounts are often the largest access holders in any organization. Certain highly privileged accounts, also especially those designed for emergency operations and incident management; can allow misuse to go virtually undetected or leave no traceability. Organizations must choose between compliance and the ability to recover or resolve problems quickly.

It is a pleasure to invite you to our new webinar we are celebrating today, 23rd June.

During the webinar we will discuss about how PAM is emerging as one of the hottest topics in cybersecurity; and why it must be a part of your overall IAM strategy.

 

Join now our webinar!