Click4Assistance glyph Flower shape graphic Rectangle shape
17 November 2022 | 1918 views

Data Security in the current climate

Data Security in the current climate

Businesses have faced several unprecedented data security challenges this year. However, evidence suggests that the situation is improving.

Since the COVID-19 pandemic, data security has become a more pressing issue for businesses. Changes in working arrangements and consumer priorities led to an acceleration of the digitalisation already underway before.

And while this process led to efficiency gains and prevented many firms from going out of business, it also brought new threats. Companies dramatically increased their attack surfaces but failed to keep track of them effectively. CIOs and CTOs focused on surviving the pandemic and transitioning to remote work, not novel security threats.

Now, more than two years later, many companies are playing catch-up. Given recent heavily publicised data breaches, firms are looking for ways to protect themselves from incoming threats from both private hackers and government agencies.

Recent Security Breaches

2022 has seen multiple high-profile data breaches, underscoring the problem that now faces firms. Hackers stole $15 billion worth of Ethereum and other cryptocurrencies at the start of the year after a massive Crypto.com hack. Criminals found a way to bypass the site’s two-factor authentication and steal money from accounts.

Microsoft, one of the world’s leading software companies, also experienced a breach this year. A group posted evidence of their Bing and Cortana hacks on messaging service Telegram in March, proving they had bypassed the tech giant’s security. Microsoft quickly put a stop to the hack, but not before reputational damage had been done.

Finally, News Corp was another big name affected by hackers this year. The media organisation admitted to officials that it had suffered a breach in February 2020, just prior to the COVID-19 crisis. Offending parties, believed to be state actors, gained access to sensitive journalist emails and other private communications.

The Current State Of Data Security

But while there are individual examples of poor data security protocols at top firms, the overall security picture is improving. 2022 has seen fewer high-profile, high-value cases, than 2021 or 2020, (excluding the disastrous Crypto.com hack), reflecting an improving network security situation at most businesses.

According to a TripWire data security report, most company respondents believe that enterprises are more secure than a year ago and that they are handling threats better. They also anticipate higher budgets in the coming years to offset the data threats, suggesting that this trend will continue.

However, there are ongoing issues. While organisations are more prepared than in the past, the scale of attacks is growing. Just as companies are adapting to new environments, so too are hackers. Ransomware, phishing, and business email compromise are all becoming primary targets, with other methods, such as trojans, falling behind in popularity.

According to recent research, ransomware accounts for 43 per cent of the danger to private enterprises. Criminals are looking to block firms from accessing their data and then charging them extortionate sums of money to release it.

29 per cent of firms cite business email compromise as the biggest risk. The growth in bring-your-own-device and lax passwords is driving this and hackers are finding it easier to compromise business security systems, gaining access to corporate email accounts without the affected firm knowing.

The breadth of cyber threats is also changing. Today’s geopolitical environment is seeing the rise of state-sponsored attacks. Today, just 64 per cent of hacking is being done by criminal groups. China and Russia are believed to be behind most of these operations, with Russia accounting for around 58 per cent of the total, according to Microsoft research.

Start your free live chat tool for website trial with Click4Assistance today.

According to Gartner, firms are facing a host of challenges that are worsening their cybersecurity. Top of the research firm’s list is attack surface expansion due to the emergency of cyber-physical systems, IoT, complex digital supply chains and cloud applications. Many firms remain unaware that their attack surface has expanded or that they need to defend it. Digital risk protection services are reporting an uptick in demand for external attack surface management technologies, but their usage is not universal. Companies with a live chat tool for website-based communication may be at phishing risk if employees don’t receive the same training as with emails.

Firms are also having to deal with emerging issues relating to identity threats. Advanced hackers, sometimes state-sponsored, are undermining identity and access management infrastructure, attempting to bypass security using false credentials. Firms, therefore, are investing in identity management security systems that can detect anomalies in identity data.

Gartner also cites increasing cybersecurity complexity as a concerning trend going forwards. Firms need to expand their defence activities beyond narrow domains, such as their in-house networks and consider other spaces ripe for criminal attack.

The research organisation says that top-down management structures, led by the CIO, are no longer sufficient in this context. Firms need to distribute decision-making more widely so that staff can react to threats more flexibly. Gartner says that outdated compliance-centric security awareness campaigns won’t help firms fulfil their objectives.

The Future Of Data Security

To adapt to present challenges, cybersecurity priorities are likely to change considerably over the coming years. CIOs will need to address:

  • Enterprise data loss prevention
  • Data classification
  • Attack surface identification
  • Data encryption
  • Threat identification and removal

Critically, organisations should understand that the policies and procedures that protected them during the COVID-19 pandemic may not be sufficient now. Brands integrating IoT or smart supply chain technologies should be particularly careful and put robust security measures in place. At present, it is unknown how malicious actors might take advantage of the increased attack surface offered by these channels.

The lack of talented cybersecurity specialists will also continue to be problematic. Firms that can afford these people will hire them. Everyone else will struggle with ad hoc, third-party solutions that may struggle to provide them with comprehensive protection.

Conclusion

Ultimately, each organisation needs to address the specific threats it faces. Companies that haven’t changed much since 2015 might not have to adapt a great deal to the current security climate, but those who are moving with the times will need to take it more seriously.

Popular Blogs

Click4Assistance Releases Mobile-Friendly Live Chat Software 7 May 2014

Click4Assistance Releases Mobile-Friendly Live Chat Software

Following the server migration and Heartbleed announcement in April the Click4Assistance team is once again focused on enhancing UK’s favourite live chat software. 

Read more
Insurance Firm Jumps into Implementing ‘Chat on your Website’ Software 23 May 2017

Insurance Firm Jumps into Implementing ‘Chat on your Website’ Software

Being an insurance broker can be difficult when there is a vast amount of competition offering the same products.  Ensuring your communication with your customers is accurate, fast and professional is vital when attracting new and returning customers.

Read more
How to Add Live Chat to my Website? Use a Live Chat Plug-in 5 Aug 2016

How to Add Live Chat to my Website? Use a Live Chat Plug-in

This article is part of a series that explains the various aspects when you are considering live chat for your website.  Whether your website has been built by your own developers, an outsourced development company, or you’re using a 3rd party solution such as WordPress at some point you will need to add a chat window plug-in.If your looking to add live support chat to your website, visit this link add live support chat to your website

Read more

Find out more

Live chat dashboard with chat window example

Live chat

Learn how live chat can help empower your organisation.

Find out more
Coni chatbot live chat support Arti AI for live chat business support

Chatbots & AI

Learn how chatbots and AI can help you engage with your audience.

Find out more
integrated omnichannel communications

Omnichannel

Connect with your audience using multiple omnichannels.

Find out more

Discover more

Want to see how live chat can work for your organisation?

See examples of web chat and chatbot implementations for your industry. Be inspired by how other companies in your sector use live chat!

Download web chat and chatbot examples for your industry

Embrace new ways of engaging with your audience!