Do you feel that your business is protected from cybercrime? According to former hacker turned cybersecurity expert Marshal Webb, you probably shouldn’t.
Webb spoke at the Armour Expo event, a thought-leadership FinTech Awareness & Data Governance conference. He urged businesses to do more to protect their interests in an increasingly sophisticated cybercrime landscape.
“Cyber security is an essential strategy for any organization, protecting important data from unscrupulous people,” according to Marshal.
He continued that simply investing in the basics, such as a firewall and endpoint security software, is no longer enough to stave off attackers. “Hacking and cybersecurity threats are becoming more sophisticated, and with growing crypto adoption, I understand the urgency to set up proper security measures to prevent future losses and ensure these currencies continue to grow.”
Instead, organizations need to adopt a holistic approach to cybersecurity that emphasizes education, training, and awareness.
“No organization is too small to avoid the gaze of criminals. There is zero discrimination. A great place to start is by educating your employees about the common social scams and attacks, such as malware and ransomware.”
Marshal started college at the age of 12, specializing in information security. As a teen, he acted as a hacker and member of Lulz Security – a group of hackers who looked to breach business and government systems.
Since then, he has turned his expertise around, founding several cybersecurity companies and working as a consultant for businesses and governments worldwide. One of his chief business projects is Path Network, an advisory for the public and private entities to help improve their cybersecurity defenses.
Cybercrime was already a rising tide, threatening to flood organizations and businesses across all sectors completely. However, recent unexpected events have accelerated the growth and evolution of cybercrime even further.
Cyber attacks surged in the wake of the COVID-19 pandemic, for example. Not even the frontliners and healthcare providers working tirelessly to keep the public alive and healthy were spared.
Hackers, ransomware gangs, and cyber threat actors found numerous new opportunities and avenues for exploitation as businesses shifted towards remote/hybrid working environments.
The research seems to bear this out. According to the SONICWALL Cyber Threat Report, in 2021, there have been at least 304.7 Million Ransomware Attacks, 51.1 Million Cryptojacking Attacks, 32.2 Million IoT Malware Attacks in the last year, and more than 2.5 trillion overall intrusion attempts.
Except for malware attacks (down by 22%), all other types of attacks increased year on year. Ransomware attacks continue to rise in the wake of the COVID-19 pandemic, jumping by 151%. According to the report, even if not a single ransomware attack was recorded in the entire second half of 2021, it would still be the worst year on record.
In most cases, hackers are on the hunt for valuable business information. This includes customer PII (personally identifiable information), IP or business secrets, or other information they can ransom, sell, or use to extort a business for money.
According to IBM’s Cost of a Data Breach Report 2021, the average ransomware data breach now ends up costing companies as much as $4.62m, a 10% increase. A single stolen PII record can cost a company $180.
According to Marshal: “An increased use of cloud services in the enterprise is among the biggest problems. Most are poorly configured, giving cybercriminals an opportunity to get in.”
Once again, IBM’s Cost of a Data Breach Report 2021 reflects this, with breaches in remote working environments costing roughly $1.07m than in on-premise or hybrid environments. A lack of proper configuration or compliance also inflated the cost of data breaches.
References
SONICWALL Cyber Threat Report 2021
Cost of a Data Breach Report 2021
