Phishing attacks, insider threats, denial of service disruptions, malware and ransomware — cybersecurity incidents like these happen on a daily basis. For most of these incidents, the onsite IT team will remediate based on a pre-developed plan and process. And for many of these incidents, that’s a solid approach.
In the corporate world, COVID-19 has seriously affected the security sector— both physical and cybersecurity. Traditionally, physical building security and cybersecurity have been viewed as separate disciplines with unique solutions. However, given the changing nature of security risk, organizations need to start taking a more holistic view of security and IT risk management (ITSRM). This means combining the previously disjointed approach to security dispersing ownership between business, security, and IT teams, the purview and guidance of the modern Chief Information Security Officer (CISO).
As the enterprise attack surface continues to expand, businesses will need to use multiple defenses to combat digital threats. Career cybercriminals continually change up their methods of seizing control of your data for profit. Staying a step ahead of them is both challenging and critical. But these anonymous offenders aren’t the only source of risk. Company insiders may also open you up to a breach, intentionally or by mistake. In fact, about a third of all enterprise cybersecurity incidents in 2021 will stem from insider threats, according to Forrester. That figure represents an 8% increase from 2020 in insider risk.
The COVID-19 pandemic changed almost every facet of life and cybersecurity was no different. As employees were forced to work from home, companies and government agencies had to expand their IT infrastructure to accommodate. While that was a comfort for some, it also increased risk in networks, especially from insider threats, according to Tommy Todd, vice president of security at Code42 during a discussion sponsored by Code42.
Years ago, while stationed in Moscow as the bureau chief for a major news magazine, I was approached by a representative of a multinational company and presented with a tantalizing offer. He said he had highly sensitive materials exposing possible criminal activity by a Russian competitor. The documents were mine with one condition: advance notice so he could be out of the country when any story was published.
Maintaining adequate security over trade secrets is vital for a company’s financial viability, but with more employees working remotely and the increased use of cloud storage the task is more difficult than ever. Steve Blonder, a principal at Much Shelist P.C., says proactive protective measures are a must as there will continue to be a boom in trade secret litigation.