Cybersecurity is a global concern

Cybersecurity is a global concern

ashutosh K. ashutosh K.

ashutosh K.

banker

发布日期: 2022年4月9日
+ 关注

CYBERSECURITY TRENDS FOR 2022/2023

The nature of a human being is so complex that it can not be predicted. Why does ?a human being start behaving in certain ways can not be accurately predicted by science. Some belief in following law and some always endeavor to not follow the law. In some cases for becoming rich overnight, in some cases for sadistic pleasures, and in some cases they do not even know the purpose. When and how do a normal person becomes a criminal, nobody can accurately predict, even not the psychologist.

With the advent of the Internet, an assembly of hardware and software—named a computer, the blend of internet and computer has made several revolutionary advancements in science and technology. Now Internet has become a part of our life. In fact, it has created so many novel inventions, improving the software to such an extent that now software develops itself by ML. All the above developments have created a virtual world or cyber which has no physical presence but we get united with it using the internet as a medium. One more revolution has happened which is the digitalization of everything. So almost every sphere of life has become a tech, such as Fintech, Edutech, Healthtech, Insutech, etc, and business ePay, eCommerce, eLearning, eMagzine, etc. The combination of e and tech has transformed to such an extent that there is a one-way road leading to progression. ??

It is quite natural some having ulterior motives would sure try to get the benefit of it without authorization finding a loophole in the digital and virtual world, better known as the cyber era. Presently, most of the crimes pertain to financial assets of the financial companies unauthorized access using always new techniques. All the latest innovations have been made keeping into mind to aid human beings in making their life easier, but sadly we can not avoid misuse of the same by unscrupulously people.

Here comes the role of providing cyber security, by making people aware of the methods used by cybercriminals, inventing new potent technology that cybersecurity TRENDS FOR 2022/2023

The nature of a human being is so complex that it can not be predicted. Why does?a human being start?behaving in certain ways can not be accurately predicted by science. Some believe in following law and some always endeavor to not follow the law. In some cases for becoming rich overnight, in some cases for sadistic pleasures, and in some cases they do not even know the purpose. When and how do?a normal person becomes a criminal, nobody can accurately predict, even not the psychologist.?

With the advent of the Internet, an assembly of hardware and software—named a computer, the blend of internet and computer has made several revolutionary advancements in science and technology. Now Internet has become a part of our life. In fact, it has created so many novel inventions, improving the software to such an extent that now software develops itself by ML. All the above developments have created a virtual world or cyber which has no physical presence but we get united with it using the internet as a medium. One more revolution has happened which is the digitalization of everything. So almost every sphere of life has become a tech, such as Fintech, Edutech, Healthtech, Insutech, etc, and business ePay, eCommerce, eLearning, eMagzine, etc. The combination of e and tech has transformed to such an extent that there is a one-way road leading to progression.??

It is quite natural some having ulterior motives would sure try to get the benefit of it without authorization finding a loophole in the digital and virtual world, better known as the cyber era. Presently, most of the crimes pertain to financial assets of the financial companies unauthorized access using always new techniques. All the latest innovations have been made keeping into mind to aid human beings in making their life easier, but sadly we can not avoid misuse of the same by unscrupulously people.?

Here comes the role of providing cyber security, by making people aware of the methods used by cybercriminals, inventing new potent technology that has features to identify, detect and abort the action of cybercriminals before the happening of?the crime. All these aspects nor covered under Cybersecurity.??

Cybercriminals' (named hackers,) power can be gauged from the fact that they can make anyone's personal information visible and exposed or can even collapse our entire business operations for any number of hours or days. Their attacks have s become so sophisticated,?that various organizations, departments, and anti-virus software to prevent cybercriminals in an oppressive manner .—to and frow situations defining?the latest cybersecurity trends. Lack of strong security measures?are encountering heavy costing for-profit and nonprofit organizations amounting as gigantic as?billions of dollars in losses. Additionally, with companies shifting to remote work since the pandemic began, they have become more exposed to attacks from hackers. Now cybersecurity experts?have been redesigning Internet privacy and?IT security.

Cyberattacks are occurring at very large scale globally. It is estimated that financial losses from cybercrime are bigger than?the total losses incurred from the global trade of all illegal drugs. Hence, individuals and organizations operating on the web live in fear of potential hacking scenarios and data breaches. Aside from finance????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????2022 Must-Know Cyber Attack Statistics and Trends?

Cyber attacks on all businesses, but predominantly???????????????????????????????????????????????????small to medium-sized businesses, are becoming more frequent, targeted, and complex. According to the latest Accenture cost of cybercrime study, 43% of cyber attacks are aimed at small businesses, but only 14% are prepared to defend themselves. The gravity of Not only does a cyber attack disrupt normal operations, but it may cause damage to important IT assets and infrastructure that can be impossible to recover from without the budget or resources to do second and Small businesses struggle to defend themselves because of this. According to Ponemon Institute’s State of Cybersecurity report?small to medium sized business around the globe report recent experiences with cyber attacks:

Lack of Insufficient security measures: 45% say that their processes are ineffective at mitigating attacks.?

Frequency of attacks: 66% have experienced a cyber attack in the past 12 months.

Background of attacks: 69% say that cyber attacks are becoming more targeted.?

The most common types of attacks on small businesses include: Phishing/Social Engineering: 57%, Compromised/Stolen Devices: 33%, and Credential Theft: 30%. Keeping up with the latest cyber-attack statistics is pertinent for understanding the state of cyber threats, commonly leveraged vulnerabilities, implications of successful cyber attacks, and effective strategies for mitigating prevalent threats.

1. 43% of all data breaches involve small and medium-sized businesses.?

2. If you’re still in denial about the chances of your small business becoming a victim, 61% of all SMBs have reported at least one cyber attack during the previous year.

3. A benchmark study by CISCO found that 40% of the small businesses that faced a severe cyber attack experienced at least eight hours of downtime. And this downtime accounts for a major portion of the overall cost of a security breach.?

4. The above-mentioned CISCO study also found that ransomware was not among the top three cyber threats identified by small businesses. Business owners may be underestimating the threat of ransomware, however, MSPs are not. 85% of MSPs consider ransomware one of the biggest threats to their SMB clients.?

5. 30% of small businesses consider phishing attacks to be the biggest cyber threat.?

6. 83% of small and medium-sized businesses are not financially prepared to recover from a cyber attack.

7. Despite the staggering numbers, 91% of small businesses haven’t purchased cyber liability insurance. This truly reflects how unaware and unprepared small business owners are to deal with security breaches.

8. Only 14% of small businesses consider their cyber attack and risk mitigation ability as highly effective.?

9. 43% SMBs do not have any cybersecurity plan in place.

10. One in five small companies does not use endpoint security, and 52% SMBs do not have any IT security experts in-house.”

CYBERSECURITY AND HEALTHCARE:

The concept of innovative information technology in medicine. Most hospitals and healthcare facilities have traditionally focused their budgets on acquiring new medical technologies and improving patient care. Covid19 put a huge burden on budgets and hackers have exploited cyber vulnerabilities, especially via ransomware.??

HEALTHCARE CYBERSECURITY REPORT 2021-2022??

As per “, 70% of latest surveyed by organizations reported that healthcare ransomware attacks have resulted in longer lengths of stays in hospital and delays in procedures and tests that have resulted in poor outcomes including an increase in patient mortality.” Half of the internet-connected devices in hospitals are vulnerable to hacks, a report finds, and had half of the internet customers?run latest updated network security software over half of the internet-connected devices used in hospitals have a susceptibility that could put patient safety, confidential data, or the usability of a device at risk, according to a new report from the healthcare cybersecurity company Cynerio.??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

The report analyzed data from over 10 million devices at over 300 hospitals and health care facilities globally, which the company collected through connectors attached to the devices as part of its security platform.”

CYBERSECURITY AND IOT DEVICES:

With everything and anything connected,??hackers can take advantage of many attack vectors and weak device passwords. The threat is growing as IoT rapid expansion. According to Symantec, IoT devices experience an average of 5,200 attacks per month. The fact that a majority of new IoT devices are still in their infancy means there is a much larger attack surface for cybercriminals to target the vulnerabilities associated with them.

been around for decades, in 2021 it became a preferred cyber-weapon of choice for hackers. Being able to exfiltrate and hold hostage data for payment of cryptocurrencies has made the deployment of ransomware a growing trend.

Ransomware Statistics, Trends and Facts for 2022 and Beyond

5 Key Ransomware Statistics:

Ransomware cost the world $20 billion in 2021. That number is expected to rise to $265 billion by 2031. In 2021, 37 percent of all businesses and organizations were hit by ransomware. Recovering from a ransomware attack cost businesses $1.85 million on average in 2021. Out of all ransomware victims, 32 percent pay the ransom, but they only get 65 percent of their data back. Only 57 percent of businesses are successful in recovering their data using a backup.


: Ransomware on a Rampage; a New Wake-Up Call??

“The sobering reality is that ransomware is a reckless action. Ransomware will continue to be a destructive threat because there are so many available soft targets. We live in an increasingly hyper-connected world that impacts all aspects of our lives. From now onward, managing and protecting data will be a security imperative for every industry and organization.

Awareness and understanding of the ransomware threat can help address many of the cybersecurity challenges. Emerging cybersecurity technologies, mitigation tools, and protocols can help limit the exploding trend of ransomware attacks. Taking pro-active measures to protect systems, networks, and devices, and be more resilient, need to be part of a new wake-up call.”


COMPENDIUMS ON CYBERSECURITY STATISTICS:


GLOBAL COMMUNICATION NETWORK CONCEPT

We may get a more comprehensive overview of cybersecurity stats, by going through the following facts which?encompass therein?many policy, operational, and industry-specific elements of the cybersecurity ecosystem.

2022 Cybersecurity Yearbook: Most important facts, figures, predictions,s, and statistics?

It is appraised that an organization suffered a ransomware attack every 11 seconds in 2021, according to Cybersecurity Ventures, and which will grow exponentially to a new attack on a consumer or business every two seconds by 2031.?Crypto crime, or crimes related to cryptocurrencies, are assumed?to exceed $30 billion in 2025, up from an estimated $17.5 billion in 2021. The necessity and urgency?to protect progressively digitalized businesses, Internet of Things (IoT) devices, and consumers from cybercrime will push global expenses on cybersecurity products and services to $1.75 trillion cumulatively?

for the five-year period from 2021 to 2025, up from $1 trillion cumulatively from 2017 to 2021. Cybersecurity Ventures traced more than$23 a billion in venture capital devoted to cybersecurity companies in 2021.

OTHER FEATURES

State-Sponsored Threats: Microsoft has highlighted that roughly?80% of nation-state attackers are selected as government agencies, policy formations, and other non-government organizations. The United States continues the most highly targeted country with 46% of global cyberattacks being directed toward Americans

Cost of Cybercrime rising: The cost of cybercrime has risen 10% in the past year which will increase rapidly.

Cybersecurity Workforce: it’s apprehended?that there will be 3.5 million unified cybersecurity employment opportunities by the end of 2025.

The pandemic created?lots of new cybersecurity issues and companies are working assiduously to ensure they are prepared for anything that comes their way in the future. Assume to see enhanced software supply chain security, ransomware will become more of a problem for businesses, companies are undergoing a period of transition?to a zero-trust framework for cybersecurity, increased scrutiny on the cybersecurity measures of third-party providers, and a rise in cyber insurance to offer further protection for businesses.

THE MOST IMPORTANT MEASURES OF CYBER STATISTICS TO IDENTIFY FOR 2022?

Phishing Attacks: Phishing attacks were connected to about 40% of breaches, a rise of 10%, which in part could be ascribed to the COVID-19 pandemic. As might have been expected, threat actors have been observed fine-tuning their phishing campaigns based on what’s making the news at any moment in time.

Cost of Data Breach: 2021 saw the highest average cost of a data breach in 17 years, with the cost rising from US$3.86 million to US$4.24 million on an annual basis as per IBM cost of a data breach report 2021.

Ransomware Expenses: Cryptocurrency has been the preferred payment method for cybercriminals for a while now, especially when it comes to ransomware. As much as US$5.2 billion worth of outgoing Bitcoin transactions may be tied to ransomware payouts involving the top 10 most common ransomware variants as per FINCEN Report on Ransomware Trends in Bank secrecy data.

DDoS Attacks: The number of distributed denial-of-service (DDoS) attacks has also been on the skyward trend, in part due to the COVID-19 pandemic. 2020 saw more than 10 million attacks occur, 1.6 million attacks more than the previous year as per ENISA Threat Landscape 2021.

Cybersecurity In The Year Ahead

Dan Lohrmann is one of the world’s most conversant and creative cybersecurity experts. His article on predictions for 2022. The answers are submitted annual roundup of the top security industry forecasts, trends, and cybersecurity prediction reports for the calendar year 2022. The most important?majors security prediction for 2022, is the following summary of likely trends for 2022:

1)??There will be widespread security bearings in the coming year from the move to work from home (WFH) powered by COVID-19. More attacks will occur on home computers and networks, with bad actors even using home offices as criminal hubs by taking advantage by exploiting of unpatched systems and architecture weaknesses.

2) The great haste towards cloud-everything will root many security holes, challenges, misconfigurations, and outages.

3)More growth in the security industry. The number of new products and new mergers and acquisitions will cause network complexity issues and integration problems and overpower and upset cyber teams.

4) Privacy will be in jeopardy, with user upheavals, new laws, disorder, and self-regulation failing.

5) Identity and multi-factor authentication (MFA) will take center stage as passwords (finally) start to go away in a critical year when a minor change makes all the difference.

6) Bundles?of high-profile IoT hacks, some of which will make headline news.

7) Ransomware?will get worse to worse?with new turns, data-stealing prior to encryption, malware packaging with other threats, and very specific targeting of organizations.

8)Lots of 5G vulnerabilities will become headline news as the technology grows.

9)?Advanced Persistent Threats (APT) attacks will be widely available from criminal networks. The dark web will allow criminals to buy access to more sensitive corporate networks.

New focus this year cover:

10) Cyber?threats in space. A heavy emphasis on operational technology (OT) cybersecurity — vulnerabilities, threats, and impacts.

11) A strong importance on cryptocurrencies and crypto wallet security attacks. As Bitcoin and other cryptocurrencies rose in 2021, now the bad actors want your bitcoins even more.

12)More application security vulnerabilities — especially when code is widely used, such as the Log 4 j exposing. Issues created by a lack of talent and vacancies in public- and private-sector organizations — as the talent war gets worse.

13)Renewed emphasis (but in new ways) on AI, Autonomous vehicles, drones, and other new technologies being hacked.

14)Note that security industry vendor acquisitions have changed many of the familiar names, such as the activities with FireEye, McAfee Enterprise, and Mandiant.??

15) Deployed for expanding protection of remote employee offices, and for alleviating workforce shortages. The automation tools are being strengthened in capabilities by artificial intelligence and machine learning algorithms.

16)Cybersecurity will see increased operational budgets because of more sophisticated threats and consequences of breaches (and especially ransomware) to the bottom line.?

Cybersecurity becomes more of a C-Suite issue with every passing year as breaches can be disruptive and devastating for business.” A highly esteemed cybersecurity leader, recently published his latest feature in the January issue of the CISO MAG, detailing the importance for federal executives to focus on protecting the critical infrastructure supply chain in IT and OT systems. “Protecting critical infrastructure Industrial Control Systems, Operational Technology, and IT systems from cybersecurity threats is a difficult endeavor,” said Chuck Brooks. “They all have unique operational frameworks, access points, and a variety of legacy systems and emerging technologies. Protecting the critical infrastructure supply chain in IT and OT systems will be a public and private sector priority.”

In addition, Expert Chuck Brooks discussed the potential cybersecurity workforce shortage that could exist in 2022. It was reported by Cybersecurity Ventures that roughly 3.5 million jobs in cybersecurity were left unfilled in 2021, which could pose significant operational challenges in the federal sector moving forward. Brooks mentioned the Internet of Things (IoT) as an area to watch for growing cybersecurity risks. In particular, Brooks highlighted the challenge that IoT poses from having a lack of visibility and the ability to determine if a device has been compromised and not performing as intended. “The increased integration of endpoints combined with a rapidly growing and poorly controlled attack surface poses a significant threat to the Internet of Things,” Brooks explained. “Protecting such an enormous attack surface is no easy task, especially when there are so many varying types and security standards on the devices. It will only worsen in 2022 as connectivity grows.”

BRIEF PROFILE OF BROOKS

Chuck Brooks, President of Brooks Consulting International, and Adjunct Faculty at Georgetown University. He is a Technology Evangelist, Corporate Executive, Speaker, Writer, Government Relations, and Marketing Executive. LinkedIn named Chuck one of “The Top 5 Tech People to Follow on LinkedIn.” He was acclaimed as one of the world’s “10 Best Cyber Security and Technology Experts” by Best Rated, as a “Top 50 Global Influencer in Risk, Compliance,” by Thomson Reuters, “Best of The Word in Security” by CISO Platform, and by IFSEC as the “#2 Global Cybersecurity Influencer.”, and as a “Top Leader in Cybersecurity and Emerging Technologies” by Thinkers360. Chuck was named by Oncon in 2019 “Top Global Top 50 Marketer” by his peers across the industry.??

ROLE AND RESPONSIBILITY OF EMPLOYER AND EMPLOYEE A OVERVIEW

In an Organization, the needs to safeguard cybersecurity awareness among employees to help protect data and systems. It’s important that employees realize and are alert to the day-to-day situations that could actually cause harm to the company if they are not vigilant. Risks in the cyber visible features include phishing, hacking, identity theft, ransomware,?viruses, and more. The threat landscape is always changing and becoming more and more sophisticated and sadly employees are often the weakest link when it comes to keeping data secure.

Business leaders need to be responsible to ensure that their employees recognize risks and their own personal cybersecurity responsibilities and obligations. It goes well beyond sending a one-off cybersecurity awareness email to employees. Creating and delivering a comprehensive cybersecurity awareness campaign can help to keep this issue front of mind for staff in your company.

STEP-BY-STEP GUIDE TO CREATING A CYBERSECURITY AWARENESS PROGRAM

Diverse organizations have different needs. There are unalike threats across industries, and the level of knowledge of cyber security among employees can also vary contrarily. There’s no one-size-fits-all approach to delivering a cybersecurity awareness campaign, but the following steps will provide a solid foundation.

1. Set goals

The first and foremost step is to fix what you want to achieve and define your cyber security campaign’s scope based on the specific needs of your organization. This should be set out in a plan that you can take action and measure.

2. Ensure you have buy-in from management

It’s critical to have agreement about the importance of cybersecurity from the top down to every level of management within the organization so that providing an?encouragement attitudes and behaviors suitably.

3. Clearly outline your policies and procedures

It is important to have clear delineation and easy to realize?policies and procedures in place around cyber security that set out expectations for employees and their obligations to use computer systems correctly to keep data safe. Having employees acknowledge this helps to keep them accountable.

4. Deliver cyber security awareness and education

Sympathetic?goals and specific needs,?then tailor?security awareness campaign to suit?objectives: what are the risks you need to communicate and educate about? Providing the right information to your employees about the common risks and steps that they can take to detect and mitigate risk will help to protect your business.

5. Choose different cyber security awareness topics

Having an ongoing cybersecurity awareness campaign means that you can continuously deliver information to employees about different cybersecurity issues. For example one month you may do a topic on password protocols, the next it may be about phishing.

6. Test your employees’ knowledge

Regularly testing employees’ knowledge about cyber security can help you to determine if there are any weaknesses or gaps in their knowledge that need to be addressed through the development of any additional educational materials.

7. Use a multi-channel approach to communications

Best practice in internal communications includes using different delivery channels to communicate the same message. This is based on research that shows that you often need to deliver the same information several times before it resonates and sticks with employees. It also reflects that different people have different preferences and styles when it comes to receiving information.

8. Include cyber security in employee induction?

Cyber security awareness needs to begin from the very first day an employee begins with your organization. By including it in your employee onboarding process. you can ensure that all new staff has a consistent level of education and awareness, and you can also bring your brand new employees up to speed with the rest of the employee troop.

9. Keep on top of emerging trends

Cyber security is a fast-moving landscape and cybercriminals are always becoming more and more classy in their methods. It’s crucial to stay up-to-date with emerging threats and introduce them to your employees where appropriate so that you can be on the front foot and not taken by surprise.

10. Evaluate your efforts

There’s always room for improvement, but you won’t know what to improve if you don’t have metrics that you can measure. Have you found deficiencies? Has your employees’ knowledge improved??When you have data you can use it to inform people about any further cyber security initiatives.

DeskAlerts is an internal communication software system that is versatile and can help organizations to overcome many different communication challenges, including improving cyber security awareness. The system features much dissimilar different communication to old channels and is designed to grab attention and screensavers, corporate,?corporate wallpaper, and password screens to deliver custom and timely cyber security messages,?Deliver video content such as tutorials straight to employees’ screens,????????????????????????????????????????????????????????????????op up alert?pop-up alerts or scrolling desktop tickers, Send urgent full-screen alerts to computers when there is a critical cyber security incident that is threatening your business, Use digital signage in your company to compliment your campaign initiatives, Test your employees’ knowledge using the surveys, polls and quiz surveys, and ask for and receive an acknowledgment that employees have read and agree to abide by policies and procedures, and gather?engagement metrics in real-time.

DeskAlerts messages can be scheduled ahead of time, which is great when you are creating an ongoing campaign. You can also send messages to specific audience segments, tailored to their needs. Messages can also be sent in different languages and to different time zones.

Data and systems security is one of the biggest challenges for business today, particularly as the threat landscape is so changeable.?




FREQUENTLY ASKED QUESTIONS

What is a cyber security campaign?

A cyber security campaign is an awareness effort directed at a specific group of individuals, such as employees, providing information about cyber threats with the aim of increasing understanding of the risks so that they can take appropriate steps to avoid them.

What are the 5 types of cyber security?

There are five main types of cyber security to be aware of:

? ????Critical infrastructure cyber security

? ????Network security

? ????Internet of Things (IoT) security

? ????Application security

? ????Cloud security.

How can we promote cybersecurity awareness?

The main ways to promote cybersecurity awareness include:

? ????Getting leadership on board.

? ????Making sure everyone understands they have a role to play in keeping systems secure.

? ????Understanding the threats your business faces.

? ????Provide training and education.

? ????Send regular reminders.



Pedro Palandrani and Alec Lucas, who are both research analysts at Global X, consider how the rising threat of cyberattacks is prompting corporations, governments and consumers to increase and enhance protection measures.


It is assumed that the ongoing struggle among organizations, consumers and the cybercriminals who crave their data to deepen this year. The latest concern is a vulnerability in internet software known as Log4j that could jeopardize hundreds of millions of systems globally. This threat follows multiple high-profile breaches in 2021, including the ransomware attack that compromised Colonial Pipeline’s fuel distribution across the eastern US. Cyber events like these continue to grow more frequent and costly, especially attacks on critical infrastructure and supply chains. And this threat is likely to only grow more acute as the global economy continues to digitalize and put sensitive data at risk. As a result, we expect heightened awareness of and expenditure on cybersecurity solutions to create long-term tailwinds for the cybersecurity investment theme.


KEY TAKEAWAYS:

Cyberattacks were prevalent and costly in 2021, a trend likely to continue into 2022. The average data breach cost increased from $3.86m in 2020 to $4.24m in 2021, the highest total cost in the 17 years IBM has published its Cost of a Data Breach Report 2021.Corporations, governments, and consumers are increasing their cybersecurity commitments and enhancing measures to protect themselves. Corporations, for example, are expected to spend $172bn in 2022. Identity, network, and endpoint security continue to be points of emphasis for cybersecurity efforts with network security expected to grow the fastest at 24% between 2021 and 2026.

THE DIGITAL WORLD REVEALS ITS VULNERABILITIES IN 2021

The world now creates an estimated 2.5 quintillion bytes of data every day — that’s 2.5 followed by 18 zeros. As a result, hackers have more access to sensitive data than ever, and they will have many more opportunities as the world continues to digitize and data volumes increase. In particular, the Internet of Things (IoT) devices will be a major contributor to the data pool. At the end of 2021, there were 14.6 billion connected devices. That number could grow nearly 18% in 2022, and then more than double by 2027.The economy’s turn?to hybrid and remote work also creates significant opportunities for cybercriminals. Pandemic-induced lockdowns eased in the US in 2021, but as many as 45% of full-time employees continued to work from home at least part-time. Whether due to new variants or employee preference, work-from-home initiatives are likely to remain intact, resulting in data vulnerabilities for the foreseeable future. According to an IBM report, remote work was a factor in 17.5% of reported data breaches in 2021.

The average cost of these breaches was also 16.6% higher than breaches where remote work was not a factor. In 2021, several high-profile companies were victims of costly cyberattacks. The ransomware attack on Colonial Pipeline resulted in a $4.4m payout to th{{ risk management could increase 11% from 2021 to $172bn in 2022.

Governments: In May 2021, President Biden signed an executive order that aims to modernize federal cybersecurity capabilities, standardize response strategies to cyberattacks, and increase information sharing requirements for government contractors. Then in July, Biden signed a national security memorandum that aims to prevent cyberattacks on critical infrastructure, especially power, water, and transportation. These measures translated into real dollars in the Infrastructure Investment and Jobs Act, which directs $1.7bn in dedicated spending and about $7bn in potential spending toward improving the country’s cybersecurity. Also last year, the Senate unanimously confirmed the White House’s first national cyber director. Congress created the position as part of the 2021 National Defense Authorization Act, signaling an increased emphasis on cybersecurity in administrations to come.

?

CONSUMERS:

?A small but growing share of cybersecurity spending comes from consumers. About 53% of consumers are victims of at least one cybercrime, prompting many to take precautions such as personal VPNs, two-factor authentication, and identity theft protection services. The pandemic exacerbated threats to individuals, as emboldened scammers capitalized on the inflated time consumers spent online. Americans lost $586 million to COVID-related scams as of October 2021. However, consumers are conscious of the heightened threat. Last year, almost 40% of adults took steps to safeguard their online activity as a direct result of the pandemic. Digital protection habits learned during the pandemic could accelerate consumer adoption of cybersecurity services.


KEY CYBERSECURITY AREAS TO WATCH

IDENTITY SECURITY:?


With the explosion of remote work, securing who’s accessing critical data, resources, and apps is a must for organizations. Within this vertical, cybersecurity sub-segments include Identity and Access Management (IAM), Privileged Account Management (PAM), and Identity Governance & Administration (IGA). These sub-segments are forecasted to grow by an average compound annual growth rate (CAGR) of 19% between 2021 and 2026.





NETWORK SECURITY:?


Companies in this vertical are responsible of protecting a network’s integrity, confidentiality, and accessibility from misuse or breaches. Overly permissive networks can cause cyberattacks to move horizontally (i.e., from user to user) once an individual has been compromised. Zero Trust Networks, for example, provide users with access to internal apps, without the need to connect to a company’s network or expose those users to the internet. Within this vertical, cybersecurity sub-segments include Zero Trust Network Access (ZTNA), Software-Defined Networking (SDWAN), Network Detection and Response (NDR), Firewall / NGFW / Unified Threat Management (UTM), and Secure Access Secure Edge (SASE). These sub-segments are forecasted to grow by an average CAGR of 24% between 2021 and 2026.



ENDPOINT SECURITY:?


The multitude of internet-connected devices presents new entry points for hackers, adding challenges and complexity to effectively manage security for firms and individuals. Successful IoT deployments will require multi-layered, end-to-end security that ranges from up front baked-in security requirements to the ongoing management and protection of sensitive machine-generated data. Within this vertical, cybersecurity sub-segments include Endpoint Protection Platform (EPP), Endpoint Detection and Response (EDR), and Data Loss Prevention (DLP). Overall, the Endpoint Security vertical is forecasted to grow by an 8% CAGR between 2021 and 2026. Beyond these fast-growing areas, cybersecurity companies are increasingly looking at consolidation. Typically, cybersecurity providers specialize in specific verticals, forcing customers to secure their data using a patchwork of different providers. This dynamic can lead to costly delays and other potentially damaging inefficiencies; indeed, the average data breach took 287 days to identify and contain in 2021. In an effort to improve protection capabilities end to end, several prominent cybersecurity providers engaged in mergers and acquisitions in 2021. Noteworthy activity included CrowdStrike Holdings’ [CRWD] $352m acquisition of Humio, and Rapid7’s $335m acquisition of IntSights, allowing the companies involved to field more integrated product offerings. This surge in consolidation activity is likely to continue in 2022, with antivirus and VPN service providers Norton and Avast set to merge in a deal valued over $8bn.

领英推荐

Conclusion

2021 featured some of the most impactful cyber intrusions in recent memory, and the world’s ongoing digital transformation only increases the likelihood of comparable attacks in the future. However, we believe that digital protection lessons learned during this period could further accelerate the adoption of cybersecurity services. In our view, recent financial commitments to thwart cybercriminals can form tailwinds for cybersecurity companies in 2022 and strengthen the long-term investment case for the cybersecurity theme overall.

?Markets is an execution-only service provider. The material (whether or not it states any opinions) is for general information purposes only, and does not take into account your personal circumstances or objectives. Nothing in this material is (or should be considered to be) financial, investment or other advice on which reliance should be placed. No opinion given in the material constitutes a recommendation by CMC Markets or the author that any particular investment, security, transaction or investment strategy is suitable for any specific person.

The material has not been prepared in accordance with legal requirements designed to promote the independence of investment research. Although we are not specifically prevented from dealing before providing this material, we do not seek to take advantage of the material prior to its dissemination.

s features to identify, detect and abort the action of cyber criminals before the happening of ?the crime. All these aspects nor cover under Cybersecurity. ??

Cybercriminal (named as hackers,) power can be gauged from the fact that they can make anyone personal information visible and exposed or can even collapse our entire business operations for any number of hours or days. Their attacks have s become so sophisticated, ?various organizations, departments, anti virus software to prevent cyber criminals in an oppressive manner .—to and frow situation defining ?the latest cybersecurity trends. Lack of strong security measures ?are encountering heavy costing for-profit and nonprofit organizations amounting as gigantic as ?billions of dollars in losses. Additionally, with companies shifting to remote work since the pandemic began, they have become more exposed to attacks from hackers.?Now cybersecurity experts ?have been redesigning Internet privacy and?IT security.

Cyberattacks are occurring at very large scale globally. It is estimated that financial losses from cybercrime are bigger than ?the total losses incurred from the global trade of all illegal drugs. Hence, individuals and organizations operating on the web live in fear of potential hacking scenarios and data breaches. Aside from finance???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????2022 Must-Know Cyber Attack Statistics and Trends

Cyber attacks on all businesses,?but predominantly ????????????????????????????????????????????????????????????????????????????????????????????????????small to medium sized businesses, are becoming more frequent, targeted, and complex. According to?latest Accenture cost of cybercrime study, 43% of cyber attacks are aimed at small businesses, but only 14% are prepared to defend themselves.?The gravity of Not only does a cyber attack disrupt normal operations, but it may cause damage to important IT assets and infrastructure that can be impossible to recover from without the budget or resources to do second and Small businesses struggling to defend themselves because of this. According to Ponemon Institute’s State of Cybersecurity report?small to medium sized business around the globe report recent experiences with cyber attacks:

Lack of Insufficient security measures: 45% say that their processes are ineffective at mitigating attacks.?

Frequency of attacks: 66% have experienced a cyber attack in the past 12 months.

Background of attacks: 69% say that cyber attacks are becoming more targeted.?

The most common types of attacks on small businesses include: Phishing/Social Engineering: 57%, Compromised/Stolen Devices: 33%, and Credential Theft: 30%. Keeping up with the latest cyber-attack statistics is pertinent for understanding the state of cyber threats, commonly leveraged vulnerabilities, implications of successful cyber attacks, and effective strategies for mitigating prevalent threats.

1.??43%?of all data breaches involve small and medium-sized businesses.?

2.??If you’re still in denial about the chances of your small business becoming a victim,?61%?of all SMBs have reported at least one cyber attack during the previous year.

3.??A benchmark study by CISCO?found that?40%?of the small businesses that faced a severe cyber attack experienced at least eight hours of downtime. And this downtime accounts for a major portion of the overall cost of a security breach.?

4.??The above-mentioned CISCO study also found that ransomware was not among the top three cyber threats identified by small businesses. Business owners may be underestimating the threat of ransomware, however, MSPs are not.?85%?of MSPs consider ransomware one of the biggest threats to their SMB clients.?

5.??30%?of small businesses consider phishing attacks to be the biggest cyber threat.?

6.??83%?of small and medium-sized businesses are not financially prepared to recover from a cyber attack.

7.??Despite the staggering numbers,?91%?of small businesses haven’t purchased cyber liability insurance. This truly reflects how unaware and unprepared small business owners are to deal with security breaches.

8.??Only?14%?of small businesses consider their cyber attack and risk mitigation ability as highly effective.?

9.??43%?SMBs do not have any cybersecurity plan in place.

10.?????????????????One in five small companies does not use endpoint security, and?52%?SMBs do not have any?IT security experts in-house.”

CYBERSECURITY AND HEALTHCARE:

The concept of innovative information technology in medicine. Most hospitals and healthcare facilities have traditionally focused their budgets on acquiring new medical technologies and improving patient care. Covid19 put a huge burden on budgets and hackers have exploited cyber vulnerabilities, especially via ransomware.?

HEALTHCARE CYBERSECURITY REPORT 2021-2022?

As per “70% of?latest surveyed by?organizations reported that healthcare ransomware attacks have resulted in longer lengths of stays in hospital and delays in procedures and tests that have resulted in poor outcomes including an increase in patient mortality.” Half of internet-connected devices in hospitals are vulnerable to hacks, report finds?and had half of internet customer ?run latest updated network security software over half of internet-connected devices used in hospitals have a susceptibility that could put patient safety, confidential data, or the usability of a device at risk, according to a?new report?from the healthcare cybersecurity company Cynerio.?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

The report analyzed data from over 10 million devices at over 300 hospitals and health care facilities globally, which the company collected through connectors attached to the devices as part of its security platform.”

CYBERSECURITY AND IOT DEVICES:

With everything and anything connected, ??hackers can take advantage of many attack vector s and weak device passwords. The threat is growing as IoT rapid?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????expansion. .According to Symantec, IoT devices experience an average 5,200 attacks per month. The fact that a majority of new IoT devices are still in their infancy means there is a much larger attack surface for cybercriminals to target the vulnerabilities associated with them.

een around for decades, in 2021 it became a preferred cyber-weapon of choice for hackers. Being able to exfiltrate and hold hostage data for payment of cryptocurrencies has made the deployment of ransomware a growing trend.

Ransomware Statistics, Trends and Facts for 2022 and Beyond

5 Key Ransomware Statistics:

Ransomware cost the world?$20 billion in 2021. That number is expected to rise to?$265 billion by 2031. In 2021,?37 percent of all businesses and organizations?were hit by ransomware. Recovering from a ransomware attack cost businesses?$1.85 million on average in 2021. Out of all ransomware victims,?32 percent pay the ransom, but they only?get 65 percent of their data back. Only?57 percent of businesses?are successful in recovering their data using a backup.

?

:Ransomware on a Rampage; a New Wake-Up Call?

“The sobering reality is that ransomware is on a reckless action. Ransomware will continue to be a destructive threat because there are so many available soft targets. We live in an increasingly hyper-connected world that impacts all aspects of our lives. From now and onward, managing and protecting data will be a security imperative for every industry and organization.

Awareness and understanding the ransomware threat can help address many of the cybersecurity challenges. Emerging cybersecurity technologies, mitigation tools, and protocols can help limit the exploding trend of ransomware attacks. Taking pro-active measures to protect systems, networks, and devices, and be more resilient, need to be part of a new wake-up call.”

?

COMPENDIUMS ON CYBERSECURITY STATISTICS:

?

GLOBAL COMMUNICATION NETWORK CONCEPT

We may get a more comprehensive overview of cybersecurity stats, by going through the following facts which ?encompass therein ?many policy, operational, and industry specific elements of the cybersecurity ecosystem.

2022 Cybersecurity Yearbook: Most important facts, figures, prediction and statistics

It is appraised that an organization suffered a ransomware attack every 11 seconds in 2021, according to Cybersecurity Ventures, and which will grow exponentially a new attack on a consumer or business every two seconds by 2031.

?

Crypto crime, or crimes related to cryptocurrencies, are assumed ?to exceed $30 billion in 2025, up from an estimated $17.5 billion in 2021. The necessity and urgency ?to protect progressively digitalized businesses, Internet of Things (IoT) devices, and consumers from cybercrime will push?global expenses on cybersecurity products and services to $1.75 trillion cumulatively

for the five-year period from 2021 to 2025, up from $1 trillion cumulatively from 2017 to 2021. Cybersecurity Ventures traced more than$23 billion in venture capital devoted to cybersecurity companies in 2021.

OTHER FEATURES

State Sponsored Threats: Microsoft has highlighted that roughly ?80% of nation-state attackers selected as government agencies, policy formations, and other non-government organizations. The United States continues the most highly targeted country with 46% of global cyberattacks being directed towards Americans

Cost of Cybercrime rising:?The cost of cyber crime has risen 10% in the past year which will increase rapidly.

Cybersecurity Workforce:?it’s apprehended ?that there will be?3.5 million unified cybersecurity employment opportunities?by the end of 2025.

The pandemic created ?lots of new cybersecurity issues and companies are working assiduously to ensure they are prepared for anything that comes their way in the future. Assume to see enhanced software supply chain security,?ransomware will become more of a problem for businesses, companies are undergoing period of transition ?to a zero trust framework?for cybersecurity, increased scrutiny on the cybersecurity measures of third-party providers, and rise in cyber insurance to offer further protection for businesses.

THE MOST IMPORTANT MEASURES CYBER STATISTICS TO IDENTIFY FOR 2022?

Phishing Attacks:?Phishing attacks were connected to about 40% of breaches, a rise of 10%, which in part could be ascribed to the COVID-19 pandemic. As might have been expected, threat actors have been observed fine-tuning their phishing campaigns based on what’s making the news at any moment in time.

Cost of Data Breach:?2021 saw the highest average cost of a data breach in 17 years, with the cost rising from US$3.86 million to US$4.24 million on an annual basis as per IBM cost of a data breach report 2021.

Ransomware Expenses:?Cryptocurrency has been the preferred payment method for cybercriminals for a while now, especially when it comes to ransomware. As much as US$5.2 billion worth of outgoing Bitcoin transactions may be tied to ransomware payouts involving the top 10 most common ransomware variants as per FINCEN Report on Ransomware Trends in Bank secrecy data.

DDoS Attacks:?The number of distributed denial-of-service (DDoS) attacks has also been on the skyward trend, in part due to the COVID-19 pandemic. 2020 saw more than 10 million attacks occur, 1.6 million attacks more than the previous year as per ENISA Threat Landscape 2021.

Cybersecurity In The Year Ahead

Dan Lohrmann is one of the world’s most conversant and creative cybersecurity experts. His article on predications for 2022. The answers are submitted annual roundup of the top security industry forecasts, trends and cybersecurity prediction reports for calendar year 2022.


?

The most important?majors security prediction for 2022, the following summary of likely trends for 2022:

1)??There will be widespread security bearings in the coming year from the move to work from home (WFH) powered by COVID-19. More attacks will occur on home computers and networks, with bad actors even using home offices as criminal hubs by taking advantage by exploiting of unpatched systems and architecture weaknesses.

2) The great haste towards cloud-everything will root many security holes, challenges, misconfigurations and outages.

3)More growth in the security industry. Numbers of new products and new mergers and acquisitions will cause network complexity issues and integration problems and overpower and upset cyber teams.

4) Privacy will be in jeopardy , with user upheavals, new laws, disorder and self-regulation failing.

5) Identity and multi-factor authentication (MFA) will take center stage as passwords (finally) start to go away in a critical year when a minor change makes all the difference.

6) Bundles ?of high-profile IoT hacks, some of which will make headline news.

7) Ransomware?will get worse to worst ?with new turns, data stealing prior to encryption, malware packaging with other threats and very specific targeting of organizations.

8)Lots of 5G vulnerabilities will become headline news as the technology grows.

9)?Advanced Persistent Threats (APT) attacks will be widely available from criminal networks. The dark web will allow criminals to buy access into more sensitive corporate networks.

New focuses this year cover:

10) Cyber ?threats in space. A heavy emphasis on operational technology (OT) cybersecurity — vulnerabilities, threats and impacts.

11) A strong importance on cryptocurrencies and crypto wallet security attacks. As Bitcoin and other cryptocurrencies rose in 2021, now the bad actors want your bitcoins even more.

12)More application security vulnerabilities — especially when code is widely used, such as the?Log 4 j exposing. Issues created by a lack of talent and vacancies in public- and private-sector organizations — as the talent war gets worse.

13)Renewed emphasis (but in new ways) on AI, Autonomous vehicles, drones?and other new technologies being hacked.

14)Note that security industry vendor acquisitions have changed many of the familiar names, such as the activities with FireEye, McAfee Enterprise and Mandiant.??

15)Deployed for expanding protection of remote employee offices, and for alleviating workforce shortages. The automation tools are being strengthened in capabilities by artificial intelligence and machine learning algorithms.

16)Cybersecurity will see increased operational budgets?because of more sophisticated threats and consequences of breaches (and especially ransomware) to the bottom line.

Cybersecurity becomes more of a C-Suite issue with every passing year as breaches can be disruptive and devastating for business.” A highly esteemed cybersecurity leader, recently published his latest feature in the January issue of the CISO MAG,?detailing the importance for federal executives to focus on protecting the critical infrastructure supply chain?in IT and OT systems.?“Protecting critical infrastructure Industrial Control Systems, Operational Technology, and IT systems from cybersecurity threats is a difficult endeavor,” said Chuck Brooks. “They all have unique operational frameworks, access points, and a variety of legacy systems and emerging technologies. Protecting the critical infrastructure supply chain in IT and OT systems will be a public and private sector priority.”

In addition, Expert Chuck Brooks discussed the potential cybersecurity workforce shortage that could exist in 2022. It was reported by Cybersecurity Ventures that roughly 3.5 million jobs in cybersecurity were left unfilled in 2021, which could pose significant operational challenges in the federal sector moving forward. Brooks mentioned the Internet of Things (IoT) as an area to watch for growing cybersecurity risks. In particular, Brooks highlighted the challenge that IoT poses from having a lack of visibility and the ability to determine if a device has been compromised and not performing as intended.?“The increased integration of endpoints combined with a rapidly growing and poorly controlled attack surface poses a significant threat to the Internet of Things,” Brooks explained. “Protecting such an enormous attack surface is no easy task, especially when there are so many varying types and security standards on the devices. It will only worsen in 2022 as connectivity grows.”

BRIEF PROFILE OF BROOKS

Chuck Brooks, President of Brooks Consulting International, and Adjunct Faculty at Georgetown University. He is a Technology Evangelist, Corporate Executive, Speaker, Writer, Government Relations, and Marketing Executive. LinkedIn named Chuck as one of “The Top 5 Tech People to Follow on LinkedIn.” He was acclaimed one of the world’s “10 Best Cyber Security and Technology Experts” by Best Rated, as a “Top 50 Global Influencer in Risk, Compliance,” by Thomson Reuters, “Best of The Word in Security” by CISO Platform, and by IFSEC as the “#2 Global Cybersecurity Influencer.” , and as a “Top Leader in Cybersecurity and Emerging Technologies” by Thinkers360. Chuck was named by Oncon in 2019 “Top Global Top 50 Marketer” by his peers across industry.?

ROLE AND RESPONSIBILITY OF EMPLOYER AND EMPLOYEE A OVERVIEW

In an Organization, the needs to safeguard cybersecurity awareness among employees to help protect data and systems. It’s important that employees realize and are alert of the day to day situations that could actually cause harm to the company if they are not vigilant. Risks in the cyber visible features include phishing, hacking, identity theft,?ransomware, ?viruses and more. The threat landscape is always changing and becoming more and more sophisticated and sadly employees are often the weakest link when it comes to keeping data secure.

Business leaders need to be responsible to ensure that their employees recognize risks and their own personal cybersecurity responsibilities and obligations. It goes well beyond sending a one-off cybersecurity awareness email to employees. Creating and delivering a comprehensive cybersecurity awareness campaign can help to keep this issue front-of-mind for staff in your company.

STEP-BY-STEP GUIDE TO CREATING A CYBERSECURITY AWARENESS PROGRAM

Diverse organizations have different needs. There are unalike threats across industries, and the level of knowledge of cyber security among employees can also vary contrarily. There’s no one-size-fits-all approach to delivering a cybersecurity awareness campaign, but the following steps will provide a solid foundation.

1. Set goals

The first and foremost step is to fix what you want to achieve and define your cyber security campaign’s scope based on the specific needs of your organization. This should be set out in a plan that you can take action and measure.


2. Ensure you have buy-in from management

It’s critical to have agreement about the importance of cybersecurity from the?top down?to every level of management within the organization so that providing an ?encouragement attitudes and behaviors suitably.

3. Clearly outline your policies and procedures

It is important to have clear delineation and easy to realize ?policies and procedures in place around cyber security that set out expectations for employees and their obligations to use computer systems correctly to keep data safe. Having employees acknowledge this helps to keep them accountable.

4. Deliver cyber security awareness and education

Sympathetic?goals and specific needs,?then tailor?security awareness campaign to suit?objectives: what are the risks you need to communicate and educate about? Providing the right information to your employees about the common risks and steps that they can take to detect and mitigate risk will help to protect your business.

5. Choose different cyber security awareness topics

Having an ongoing cybersecurity awareness campaign means that you can continuously deliver information to employees about different cybersecurity issues. For example one month you may do a topic on password protocols, the next it may be about phishing.

6. Test your employees’ knowledge

Regularly testing employees’ knowledge about cyber security can help you to determine if there are any weaknesses or gaps in their knowledge that need to be addressed through the development of any additional educational materials.

7. Use a multi-channel approach to communications

Best practice in internal communications includes using different delivery channels to communicate the same message. This is based on research that shows that you often need to deliver the same information several times before it resonates and sticks with employees. It also reflects that different people have different preferences and styles when it comes to receiving information.

8. Include cyber security in employee induction

Cyber security awareness needs to begin from the very first day an employee begins with your organization. By including it in your?employee onboarding process.?you can ensure that all new staff have a consistent level of education and awareness, and you can also bring your brand new employees up to speed with the rest of the employee troop.

9. Keep on top of emerging trends

Cyber security is a fast-moving landscape and cyber criminals are always becoming more and more classy in their methods. It’s crucial to stay up-to-date with emerging threats and introduce them to your employees where appropriate so that you can be on the front-foot and not taken by surprise.

10. Evaluate your efforts

There’s always room for improvement, but you won’t know what to improve if you don’t have metrics that you can measure. Have you found deficiencies? Has your employees’ knowledge improved??When you have data you can use it to inform people about any further cyber security initiatives.

DeskAlerts?is an internal communication software system that is versatile and can help organizations to overcome many different communication challenges, including improving cyber security awareness.The system features many disimilear different?communication to old and channels and is designed to grab attention and screensavers ?,corporate, ?corporate wallpaper,?and password?screens?to deliver custom and timely cyber security messages,?Deliver video content?such as tutorials straight to employees’ screens,???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????op up alert?pop-up alerts?or scrolling desktop tickers,?Send urgent full screen alerts to computers when there is a critical cyber security incident that is threatening your business, Use digital signage?in your company to compliment your campaign initiatives,?Test your employees’ knowledge using the?surveys, polls and quiz surveys, and ask for and receive acknowledgment that employees have read and agree to abide by policies and procedures, and gather ?engagement metrics in real time.

DeskAlerts messages can be scheduled ahead of time, which is great when you are creating an ongoing campaign. You can also send messages to specific audience segments, tailored to their needs. Messages can also be sent in different languages and to different time zones.

Data and systems security is one of the biggest challenges for business today, particularly as the threat landscape is so changeable.?

?

?

?


FREQUENTLY ASKED QUESTIONS

What is a cyber security campaign?

A cyber security campaign is an awareness effort directed at a specific group of individuals, such as employees, providing information about cyber threats with the aim of increasing understanding of the risks so that they can take appropriate steps to avoid them.

What are the 5 types of cyber security?

There are five main types of cyber security to be aware of:

  • ?????Critical infrastructure cyber security
  • ?????Network security
  • ?????Internet of Things (IoT) security
  • ?????Application security
  • ?????Cloud security.

How can we promote cybersecurity awareness?

The main ways to promote cybersecurity awareness include:

  • ?????Getting leadership on board.
  • ?????Making sure everyone understands they have a role to play in keeping systems secure.
  • ?????Understanding the threats your business faces.
  • ?????Provide training and education.
  • ?????Send regular reminders.

?

?

Pedro Palandrani and Alec Lucas, who are both research analysts at Global X, consider how the rising threat of cyberattacks is prompting corporations, governments and consumers to increase and enhance protection measures.

?

It is assumed that the ongoing struggle among organizations, consumers and the cybercriminals who crave their data to deepen this year. The latest concern is a vulnerability in internet software known as Log4j that could jeopardize hundreds of millions of systems globally. This threat follows multiple high-profile breaches in 2021, including the ransomware attack that compromised Colonial Pipeline’s fuel distribution across the eastern US. Cyber events like these continue to grow more frequent and costly, especially attacks on critical infrastructure and supply chains. And this threat is likely to only grow more acute as the global economy continues to digitalize and put sensitive data at risk. As a result, we expect heightened awareness of and expenditure on cybersecurity solutions to create long-term tailwinds for the cybersecurity investment theme.


KEY TAKEAWAYS:

Cyberattacks were prevalent and costly in 2021, a trend likely to continue into 2022. The average data breach cost increased from $3.86m in 2020 to $4.24m in 2021, the highest total cost in the 17 years?IBM?has published its Cost of a Data Breach Report 2021.Corporations, governments, and consumers are increasing their cybersecurity commitments and enhancing measures to protect themselves. Corporations, for example, are expected to spend $172bn in 2022. Identity, network, and endpoint security continue to be points of emphasis for cybersecurity efforts with network security expected to grow the fastest at 24% between 2021 and 2026.

THE DIGITAL WORLD REVEALS ITS VULNERABILITIES IN 2021

The world now creates an estimated 2.5 quintillion bytes of data every day — that’s 2.5 followed by 18 zeros. As a result, hackers have more access to sensitive data than ever, and they will have many more opportunities as the world continues to digitize and data volumes increase. In particular, the Internet of Things (IoT) devices will be a major contributor to the data pool. At the end of 2021, there were 14.6 billion connected devices.?That number could grow nearly 18% in 2022, and then more than double by 2027.The economy’s turn ?to hybrid and remote work also creates significant opportunities for cybercriminals. Pandemic-induced lockdowns eased in the US in 2021, but as many as 45% of full-time employees continued to work from home at least part-time.?Whether due to new variants or employee preference, work-from-home initiatives are likely to remain intact, resulting in data vulnerabilities for the foreseeable future. According to an IBM report, remote work was a factor in 17.5% of reported data breaches in 2021.

The average cost of these breaches was also 16.6% higher than breaches where remote work was not a factor. In 2021, several high-profile companies were victims of costly cyberattacks. The ransomware attack on Colonial Pipeline resulted in a $4.4m payout to th{{ risk management could increase 11% from 2021 to $172bn in 2022.

Governments:?In May 2021, President Biden signed an executive order that aims to modernize federal cybersecurity capabilities, standardize response strategies to cyberattacks, and increase information sharing requirements for government contractors. Then in July, Biden signed a national security memorandum that aims to prevent cyberattacks on critical infrastructure, especially power, water, and transportation. These measures translated into real dollars in the Infrastructure Investment and Jobs Act, which directs $1.7bn in dedicated spending and about $7bn in potential spending toward improving the country’s cybersecurity.?Also last year, the Senate unanimously confirmed the White House’s first national cyber director. Congress created the position as part of the 2021 National Defense Authorization Act, signaling an increased emphasis on cybersecurity in administrations to come.


CONSUMERS:

?A small but growing share of cybersecurity spending comes from consumers. About 53% of consumers are victims of at least one cybercrime, prompting many to take precautions such as personal VPNs, two-factor authentication, and identity theft protection services.?The pandemic exacerbated threats to individuals, as emboldened scammers capitalized on the inflated time consumers spent online. Americans lost $586 million to COVID-related scams as of October 2021.?However, consumers are conscious of the heightened threat. Last year, almost 40% of adults took steps to safeguard their online activity as a direct result of the pandemic.?Digital protection habits learned during the pandemic could accelerate consumer adoption of cybersecurity services.

?

KEY CYBERSECURITY AREAS TO WATCH

IDENTITY SECURITY:?

?

With the explosion of remote work, securing who’s accessing critical data, resources, and apps is a must for organizations. Within this vertical, cybersecurity sub-segments include Identity and Access Management (IAM), Privileged Account Management (PAM), and Identity Governance & Administration (IGA). These sub-segments are forecasted to grow by an average compound annual growth rate (CAGR) of 19% between 2021 and 2026.

?

?

?

?

NETWORK SECURITY:?

?

Companies in this vertical are responsible of protecting a network’s integrity, confidentiality, and accessibility from misuse or breaches. Overly permissive networks can cause cyberattacks to move horizontally (i.e., from user to user) once an individual has been compromised. Zero Trust Networks, for example, provide users with access to internal apps, without the need to connect to a company’s network or expose those users to the internet. Within this vertical, cybersecurity sub-segments include Zero Trust Network Access (ZTNA), Software-Defined Networking (SDWAN), Network Detection and Response (NDR), Firewall / NGFW / Unified Threat Management (UTM), and Secure Access Secure Edge (SASE). These sub-segments are forecasted to grow by an average CAGR of 24% between 2021 and 2026.

?


ENDPOINT SECURITY:?


The multitude of internet-connected devices presents new entry points for hackers, adding challenges and complexity to effectively manage security for firms and individuals. Successful IoT deployments will require multi-layered, end-to-end security that ranges from up front baked-in security requirements to the ongoing management and protection of sensitive machine-generated data. Within this vertical, cybersecurity sub-segments include Endpoint Protection Platform (EPP), Endpoint Detection and Response (EDR), and Data Loss Prevention (DLP). Overall, the Endpoint Security vertical is forecasted to grow by an 8% CAGR between 2021 and 2026. Beyond these fast-growing areas, cybersecurity companies are increasingly looking at consolidation. Typically, cybersecurity providers specialize in specific verticals, forcing customers to secure their data using a patchwork of different providers. This dynamic can lead to costly delays and other potentially damaging inefficiencies; indeed, the average data breach took 287 days to identify and contain in 2021.?In an effort to improve protection capabilities end to end, several prominent cybersecurity providers engaged in mergers and acquisitions in 2021. Noteworthy activity included?CrowdStrike Holdings’ [CRWD]?$352m acquisition of Humio, and Rapid7’s $335m acquisition of IntSights, allowing the companies involved to field more integrated product offerings.?This surge in consolidation activity is likely to continue in 2022, with antivirus and VPN service providers Norton and Avast set to merge in a deal valued over $8bn.

Conclusion

2021 featured some of the most impactful cyber intrusions in recent memory, and the world’s ongoing digital transformation only increases the likelihood of comparable attacks in the future. However, we believe that digital protection lessons learned during this period could further accelerate the adoption of cybersecurity services. In our view, recent financial commitments to thwart cybercriminals can form tailwinds for cybersecurity companies in 2022 and strengthen the long-term investment case for the cybersecurity theme overall.

?Markets is an execution-only service provider. The material (whether or not it states any opinions) is for general information purposes only, and does not take into account your personal circumstances or objectives. Nothing in this material is (or should be considered to be) financial, investment or other advice on which reliance should be placed. No opinion given in the material constitutes a recommendation by CMC Markets or the author that any particular investment, security, transaction or investment strategy is suitable for any specific person.

The material has not been prepared in accordance with legal requirements designed to promote the independence of investment research. Although we are not specifically prevented from dealing before providing this material, we do not seek to take advantage of the material prior to its dissemination.

Latest global trend Latest global trend

Latest global trend

2,421 位关注者

订阅

要查看或添加评论,请登录

更多精彩文章

社区洞察

其他会员也浏览了