How to Level Up Your Cybersecurity Game in 2023

Key Takeaways:

The continuing digitization of the global economy, ever-increasing numbers of cyberattacks, and regulatory pressure on companies to protect their data make cybersecurity a priority for all organizations, no matter the size.

Ransomware remains a serious risk, and it can cripple an organization. Over time, ransomware attacks may lead to legal issues, financial loss, damaged brand reputation, and erode overall customer trust in your business.

Addressing human error is not as simple as resolving faulty software. Building better cybersecurity habits is a must.

Beating ransomware requires a joint effort between technology and tools, processes, and people.

The current threat landscape

The threat landscape is constantly changing and evolving. Attack sophistication is growing, cybercrime actors are diversifying their modus operandi, and organizations continue to invest in technology to run their businesses.

As businesses worldwide migrate to the cloud and layer more systems into their IT networks to support remote work, enhance the customer experience and generate value, new vulnerabilities and attack opportunities for cybercriminals are introduced.

The figures ¹ below tell a thousand words about today’s threat landscape.

USD  4.35 million -- Global average total cost of a data breach.
277 days -- Average time to identify and contain a data breach.
USD  4.91 million -- Average cost of data breach with a phishing initial attack vector.
USD 4.54 million -- Average cost of a ransomware attack, not including the cost of the ransom itself.
49 days -- Ransomware breaches took 49 days longer than average to identify and contain.
USD 1 million -- Breach costs where remote working was a factor in causing the breach were about USD 1 million more than breaches where remote work wasn’t a factor.
45% -- Share of breaches that occurred in the cloud.

Ransomware means business

Ransomware is continually evolving, with new variants appearing, new ransomware groups emerging, and new techniques and tactics designed to make the most money from attacks. But the main problem with ransomware is not the technology itself but the disruption it causes.

Ransomware is an existential threat to mid-size businesses

According to Gartner®, in 2021 most ransomware attacks targeted mid-sized enterprises with less than 1000 employees (82%) ². While large enterprises may seem to be more lucrative prey and continue to be impacted (and certainly receive almost all the media coverage), ransomware remains disproportionately a small and medium sized business problem. That’s because mid-sized businesses are more likely to under invest in cybersecurity and struggle to properly secure their critical assets. This makes them very inexpensive targets. On top of being an easier target, smaller companies are often more appealing to cybercriminals because going after large, high-profile organizations brings a lot of heat on ransomware groups from law enforcement. As a result, criminals have slowed down their "big game" hunting or targeting of large businesses and critical infrastructure and now focus on smaller businesses, whose victimhood might draw less attention. The proliferation of ransomware attacks targeting midsize companies means that even those that don’t currently employ or engage a security team have a responsibility to act.

Phishing and why people (still) fall for it

Unfortunately, the human element continues to drive breaches. According to Verizon, in 2021 82% of breaches involved the human element. Whether it is the Use of stolen credentials, phishing, misuse, or simply an error, people continue to play a very large role in cybersecurity incidents and data breaches alike.

In today’s digital world, everyone knows that phishing is bad, but somehow it is once again one of the most common vectors for initial access and ransomware. The FBI’s 2021 Internet Crime Report analyzed data from 847,376 reported cybercrimes and found a sharp uptick in the number of phishing attacks, increasing from 25,344 incidents in 2017 to 323,972 in 2021. Advances in sophistication of phishing, user fatigue and targeted, context-based phishing have led to this rise.

While early email phishing attacks usually involved some poorly worded scam messages to trick users into sending money to fraudulent bank accounts, today’s phishing emails are sophisticated, well-crafted social engineering attacks. Threat actors start by doing their homework: they research their targets by looking into public employee profiles and postings, and they check the organization’s partnerships and overall activities in order to plot a very convincing attack. And it works. According to Tessian Research’s report Psychology of Human Error 2022, a follow-up to their 2020 report with Stanford University, 52% of people clicked on a phishing email because it looked as though it had come from a senior executive at the company — up from 41% in 2020.

Leveling up defensive capabilities in 2023

With countless reports of ransomware incidents in the media, remaining defenseless is no longer an option. Here’s what to do to make sure your business is ready to fend off attacks in 2023.

Put high-quality preventative measures in place

The foundation of your protection should be a set of high-quality prevention security controls, providing wide coverage and applying different techniques to recognize malicious intent.

While zero-day and advanced persistent threats grab headlines and surely keep cyber security executives on high alert, most attacks leverage older, overlooked vulnerabilities. It is important to not overlook employing even the most basic preventative measures to cyber threats. This may include hardening your security infrastructure, gaining visibility into areas of potential vulnerability (i.e., humans and devices), as well as continually conducting cyber hygiene checkups of your ecosystem.

Be aware of to the human element

Most data breaches are caused by people, either due to lack of awareness and training, negligence, or plain error. And with phishing and social engineering attacks primarily tapping into human psychological elements and vulnerabilities, CISOs should place the human element in the middle of their cybersecurity strategy.

A change of mindset is needed from "cybersecurity is the responsibility of IT" to "cybersecurity is everyone’s responsibility.” It is important for employees to understand how cyberattacks can impact their businesses and how to protect themselves. Increasing security awareness at employees’ level should be an ongoing process that must cover a wide variety of topics and examples of phishing, ransomware, and social engineering attacks.

Consider a defense-in-depth strategy

The best protection against modern ransomware attacks is to implement a defense-in-depth architecture. A defense-in-depth architecture leverages multiple security measures to protect an organization's assets. The thinking is that if one line of defense is compromised, additional layers exist as a backup to ensure that threats are stopped along the way. The foundation of your protection should be a set of high-quality prevention security controls, providing wide coverage and applying different techniques to recognize malicious intent.

Start with reducing the attack surface, combined with automated prevention controls to prevent most security incidents. Sure, some security incidents will still happen. But major security breaches are avoidable with proper security hygiene, solid defense-in-depth strategy, and great security tools. Combine this technology foundation with mature security operations (in-house or through managed services) for greater efficiency and cyber resilience.

In 2023, the threat landscape will continue to be more varied and diverse. We expect ransomware to keep making headlines, human error to play a big role in security incidents, and organizations irrespective of size to strengthen their security posture and improve their cyber resilience.