Cybersecurity and the Impact of Increasing Connectivity
The world is becoming ever more connected – perhaps even more so in the world of business. It’s expected that people will have nearly constant connectivity for communication, business activities, receiving and analyzing information, adjusting their environment, and more. Increasingly, smart devices in our homes, cars, and enterprises use digital networks to transmit not only instructions for devices and content for entertainment but also sensitive information regarding our finances and our health. Industry too is relying more on smart devices, robotics, and other connected devices that present potential points of vulnerability. In light of this increasing connectivity, what concerns should we have about cybersecurity?
Cybersecurity refers to everything we do to protect connected devices, systems, and networks from digital attacks and the consequences of those attacks. Cybersecurity should ideally be implemented at every stage, from designing and building products and systems to their implementation, use, and management, and even how you respond when an attack is detected. By considering cybersecurity at every stage, you can minimize the impact of attacks.
What are the potential consequences of an attack?
From an enterprise perspective, although denial of service can be an issue, the biggest concern typically involves data breaches. The risk of exposing sensitive data has increased, and the effects can be devastating to both individuals and businesses, not only in terms of compromised information but also in monetary terms. In 2021, the average cost of a data breach in the US was over $4.2M, and as of 2022 that has more than doubled to over $9.4M – even greater in some verticals such as healthcare. There have also been cases in which large numbers of smart devices, on the order of tens of millions, were used collectively to perform attacks on websites, so it’s clear that the consequences of cyberattacks can be more than just monetary.
There will always be some risk in being interconnected – but the answer isn’t to turn away from modern technology, including smart technology that can provide a wide variety of benefits. (See, for example, this article on IoT and edge computing.) There are challenges to creating and using connected systems that still work well and provide the desired functionality while protecting data, devices, and systems, but an intelligent approach to connectivity can lessen the risk while still achieving the benefits. So what do we need to watch out for, and what can we do to improve cybersecurity and prevent problems?
What are the primary ways in which attacks tend to occur?
Some common methods of attack include:
- Phishing attacks and other social engineering scams – Many people are familiar with phishing attacks, which rely on fraudulent emails or texts to convince someone to provide their credentials voluntarily. In many cases, these and other attacks rely on people’s trust and willingness to cooperate. For example, if an email looks like it comes from a trusted colleague, or a phone caller says “I’m from Accounting, and your boss John Doe needs you to go and purchase 10 gift cards and give me the numbers on them for an incentive program,” people tend to take that at face value, rather than double-checking requests for information or financial transactions. The most common cause of breaches involved stolen or compromised credentials, but ironically, that’s also the cause that takes the longest to discover and thus tends to be the most costly.
- Malware, SQL injections, DNS attacks, and more – These are attacks that involve specific code applied in such a way as to cause a problem, often either by making a system work in a different way than intended or by taking advantage of vulnerabilities in existing legitimate software. There are many ways in which this code can be applied – for example, when someone opens an infected email attachment or even visits a website where bad code is lurking, ready to execute on a simple visit to the site.
- Ransomware – A specific subset of malware, ransomware is increasingly causing major headaches for individuals, businesses, services, and government agencies by locking access to devices, networks, and systems and then demanding payment to re-enable access. The danger here is not just the loss of money to pay the ransom, but lost access to required data and systems. Picture an entire city government brought to a halt because every system and server is locked down, and you can imagine how quickly the problems add up.
Although criminal hacking is behind the majority of data breaches, a vast majority of breaches are also connected to employee error – that is, some mistake by an employee is involved in most attacks. In most cases, this is not due to malicious activity by an insider (although such activity can in fact be a cause of attacks and breaches), but simply due to being busy – for example, falling for a phishing scam because you’re distracted by other projects. This is why social engineering is a popular vector for attacks: It’s relatively easy (much easier than creating and injecting bad code!) to find someone who’s busy with their job and not thinking about how a caller or an email contact could be taking advantage of them to gain access to systems or networks.
The average time it took in 2022 to discover a breach was a staggering 9 months – that’s a lot of time in which damage can be done before you even know about it! So whether your business is large or small, it’s crucial to have in place ways not just to prevent the attacks you expect, but to detect attacks that you didn’t foresee, and to have a plan for a quick response once an attack is discovered.
What are some tools and best practices to avoid compromises to your connected devices and systems?
Based on studies by universities and cybersecurity organizations, there are a number of things that can improve your cybersecurity, other than the usual implementation of firewalls, antivirus programs, and the like:
- Ensure that your employees are trained to spot signs of phishing attacks and other social engineering scams. While most people understand that they shouldn’t write their passwords on a sticky note at their desk, many remain unaware of common scams that rely on an employee’s trust.
- Weak passwords are still a big problem, so you need to implement and enforce guidelines for choosing passwords. Simply using short combinations of numbers and letters isn’t enough. Longer phrases and unusual combinations of characters are better, and additional methods such as two-factor authentication (2FA) and passcodes can provide even stronger protection.
- Likewise, be careful to limit access to those who really need it. It’s easy to give everyone in your company access to your network, but it’s a much better idea to assign access permissions carefully based on who needs to access what information and controls, and then review and adjust those permissions periodically to make sure that they’re still appropriate.
- Be sure to keep all of your software, firmware, systems, and networks up to date with any patches provided by developers. Although zero-day attacks can take advantage of unnoticed vulnerabilities, most holes are eventually discovered and patches provided to fix them. The longer you wait before patching, the more likely it is that someone will take advantage of that delay.
- Similarly, it’s a good idea to implement anti-virus and anti-spam tools, but it’s important to keep their definitions updated so they can protect against the latest threats.
- Consider implementing encryption, particularly for data and systems with more points of exposure. For example, while there are many benefits of cloud-based computing, approximately half of all breaches involve cloud-based systems – yet over 80% of businesses say they don’t encrypt more than half of their cloud-based data, rendering it vulnerable.
- Don’t neglect physical access. Especially in larger enterprises, it can be easy for a malicious actor to gain access by pretending to be an employee or delivery person – after all, it’s not possible for everyone to know everyone else who should be there – and then physically gain access to systems and plant malicious code.
- Automated methods of detecting and responding to breaches, including those powered by automated intelligence (AI), have been found to shorten the average time needed to identify and contain a breach by nearly a month on average. These can include tools to monitor your systems and alert you immediately when unusual activity is detected.
- Being proactive is important, but it’s not enough. Assume that at some point you may be affected by a cybersecurity breach. Conduct periodic threat assessments and develop a plan of response that includes how you plan to stop an attack that’s already occurring and how to address the damage that’s already been done. It’s crucial to consider not only how breaches can affect your enterprise, but also how they can affect your customers; you’ll need to address both aspects in your plan or potentially risk legal action, fines, and the loss of business if your customers aren’t happy with your response.
- Also be sure to test your response regularly to identify weaknesses and areas for improvement.
The bottom line: Knowledge is your #1 weapon to protect your connected systems. It’s important to remain aware of all the different ways that connected systems can be compromised and then continuously review, implement, and adjust cybersecurity policies and tools to ensure that you’re doing the best possible job of blocking threats before they become a problem.
Here are some helpful links to learn more:
- How is Connectivity Impacting Cybersecurity?
- Cost of a data breach 2022
- Stanford Research: 88% Of Data Breaches Are Caused By Human Error
- 8 Most Common Causes of a Data Breach
- Nearly 50% Of Businesses Had a Cloud-Based Data Breach or Failed Audit
- Cybersecurity in the Age of Industry 4.0
- 10 Best Practices for Business Email Security for 2022