Cyber security trends 2020
Cyber security was the top concern for all businesses in 2019, globally and regardless of their size. In a 2019 Cyber security trends study on the state of cyber security for small to medium businesses (SMBs) found that 66% of SMBs across the world had been the victim of a cyber security attack, within the last 12 months. That’s HUGE for SMBs! I mean barely a week goes by without large organisation making national or international headlines for a data breach or a ransomware infection. Similarly, SMBs are not immune to cyber attacks either. We just don’t hear about them in the media. Yet they are having the same damaging effects.
The attacks carried out against the SMBs are increasingly advanced and on a global scale include:
- phishing (57%)
- compromised or stolen devices (33%)
- credential theft (30%)
The impact of the attacks resulted in the loss of sensitive information about their customers and employees and financial loss.
After polling 2000 IT security professionals from the US and some European countries, the 2020 Cyber security trends become clear. It appears that SMBs globally all have holes in their cyber security approach.
According to says Dr. Larry Ponemon, Chairman of the Ponemon Institute he says that SMBs are “just not doing what they need to” and that they need to “have a strong security posture across the board”
On the other hand, Darren Guccione, CEO, and Co-Founder of Keeper Security says, one of the biggest problems that SMBs have in common is a lack of visibility or control over their password security practices. High-lighting the need for IT to manage using random, high-strength passwords on every single application. 99% of the time he says, the IT department doesn’t know the if high-strength passwords are in use on each device.
Importantly, Guccione explains. “A lot of this problem is a result today of a lack of education and awareness around cyber security.”
Other insights from the poll from a US viewpoint include:
- 82% of U.S. respondents reported experiencing a cyber attack in their organization’s lifetime, which is higher than any other region
- U.S. businesses are more confident in their in-house security expertise than any other region
- Nearly 9 in 10 (88%) of U.S. respondents indicated they spend less than 20% of their overall IT budget on security
- U.S. businesses are nearly twice as likely to be the victim of a cyber attack due to a company insider (77%) versus an external hacker (40%)
The ‘It Won’t Happen to Me’ Mentality
I guess there is a bit of a misconception out there from the leaders of the SMBs the belief that, it won’t happen to me. The attackers are looking to prey on the big fish, the big brands. If their smart and want results they’ll go after the Fortune 100 companies, and not me. To make it clear, despite the increase in the number of these attacks, the overwhelming majority are still severely unprepared. For example, 39% said they didn’t have an incident response plan and 45% described their IT posture as ineffective.
Guccione reminds us that, roughly 30,000-plus websites are breached every day. And that “Cyber criminals don’t really care too much about placing viruses on computers to make them unusable.” Cyber criminals want to make money.
Firstly, by using “ransomware attacks where you lock up the computer and force someone to pay to unlock it”. Or secondly, steal information and sensitive digital assets, take that information and resell it on the Dark Web”
Key takeaways and Cyber security trends
Guccione, says the biggest takeaways from analysing the Cyber security trends poll, is that those in charge of security need to be more proactive and practice what he refers to as “self-help.”
Firstly, educate themselves on the basics of cyber security
Secondly, focus on what they can do to have a cyber security strategy in place for their business
“There are four prongs of that”, he says that are;
- prevention, which is having software processes in place to prevent data breach
- detection, which is again having software in place to detect that there is an anomaly
- remediation, which involves removing bad actors and patching (vulnerabilities) quickly;
- response and understanding when and how you have to respond to your customer base, stakeholders and the public.”
Lastly, burying your head in the sand doesn’t work and Guccione says “SMBs can’t continue to live in denial about the threats they face.”
Keys to moving forward
With the increase in the number of cybercrimes over the last 12 months, and the impact on SMBs both financially and from a privacy perspective, it means keeping ahead of the curve is vital for SMBs going forward.
Preparation is now key.
And security must now cover not just the physical office but a whole range of devices used for remote working.
1. Increased Spending
Audit your existing hardware, software and service. You may require upgrades of your current solutions, if these are not providing the best protection available. You need to focus on reducing your risks and will therefore need to increase your spending. Just remember an attack could cost you so much more.
In 2019 businesses spent more on their cybersecurity, a 9.4 percent increase on the previous year a trend that looking to continue in 2020. These are the overall figures for the large and SMBs and therefore demonstrates how cybersecurity awareness is being taken seriously.
2. The continued growth of IoT
If considering introducing new devices to your network take the time to do some research. Do they have a security weakness’? As new devices are being released to market that are lacking up to date security solutions. And while some IoT devices have benefits for the workplace, others could potentially cause more harm.
To be rolled out in the next few years is the 5G wireless internet. This network that will bring faster internet speeds, may increase risk as weaknesses are exposed and then patched.
Artificial Intelligence, an area of innovation, is projected to have significant growth. A report titled Global Artificial Intelligence in Cybersecurity Market, 2019-2026 is suggesting a 30 billion dollar increase over a 7 year period. The use of AI by cyber-criminals will become harder to spot. Thankfully, AI will also play an important role in protecting us by improving threat detection and identifying vulnerabilities.
To sum it up, cyber security is of great importance to businesses no matter the size. But It can no longer be neglected by SMBs, as advancements in technology occur so will the cyber-criminal sophistication in their tactics. SMBs need to arm themselves through education, and preparation.