Trends in the Cyberattack Landscape, Security Threats & Business Impacts By Nikhil Taneja, Managing Director-India, SAARC & Middle East
C-suite executives understand thatto transform theirbusinesses, they must embrace the integration of newtechnologies. Most rank improvement ofinformation security and business efficiency as their maingoals. Globally, executives indicate they are ready to embraceautomated processes as part of their security protocols.
SECURING NETWORKS IS CRITICAL TO PROTECTING BRAND REPUTATIONS
Executives are very concerned about the impact that security threats can have on business performance, pointing to the potential loss of customers, brand reputation and operational productivity. Many adjust budget priorities to better secure networks and prevent attacks. Events that most influence how executives view their companies’ security vulnerabilities include high-profile data breaches and nation-state attacks, cyber attacks on their organizations and governmental regulations.
RISK MANAGEMENT CALCULATIONS AFFECT SECURITY INVESTMENTS
C-suite professionals actively monitor what’s happening with their networks. They face tough choices when deciding whereto invest resources to propel their businesses forward.Reported instances of ransom attacks jumped dramatically over the past two years. As the demand for security professionals outpaces the supply, executives are increasingly looking to carriers or ISP/CSPs to manage security.
NETWORK SECURITY CONCERNS VARY BY INDUSTRY
The impacts of attacks on corporate networks can vary depending on the industry in which companies compete. Manufacturers that have long embraced automation as a means to boost efficiencies and production reported plans to integrate automation in security measures with a corresponding shift in their IT budgets.
The finance/insurance industry continued its forward-thinking use of technology as a business enabler and reported plans to move operations to the cloud while continuing to focus on digital transformation. The retail/ wholesale industry is concentrating on managing the increasing complexity of the IT networks, digital transformation plans and the adoption of Internet of Things (IoT) as a means to better serve customers.
Securing the Digital Transformation
Corporations are continually looking for ways to increase productivity and efficiency. Taking advantage of technology advances in their networks is a proven way to be more agile while reducing costs.
Customers, employees, vendors and partners use mobile applications, chat bots, online portals, email and other tools to interact with brands daily. Every touchpoint adds a layer of complexity to the network that can introduce new, risky attack vulnerabilities.C-suite executives understand that, to transformtheir businesses, they must embrace theintegration of new technologies while at thesame time protect data privacy.
According to a survey conducted and responses sought from senior leaders from the Americas (AMER), Europe and the Middle East (EMEA) and Asia-Pacific (APAC):
- 70% AMER & EMEA executives and 80% of APAC executives are greatly concerned about data privacy
- 47%recognized thatdigital transformation activities place pressureon their organizations’ security planning andinvestment strategy
- 32% of AMER, 13% of EMEA & 18% of APAC executives rank new revenue sources as top 3 organizational goals
- Most organizations host 25% to 50% of theirbusiness applications in the cloud
- 96% were “very” or “somewhat”concerned about network vulnerabilities
- 71%of executives reported shifting moreof their network security budget into technologies that employ machinelearning and automation
- About 25% said that the focus of their budgetsremained unchanged in this time period
- Most Organzations worry about huge bandwidth cost by Public cloud providers due to DDOS attacks.
- Globally, nearly four in10 executives trustautomated systems morethan humans to protectthem against cyberattacks
A secure climate for customers
Corporations’ networks are the lynchpinof interactions with customers who expectresponsive applications, fast performanceand above all, protection of their data.The foundation of the customer experienceis a mix of trust and availability. Organizations’brands take a hit if either factor falters.C-suite executives are keenly aware of the effectof security threats on business.
Events that influence changes in organisations security:
- 61%- High-profile databreaches on peercompanies
- 59%Data breachor cyberattackwith ownorganization
- 48%Governmentalregulationslike GDPR, PCI,HIPAA, etc.
- 37%Change in C-suiteleadership
Balancing Investments and Risks
As the threat of network attacks becomes a question of when, not if, organizations must carefully evaluate the risks associated with security vulnerabilities and the costs of implementing effective security solutions. At the same time, C-suite executives face tough choices when deciding where to invest resources to propel their businesses forward.
Even though the threat of network attacks hangs over their organizations,about 25% of executives do not have or are in the planning stages of addressing key security concerns, such as performing security assessments on new technology or working with educational institutions to proactively recruit security specialists.
Most executives across regions (65%–81%) feel that their internal security resources are sufficient to handle their security needs. Yet 66% believe that hackers could penetrate their networks. The internal skills gap is not easily solved because the demand for security professionals outpaces the supply. As a result, more executives need to look to outside security vendors for assistance.
C-SUITE VIEW OF CURRENT NETWORK THREATS, key findings:
- 66% had a hackerpenetrate their network
- 54% experienced a databreach from one ofits mobile applicationsin the last 18 months
- 57%had experienced a cyberattack in the last 12 months
- 50% were concerned about the security vulnerabilities created by use of multiple clouds
ImpactingVertical Industries
The impacts of attacks on corporate networks canvary depending on the industry in which companiescompete. Security trends specific to the needs of some verticals:
Retail :In the retail sector, almost two-third organizations have a half of their business applications in the cloud and are concerned about security vulnerabilities between cloud networks. A major cause of concern for the executive suite is the fact that almost 20 attacks have happened in the past year. Data breach within their own organization was the most influential event that affected their own security planning.This can be troubling because they have the most customer touch points on their networks to enable e-commerce. Therefore this vertical definitely needs a security protections.
Manufacturing: Manufacturers have long embraced automation as a means to improve efficiencies and boost production. So it’s not surprising that they focus on managing the increasing complexity of their IT infrastructures with plans to integrate automation (43%) to help automate security measures.
To accomplishthis, about 75% of executives shared that they shifted moreof the IT budget into security automation. Also, most keep tabs on what’s happening in the marketplace, and two-thirdsreported that high-profile data breaches at peer companies were the most influential event that affected their own security planning.
Finance: Corporate networks are the lifeblood of finance companies’ businesses, which is why this vertical is likely to invest more in security to protect its assets. For example, Deloitte 5, which suffered a cyber attack in 2017, said that it plans to spend 580 million USD on security over the next three years. These companies are especially aware of what’s happening at peer companies. About 86% reported that high-profile data breaches at peer companies were the most influential event affecting their own security planning.
Looking forward, C-suite executives recognize the multiple pressures on their organizations to integrate new network technologies, transform their businesses and defend against cyber attacks, which are growing in frequency and complexity.As more companies add a mix of multiple public and private cloud environments to their IT architecture, the introduction of new vulnerabilities puts corporate and customer data at risk.
The stakes are high. Security threats can seriously impact a company’s brand reputation, resulting in customer loss, reduced operational productivity and lawsuits, which reinforces that cyber security remains a priority in the minds of executives around the world.