As Cybersecurity Awareness Month comes to a close, the urgency of addressing cyber threats has never been clearer. Recent findings from the UK government’s Cyber Security Breach Survey 2024 revealed the startling reality that “half of UK businesses experienced some sort of cyber security breach or attack in the past 12 months”. Additionally, the financial impact of cybercrime is expected to reach a chilling $10.5 trillion annually by 2025.
But how does this data translate to the real world? Nick Palmer, Solutions Engineer at Censys highlighted that “this year alone we’ve seen cyber-attacks force WiFi in train stations to shut off, cause havoc with the NHS blood donation system, and county councils forced to shut down their systems.” So cyber-attacks are increasingly impacting day-to-day life for most people across Britain.
Without intervention and focus, the number of companies that have been attacked will only grow. With that in mind,experts from the industry have come together to strategise a road map for cybersecurity – covering how to navigate pressing trends, the essential toolkit for cybersecurity, future-proofing strategies, and the critical role that employees play in this area.
For business leaders approaching their cybersecurity strategies in today’s rapidly evolving cyber landscape, both clarity and purpose are essential. Rather than feeling overwhelmed by the multitude of options on the market, Martin Simpson, Principal at Node4 Security Practice emphasises the importance of stepping back to gain perspective, suggesting that they “start with a business-led assessment of the organisation’s risk and resilience profile.”
He explains that identifying “these key focus areas can help [businesses] guide, frame and understand their cyber security needs. It’s important to consider which systems are most important to the business, such as those that store sensitive data or process payments. Armed with these insights, organisations can position their ‘must have’ defences accordingly and prioritise efforts (and security budgets) in a proportionate way.”
Additionally, as businesses begin to build defences, they can become overwhelmed by the number of solutions on offer. “The key challenge when it comes to cyber security is that there is a solution for almost everything – but these solutions are not connected, and often they don’t work well together,” reveals Ashok Kumar, Head of Engineering at Cyware.
He continues: “But like most things in life, where there’s a will there’s a way. And that’s why we’re seeing the automation of threat intelligence becoming centre stage in many organisations’ security strategies. By combining intelligent automation with curated Threat Intelligence, we see enablement of security teams to transform the way they identify, analyse and respond to cyberthreats, eliminating the need for manual data assimilation and reducing false positives.
“Automating threat intelligence not only allows users to understand their security risks with more clarity but also contributes to an ecosystem where information is shared with professional IT and security teams – internally and externally – more quickly.”
Once organisations have established their priorities, the next crucial step is to focus on the foundational tools that combat threats effectively. Terry Storrar, Managing Director at Leaseweb UK argues that: “Cybersecurity Awareness Month is a good time to remember a fundamental principle of cybersecurity – that prevention is always better than cure. In view of this, many organisations are implementing multiple layers of security, including continuous monitoring, identity and access management, and comprehensive security compliance training for all employees. However, more security tooling does not guarantee enhanced security – these measures must be well-integrated to close any gaps in cloud security architectures. Moreover, IT and security teams should leverage automation to identify and track potential misuse of sensitive data, further strengthening their cloud environments in an increasingly dispersed working world.”
Censys’ Nick Palmer believes that organisations need to focus on their attack surface. “Internet exposed assets are the number one attack vector for cyber attackers, yet 43% of assets on an attack surface are unknown to organisations,” he explains. “This leaves businesses vulnerable – after all, you can’t protect what you can’t see. They should therefore invest in attack surface management tools, which can detect, identify and prioritise risks across their entire digital footprint. These offer businesses full visibility over their attack surface and thus enables them to take action to protect themselves.”
Kevin Cole, Director of Product and Technical Marketing at Zerto, an HPE company, advocates for focus on recovery after an attack, encouraging “organisations to reevaluate their cyber protection strategies to ensure that data recovery is a top priority.
“In the world of unprecedented and unpredictable cyber threats, having a comprehensive and multi-layered backup approach that emphasises a quick and thorough recovery response is pivotal in keeping your organisation prepared, protected, running and resilient.”
The LTO Marketing Team agree that a focus on data recovery is crucial. They believe companies should “prioritise data resilience by maintaining one copy of their critical data stored offline and offsite. Being offline, with an airgap, prevents a daisy-chain effect wherein a threat bypasses cybersecurity defences to jump across from one system to another, into primary and even secondary backups, while being physically offsite ensures that no one can cause damage (intentionally or accidentally) to the storage units themselves. Tape storage is a prime example of an air-gapped solution – while the on-premises and/or cloud storage could be compromised in minutes due to a successful threat, data stored on tapes would remain untouched. It is then a simple process to restore data to get business operations back up and running before the impact of the incident causes permanent damage.”
As organisations work to strengthen their cybersecurity, any strategies must encompass not only technology but also the well-being and engagement of employees. Matt Hillary, CISO at Drata, emphasises a critical aspect often overlooked: the mental health of security teams.“According to a report from Tines, 66% of cybersecurity practitioners surveyed say they experience significant levels of stress at work, and 64% say that their mental health affects their ability to do their job,” he explains.
He believes that “by acknowledging the problem, creating a supportive environment, and providing tools and space to manage stress, they can make a significant difference in the well-being of their team members. The benefits extend beyond the individual – mentally healthy teams are more engaged, productive, and effective, leading to better outcomes for the entire organisation and the industry as a whole.”
It’s also vital that businesses acknowledge that successful security strategies also rely on the efforts of staff across the entire organisation, not just security teams. Yousef Hazimee, Head of Security, Risk and Compliance at LearnUpon,highlights the importance of engaging training programs.
“It’s vital that security teams enable employees to recognise risks and regularly review and update security training,” he says. “My best advice would be to start with something manageable and design the program with your audience in mind. Given that LearnUponprovides training and corporate learning to other companies, we take training our own employees with our own software very seriously. We run company-wide security awareness training on an annual basis, keeping all employees up-to-date on new and evolving threats and reinforcing the robust security practices we have in place.”
Of course, one of the biggest challenges over the past year for security teams has been therise of AI which also brings its own unique challenges. Rani Osnat, SVP of Strategy at Aqua Security cautions that “the rise of AI has … lowered the barriers to entry when it comes to cybercrime, meaning there are more bad actors out there than ever before.”
He advises that: “To combat this, organisations need to build a layered security approach. They should deploy automated scanning tools that can uncover known vulnerabilities early in the development lifecycle as well as implementing strong runtime protection. A risk-based approach for remediation can then allow them to tackle the vulnerabilities that present the greatest risk by considering factors such as reachability and available exploits.”
As we observe Cybersecurity Awareness Month, it’s essential that organisations recognise the urgent need for robust cybersecurity measures. With a significant portion of businesses facing breaches and with an escalating threat landscape, a proactive approach is essential. By prioritising risk assessments, data protection, and employee engagement, companies can build a resilient cybersecurity framework. This comprehensive strategy will not only mitigate risks but also foster a culture of security awareness, empowering businesses to navigate the evolving challenges of cyber threats and secure their operations for the future.