Cybercriminals appear to no longer distinguish between big businesses and fledgling startups. Based on recent events, everyone is now a potential target, which means that a multi-layered approach to cybersecurity should no longer be an afterthought. 

The 2022 Global Threat Report by CrowdStrike Intelligence records an 82 per cent increase in ransomware-related data leaks in 2021, with 2,686 attacks in December, up from 1,474 in 2020.

Here in Southeast Asia, our home base, the Philippines, has recorded the highest number of phishing attacks, with nearly seven out of 10 targeting finance-related transactions. A separate study suggests that cybersecurity crime can severely impact the Philippine economy by as much as 1.1 per cent of total GDP, which would be approximately US $3.5 billion.

But other SEA economies can’t breathe a sigh of relief either, as they are equally in danger. One AV company found that Indonesia saw a 65.90 per cent increase in phishing attempts, followed by Singapore with 55.67 per cent, Thailand with 55.63 per cent, Malaysia with 50.58 per cent, and Vietnam with 36.12 per cent.

The outlook doesn’t look too bright with the quantum of ransomware and social engineering attacks set to escalate drastically.

Increased demand for cybersecurity innovation

Cybercriminals are striking with increasing frequency and audacity at companies of all sizes, targeting numerous individuals, too. With cybercrime becoming more organised and rampant, the trickle-down effect is declining trust in companies and systems. 

Also Read: Strengthening cybersecurity measures in the face of Web 3.0

With the increasing numbers of companies focused on seizing bigger opportunities in cloud and mobile computing, they also assume risks in varied measures. The key risks include significant financial loss, plummeting customer satisfaction and market reputation and severe job loss across disciplines. There are also direct financial losses associated with the crime like loss of productivity, fines, and remedial action.

It can’t be underlined enough that cybersecurity must become a strategic business priority, a board-level issue for organisations. It is vital that businesses become proactive when it comes to cybersecurity instead of just reacting to security breaches.

Experts believe that cybersecurity should never be an afterthought but should be integrated into its growth strategy at the very earliest. Another key recommendation in combating cyber threats is investing in training and developing a pipeline of cybersecurity professionals. Cybersecurity awareness has to be part of the company’s DNA across all levels in an organisation.

A multi-layered approach to cybersecurity

With cybersecurity costing companies millions of dollars, it is vital that companies adopt multi-layered cyber protection. This is particularly important as cybercrime can occur from within and outside the organisation, with employees being a major cause of security breaches.

For instance, while remote and hybrid work offered business continuity amid a global health crisis, numerous endpoints and devices became more vulnerable to attack. 

It’s a harsh reality, but today’s cybercrime masterminds have both the expertise and technical capabilities that are on par with their cybersecurity counterparts. In this precarious scenario, organisations should gauge the gravity of the situation and implement immediate and resilient cybersecurity measures. 

Artificial intelligence and machine learning

These extremely versatile technologies have proven prowess in detecting and arresting various types of cyberattacks efficiently. Kickstart Ventures recently invested US$3M in SlashNext, a computer and network security company specialising in cybersecurity, cyberattack detection, and IT solutions.

Its database, AI and ML algorithms can scan and detect zero-hour phishing threats across multiple endpoints in real-time, with six times better phishing threat detection and three times greater spear phishing detection.

Also Read: How can lean startups build a resilient cybersecurity posture

These two technologies are powerful weapons that can be used to pre-empt cyberattacks, as they are programmed to look for anomalies. AI can augment the two-factor authentication and be further deployed to rapidly check additional layers of genuineness. Machine learning can be used to quickly analyse vast amounts of data to identify different types of cyber threats and fraud.

Behavioural analytics

Data can be mined for behaviour analysis, which helps identify patterns and activities to detect potential and real-time cyber threats. An abnormal increase in data transmission from a user device could signal a cyberattack. Behaviour analytics is increasingly being tapped for developing better cybersecurity technologies.  

Embedded hardware authentication

Embedded authenticators are emerging technologies to verify a user’s identity. Powerful user authentication chips are embedded into hardware and are designed to revolutionise “authentication security”. These chips employ multiple levels and methods of authentication working in tandem.

Blockchain cybersecurity

Working on the basis of identification between the two transaction parties, blockchain is fast gaining ground and recognition. Every member of a blockchain is responsible for verifying the authenticity of the data added. Moreover, blockchains create a near-impenetrable network for hackers and are perfect for safeguarding data from getting compromised. So, the use of blockchain, coupled with AI, can establish a robust verification system to eliminate cyber threats.

Zero-trust model

This model works on the assumption that a network is already compromised. Believing that one cannot trust the network, both internal and external securities are scaled up. It includes identifying business-critical data, mapping the flow of this data, logical and physical segmentation, and control enforcement through automation and constant monitoring.

A strategic priority

Cybersecurity is a critical component for ensuring the unimpeded growth of any company. Organisations across disciplines and sizes must treat cybersecurity as an essential strategic priority. Thankfully, while threats continue to evolve, so do the means to deter their potential damage to any organisation’s data, reputation, and growth.

–

Editor’s note: e27 aims to foster thought leadership by publishing views from the community. Share your opinion by submitting an article, video, podcast, or infographic

Join our e27 Telegram group, FB community, or like the e27 Facebook page

Image credit: Canva Pro

The post Why firms need a multi-layered approach to cybersecurity appeared first on e27.