How organizations can succeed with their cybersecurity resolutions
Throughout 2019, we witnessed a number of record-breaking data breaches. More than 5,000 businesses and organizations reported a data breach during the year, combining to compromise 8 billion records.
This unfortunate trend demonstrates two issues. First, cybercriminals are constantly evolving and developing new attack methods; and second, organizations are struggling to keep pace with them. Until security is a top priority for organizations in all industries, data protection will remain an issue in 2020.
New year, new issues
Threat actors are always enhancing their tactics, techniques and procedures, as well as creating new ones to infiltrate businesses and steal data, implant ransomware, and more.
One technique that will continue to gain traction in 2020 is lateral phishing. This scheme involves a threat actor launching a phishing attack from a corporate email address that was already previously compromised. Even the savviest security-minded folks can be lulled into a false sense of security when they receive an email asking for sensitive information from an internal source, particularly from a C-level executive. Because cybercriminals continue to refine their attack methods in 2020, companies must be prepared.
Chaos of the cloud
Misconfigurations of cloud databases will continue to plague enterprises around the world and will be a leading cause of data breaches in 2020. Gartner forecasts that global public cloud revenue will reach $249.8 billion in 2020, a 16.6 percent increase from 2019.
This rapid rise in revenue is spurred by continued growth in cloud adoption. However, cloud adoption is clearly outpacing the adoption of the tools and expertise needed to properly protect data in cloud environments; this is supported by the fact that 99 percent of cloud security failures will be the customer’s fault through 2025, according to Gartner. Consequently, misconfigurations will continue to be a leading cause of data leakage across all verticals.
In addition to the above, highly niche cloud tools provided by second-tier cloud service providers are making their way into enterprises. While services that cater specifically to individual industries or company departments are gaining traction, they do not typically have the same native security measures that mainstream cloud services do.
Regardless, companies are gaining confidence—even if it’s a false sense of confidence—in their ability to use the cloud and are adopting these second-tier and long-tail cloud apps without considering all of the security ramifications.
Enterprises will need visibility and control into all of their cloud footprint, including niche services, in order to proactively mitigate any vulnerabilities and properly secure data in the cloud.
How to help an organization succeed with data
Data is precious, and it is imperative that the proper controls are in place to secure it. Organizations must have full visibility and control over their data by deploying solutions that enforce real-time access control, detect misconfigurations through cloud security posture management, encrypt sensitive data at rest, manage the sharing of data with external parties and prevent data leakage. In this way, they can ensure that data is safe in our increasingly cloud-first, mobile world.