Cybercriminals are always seeking to make their attacks, scams and campaigns as effective as possible. This includes harnessing whatever is dominating the news agenda and is on their victims’ mind.
Economic uncertainty and cybersecurity risks
The current economic uncertainty and cost of living pressures that many consumers are facing around the world is one example. The stress, fear and concern the public is feeling is unfortunately a perfect scenario for cybercriminals to take advantage.
Case in point: during just a two-week period, 1,567 phishing email campaigns relating to energy rebate scams were reported via Action Fraud’s Suspicious Email Reporting Service (SERS). Also: Friends and Family fraud – a term given to campaigns where fraudsters impersonate family members to trick relatives to send money to pay bills – has increased by 58% in recent months, according to data from TSB.
Risks from inside the business
While these scams can primarily target individuals, the organizations they work for can also be put at risk. Extreme pressure (or coercion) increases the chances of individuals becoming an insider threat risk – stealing data, funds or other sensitive information from their employers. Not to mention the threat from fraudsters posing as leaders or managers with bogus requests to transfer money. Everything could be the vector for a potential incident – disgruntled former employees, unused accounts with full admin privileges, misconfigured cloud storage leaving data exposed, and so on.
Economic downturn and uncertainty will cause many organizations to re-examine what they’re spending on and cut back. It’s a natural reaction.
The challenge with cybersecurity is that by their very nature, successful cybersecurity programs are often invisible. Working quietly in the background, they’ll stop threats and incidents from escalating and getting to the point where they’re noticeable by the rest of the organization. If leaders haven’t experienced a cybersecurity crisis firsthand, they may be tempted to reduce the amount they’re investing in the tools and talent they have in place. But it’s a fine line – cutting vital controls and capabilities can impact the ability of an organization to see, sense and react to events before they escalate. A breach is generally devasting to a company, but one during this time could be even more destructive.
Removing bloat, not capability
At the same time, the cybersecurity market has been historically dominated by specialized point products. Companies can accumulate all kinds of tools and solutions to manage both their IT infrastructure and cybersecurity. The shift to cloud and remote working has driven a 19% increase over the past two years in the average number of security tools organizations must manage, from 64 to 76, according to research from Panaseer. That’s not even factoring in the broader array of IT assets in place, from cloud services and software, to workstations, personal mobile devices, users and more.
Depending on the size of the company, individual departments might be using overlapping tools to try and solve the same problem. With this many individual solutions and software, it’s no surprise that security teams may be feeling overwhelmed and unable to track and respond to incidents.
Excessive alerts and warnings cause fatigue and make it challenging to separate genuine threats from false alarms, adding to the challenge. It takes 86 person-hours with eight different tools, on average, to manually compile an asset inventory of everything an organization might be using. The results can often be obsolete by the time the inventory is complete.
Effective cybersecurity detection and response is only possible if IT teams know what they’ve got to work with, and how users and data are interacting. They need continuous, accurate and up-to-date information to mitigate threats, navigate risks, and neutralize incidents.
While improving efficiencies and cutting budgets is a sensible reaction during a period of rising costs and reducing margins, cybercriminals never rest. Businesses must walk the line carefully between removing the bloat and nice-to-haves, and hamstringing their cybersecurity capability, otherwise leaders could find themselves paying much, much more.