The three cybersecurity blind spots affecting today’s CISOs
CISOs need to continually change their approach towards cybersecurity
Today’s CISOs face a perfect storm. Cyberattacks are increasing year-on-year, and new technologies such as AI are empowering attackers. Meanwhile, the amount of data CISOs are defending is growing.
The ever-adapting threat landscape requires CISOs to continually change their approach towards cybersecurity. Last year alone, 85% of IT and security leaders in the UK reported experiencing a significant cyberattack, with 36% of those victims enduring at least one ransomware attack.
With such significant threats to consider, CISOs must evolve and implement a cyber strategy which centers resilience and recovery - no matter where their data is stored.
EMEA CISO at Rubrik.
Vulnerable cloud architectures
As data volumes and the number of devices requiring access to this data have ballooned, many businesses are increasingly dependent on the cloud. To put this growth into perspective, in 2023, 13% of typical organization's data was stored in cloud architecture, compared to only 9% in 2022. Comparatively, on-premises declined from 77% in 2022 to 70% in 2023.
That’s a problem, as attackers are paying attention to these trends too, and hybrid environments have as a result become a real focus area of cyber-attacks. Many of the organizations victimized in a cyber-attack last year were targeted across multiple touchpoints, such as the cloud and SaaS.
Put simply, cloud computing comes with inherent risk because it stores regulated data with fewer security capabilities and less visibility than on-premises assets. So, while the benefits of cloud storage cannot be contested, mismanagement of cloud architectures continues to drive security blind spots:
1. 70% of all data in a typical cloud instance is object storage, which is a common blind spot for most security appliances as it is typically not machine readable.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
2. Unstructured data (such as text files) and semi-structured data represent another blind spot for security because these data types vary wildly in being machine readable
3. More than 25% of object stores contain data covered by regulatory or legal requirements, such as protected health information (PHI) and personally identifiable information (PII).
CISOs must address these security blind spots in their cloud architecture if they are to manage the impact of cyber-attacks. A robust security cloud helps organizations to uphold data integrity, continuously monitor risks and threats, and restore business-as-usual when infrastructure is attacked.
The most vulnerable sectors
While cyberattacks are common in most industries, some sectors are at a higher risk than others, such as the healthcare industry, which continues to be a prime target for ransomware groups.
Healthcare organizations secured 22% more data than the global average and this is only set to grow further. In fact, a typical healthcare organization saw their data estate grow by 27% last year alone - leaving CISOs with an uphill battle to discover and re-secure all data in question.
Concerningly, not only does the healthcare sector hold more sensitive data than the typical organization, which is highly sought after by cyber criminals, but each cyber-attack against them is also more damaging. An estimated 20% of a typical healthcare organization's total sensitive data holdings are impacted every time there is a successful ransomware encryption event, compared to 6% for an average organization. That means that a fifth of a healthcare organization's sensitive data is affected during a ransomware event, representing a significant threat to their operational resilience, business continuity and the potential loss of highly personal patient records.
These numbers are particularly significant, but it's true that any organization which frequently handles sensitive data is at risk of ransomware attack. By understanding the blind spots to watch for to ensure their data is secure from preying hands, CISOs can be more prepared to face the future, and ensure a better approach to cyber resilience within their organizations.
Budget and personnel pressures
While CISOs are being asked to juggle more in every part of their role – including more data to protect – one element has notably remained unchanged: budget.
Having to deliver more, with the same resource, it's clear that these increasing pressures are having a negative impact on mental health. It's stark that 96% of senior IT and security leaders reported changes to their emotional and/or psychological state as a direct result of a cyberattack, with 38% worrying over job security.
Organizations must act to manage the human cost of security breaches in order to ensure that personnel are equipped to face the higher demands required in the wake of an attack.
Delayed action on resilience
It’s an uncomfortable reality that cyberattacks are increasingly unavoidable. But it is the reality. That’s why cybersecurity professionals must move to adopt a position of cyber resilience, and prepare to recover from an attack, not just defend against it.
Until relatively recently, prioritising cyber resilience fell to the weyside - however regulations are coming into play to support the prioritising of cyber-resilience. The Digital Operational Resilience Act, or DORA, is an EU measure coming in at the start of 2025. It will provide a uniform set of requirements for the security of network and information systems of companies and organizations operating in the financial sector, as well as the third-parties who provide ICT-related services to them.
Similarly, the new NIS2 Directive - an update to the Security of Networks & Information Systems Regulations - was introduced in 2023. It applies to businesses working with critical EU and UK organisations. NIS2 enforces cooperation, to incentivize a culture of robust security protections.
By addressing current blind spots, CISOs can uphold data integrity, mitigate the effects of attacks, and ensure business continuity in uncertain times.
Because the only storm you can prepare for, is the one you see coming.
We list the best malware removal.
This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
EMEA CISO at Rubrik.