Apart from being the biggest public health crisis of the 21st century, the past three years of the pandemic have been characterised by unprecedented digital transformation among businesses worldwide.
According to a 2020 survey of C-Suite members by McKinsey & Company, global organisations saw the share of digital customer interactions grow from 36% in December 2019 to 58% in July 2020 — an accelerated growth rate equal to three years of pre-pandemic growth.
Image Source: McKinsey & Company
In Europe, the share of partially or fully digitised products and services grew from 34% to 50% in the same period — equal to seven years of normal growth.
But this rapid pace of digital transformation comes with a major risk: poor cyber security.
“New normal” trends such as working from home, digitised products and the increasingly online nature of our daily lives have created opportunities for hackers, scammers and phishers to attack both consumers and businesses. According to IBM, the cost of data breaches in 2021 alone reached $4.24 million — the highest average total cost since they started tracking data breaches.
Many of these cyber security challenges will continue to hound SMEs in 2022. These issues include:
Growth of the Internet of Things Driven by 5G Adoption
In 2018, Symantec operated a “honeypot” of virtual machines around the world that simulated the appearance and behaviour of network routers — the frequent target of Internet of Things (IoT) attackers. Symantec would go on to report that the honeypot saw an average of 5,200 IoT attacks per month.
As commercial 5G networks continue to come into their own (Europe alone is predicted to have 236 million connections by 2025), we expect the number of IoT attacks also to increase. This stems from how 5G is being touted as the next step in the evolution of IoT capabilities, unlocking efficiencies in manufacturing to smart cars, smart homes and smart cities.
For many businesses, now is the time to beef up their mobile device management policies and software. Look for platforms that can scale with your organisation’s needs and offer IoT management solutions.
The Threat of Ransomware Will Persist
This isn’t exactly hot news — ransomware has been around since the early 2000s. But 2021 saw it become one of the top weapons used by hackers. According to the 1H Global Threat Landscape Report from FortiGuard Labs, ransomware attacks grew by a staggering 1070% between July 2020 and June 2021. A Microsoft survey also identified it as the cyber security challenge of CISOs. You can avoid such issues with the help of sapphire.net
Image by Microsoft
Basic awareness and cyber security training will go a long way towards mitigating the threat of ransomware. While technologies and tools offer the best protection for your soft targets, businesses should not underestimate the value of mitigating human error through training.
Small Businesses Will Be Prime Targets for Attackers
Contrary to popular belief, no business is too small to be the target of a cyber attack. According to Verizon’s 2021 Data Breach Investigations Report, small and medium-sized businesses (SMBs) with less than 1,000 employees experienced 1,037 incidents, 263 of which were confirmed to involve data breaches.
As a growing number of SMBs embrace the digitisation of their products and services, they will need to do their due diligence to protect their organisations from attacks and data breaches. We recommend starting with the National Cyber Security Centre’s Small Business Guide: Cyber Security, which covers best practises ranging from malware detection, phishing attacks to password management, among others.
You can also look into investing in managed cyber security solutions, which includes regular security audits and fully managed cyber security protection, just to name a few. This gives your business peace of mind knowing your security is in experts’ hands.
Author: Todd Gifford
Todd’s world can be a detailed and complex one. As a Certified Information Systems Security Professional (or CISSP for short), with over 20 years of experience in IT and Information Security, Todd helps customers understand the risks with their information, where it is stored and processed and how best to manage those risks in our ever-evolving digital world. He writes a mean blog and prides himself in turning technical language into simple sentences we can all understand.