Cybersecurity is in the news just about every day! The balance between cybersecurity and convenience is always tough, and sometimes cybersecurity can even get in the way.
CompTIA, the leading Computer Industry Trade Association, has released an insightful report: 2024 - State of Cybersecurity.
The Cybersecurity balancing act involves a lot of moving parts:
- Protecting Privacy
- Protecting Critical Assets
- Mitigating Risk
- Minimizing Disruption
- Maintaining Compliance
- Demonstrating Trust
- Ensuring Productivity
At the top of the list of issues driving cybersecurity concerns include:
- Growing number of hackers/cybercriminals
- Privacy concerns handling other people's data
- Generative AI
Cyber Incident Cost is a Big Concern
The most frequent question in cybersecurity is about the financial implications of a security incident. To address this, one must first be aware of the breach and then understand the total cost of resolving it, which is challenging to determine. Identifying cybersecurity events depends on having clear visibility into systems and consensus on defining an incident. For instance, Palo Alto Networks' report states that 96% of organizations encountered at least one breach in 2022, while Splunk’s report notes that 52% acknowledged a recent breach, with 87% being ransomware targets. This discrepancy indicates uncertainty in recognizing incidents, often compounded by delays in detecting network breaches.
Regarding costs, various reports provide estimates of the monetary impact of such incidents. A notable example is IBM's report, which estimates the global average cost of a data breach in 2023 at $4.45 million. This figure attempts to encompass different mitigation efforts, but tends to be skewed by larger enterprises and lacks specific guidance on steps companies should incorporate into their response plans.
Working with IT Services and Cybersecurity with local businesses in the Boston area, we get these questions all the time. The best time to plan for a cyber event is BEFORE anything happens. This report provides a great framework to learn about what other businesses are thinking about, and create a starting point for your own business. In the study, only 28% of firms in CompTIA's study identify a zero trust framework as part of their cybersecurity strategy, but these days, technology solutions are affordable for all size businesses to get started. The cybersecurity skills gap is also high on the list of concerns, and even for small businesses, affordable help is available.
Another big trend in cybersecurity these days is Artificial Intelligence - AI. AI will unfortunately help enable cyber criminals to build more effective cyber threats, but it is also a very powerful tool for defense.
Methods of Improving Cybersecurity Skills:
- Cybersecurity training for employees
- Hire employee with cybersecurity skills
- Expand the use of third parties
- Cybersecurity certifications for employees
- Explore inclusion of third parties
The Computing Technology Industry Association (CompTIA) is a leading voice and advocate for the $5 trillion global information technology ecosystem and the estimated 75 million industry and tech professionals who design, implement, manage and safeguard the technology that powers the world’s economy. Through education, training, certifications, advocacy, philanthropy and market research, CompTIA is the hub for advancing the tech industry and its workforce.
Click Here to get access to the full report! Reach out to us any time if you want to review your security plan.