The cybersecurity landscape has shifted dramatically in recent years. Malware, phishing attempts, and data breaches have grown in frequency and scope, prompting organisations to invest more time and money into enhancing their cybersecurity strategies. Organisations should be aware of the shifting threat landscape, asking themselves what issues they face today and what specific steps they can take to mitigate the risks of cybercrime.
This was the topic of discussion between cybersecurity expert Jon Bernstein and John Shier, field CTO commercial at Sophos, as they analysed how the security landscape is moving with increasingly sophisticated crime and what this implies for the future of business security.
Shier highlighted multiple critical takeaways, including the evolution of cybercrime professionalisation and specialisation. Firewalls and multilayering defences, such as multi-factor authentication (MFA), have become critical additions to current organisational security layers in order to react to changing hacker techniques.
“We are getting better at detection, and are able to catch these people in the act sooner, but they know that. They know we’re better at detection, we have better tools and services, to aid in this quest of detecting them sooner and so they move faster, naturally,” noted Shier. “The faster we attack, the more we start to prevent these attacks, then the faster we can break their cadence and get in the way.”
Shier also reviewed Sophos' recent research, 'Stopping Active Adversaries,' which identifies the most prevalent and emerging ways hackers infiltrate organisations. The study, which is based on an evaluation of 232 large cyber incidents managed by Sophos X-Ops incident responders, provides helpful suggestions for security strategy.
Among its primary results are that compromised credentials and exploited vulnerabilities remain the most common entry points, and attacks are becoming faster. Ransomware dwell duration was reduced to five days in 2023, down from larger levels in previous years, and 91% of ransomware assaults occurred outside of business hours, highlighting the necessity for organisations to invest in round-the-clock protection.
Three steps to enhance security
Shier highlights the need of three elements for organisations in combating these threats: security, monitoring, and response. "Securing means increasing friction wherever possible, using strong levels of multifactor authentication. "That is critical, and it should be applied wherever possible," Shier added.
Shier warns that cybercriminals will only adapt when absolutely necessary. He suggests raising the bar so high that some cybercriminals' tactics "won't be worth it anymore," but reminds businesses that they no longer need to navigate their cybersecurity journey alone, and can rely on beneficial partnerships to maintain airtight security for their organisation and employees.
“Getting security right can be difficult and time-consuming, it’s resource-consuming and expensive,” Shier added. “When you find yourself in a situation where you think, I’m having trouble doing this on my own, go ask for help. There are plenty of organisations out there, whether it’s people you can partner with for your IT infrastructure or vendors that can help you, ask for help, we’re here to help, and we’ve got the experience to keep you safe.”
During this extensive discussion, Shier offere more insightful details and recommendations to help organisations create a thorough cybersecurity plan. The dynamic landscape of cybercrime and security underscores the significance of implementing multi-layered defences and the necessity for constant protection. Businesses can keep their digital assets safe and remain ahead of cyber threats by taking proactive measures to secure, monitor, and respond.
