Cyber crime is on the rise. In the U.S. alone, McDonalds, Colonial Pipeline, SolarWinds, and JBS Foods were all recently forced to pay millions due to ransomware attacks that compromised their data. Former Cisco Systems CEO John Chambers predicts an onslaught of up to 100,000 ransomware attacks this year alone, which could cost organizations an average of $170,000 USD each.
The absence of cyber security standards contributes to the problem. Almost all organizations invest in security procedures to protect their physical property from intruders. However, the threats to digital property are just as real, with fewer organizations developing adequate protocols to safeguard these assets. It’s not hard to understand why. Cyber security technology is complex and ever-evolving, and so are the threats. Keeping up with these changes is not easy or cheap.
Voluntary Standards Are Not Enough
Despite the growing wave of cyber attacks, the U.S. requires very few of the sixteen most vital industry sectors to meet minimum cyber security requirements. With threats increasing, 86% of the Cybersecurity 202 Network—a panel of more than 100 cybersecurity experts—said that the government should require organizations in “critical industry sectors” to meet minimum cyber security standards, according to a recent survey from the Washington Post.
While officials in the past considered voluntary standards good enough, that attitude is quickly changing. The U.S. government may soon require organizations considered critical to the nation’s interest to follow a defined set of cyber security standards. According to CNBC, a recent memo from the White House warned businesses that “the threats are serious and they are increasing.” The memo highlighted a number of best practices organizations can take to protect themselves from ransomware, including backing up data, systems images, and configurations, as well as regular testing and network segmentation.
“If a company has done proper segmentation, every time the bad guys try to cross a segment you get the opportunity to detect them before they can trigger the malware,” Michael Daniel, president and CEO of the Cyber Threat Alliance, told CNBC. “By employing this practice you make yourself more resilient against having a successful ransomware attack launched against you, and if you do have one you’re usually able to mitigate the damage and recover much more quickly. This is what gives companies a lot more options than believing they have to pay the ransomware.”
A Problem Organizations Must Manage
Because a lack of universal cyber security standards is precisely what criminals are taking advantage of, it’s vital that governments and organizations develop them soon. In the meantime, organizations must grapple with cyber crime on their own. Those with mature cyber security strategies look at it as a threat they must manage rather than a problem to solve after it happens.
“For some risk you employ technology, for some you buy insurance,” Daniel told CNBC. “The point is that a company is actively managing the risk, not just hoping that something bad doesn’t happen to them.”
Among the steps organizations can take to manage cyber security risks are developing a strategy and ensuring employees are properly trained on how to deal with potential threats.
Cyber Security Considerations for an Effective Cyber Strategy Within Your Workforce
Ideal for technical professionals across all industries who support their company’s IT departments and require up-to-date information on how to protect enterprise networks from potential threats, Cyber Security Tools for Today’s Environment is an 11-course program designed to help businesses improve their security techniques.
Contact an IEEE Account Specialist today to get access to the course program for your organization.
Interested in learning about getting access to the course program for yourself? Visit the IEEE Learning Network to learn more.
Resources
Hum, Thomas. (14 June 2021). Over 65,000 ransomware attacks expected in 2021: former Cisco CEO. Yahoo!finance
Caminiti, Susan. (11 June 2021). Cyber standards are key in battling ransomware attacks. CNBC.
Marks, Joseph. (11 June 2021). The Cybersecurity 202: Our expert network says it’s time for more cybersecurity regulations. Washington Post.
Cyber security plays one of the crucial role in society. Information technology has made task easier and increase their access to the target.