Cybercriminals are becoming bolder and more targeted in their attacks. Emerging threats, such as deepfakes and application programming interface (API) attacks, are the new go-to intrusion methods for these offenders, while defenders try to keep up with the pace and evolution of these tactics. Events such as pandemic disruptions (including increased hybrid work and accelerated digital transformation efforts), as well as geopolitical conflicts have only exacerbated this and made organizations more vulnerable. In fact, a recent survey found that 65% of cybersecurity and incident response (IR) professionals said cyberattacks have increased since Russia invaded Ukraine. In addition, two out of three survey respondents stated that they had experienced an attack involving the use of malicious deepfakes, and 23% of attacks now compromise API security.
As external cyber threats increase, internal security team burnout does, too, eventually leading to increased employee turnover and difficulty in hiring qualified candidates. A recent survey by Cybersecurity Ventures found that the number of unfilled cybersecurity jobs worldwide grew 350% between 2013 and 2021, from 1 million to 3.5 million. The need for these jobs is increasing, but the talent gap is also widening as the qualifications continue to change and the work becomes more demanding.
The good news? Overall burnout rates are slightly lower from 2021 as organizations have been taking burnout and stress more seriously by implementing wellness programs. The implementations that have proven to be the most beneficial are offering flexible hours, investing in further education and presenting additional coaching and therapy. However, there is always more to be done, especially as cybercriminals work smarter and harder to wreak havoc within organizations worldwide.
Fortunately, there are a few immediate best practices that can bolster any organization’s cybersecurity posture, including these three:
1. Analyze the inner workings of devices
This is key to preventing foreign behavior and vulnerabilities within an application. Over the past year, 41% of cybersecurity professionals have encountered attacks involving insider threats. These findings underscore the increasingly critical nature of talent management when it comes to cybersecurity controls, especially as companies are trying to manage employee turnover, onboarding and the use of non-sanctioned apps and platforms. Understanding an organization's entire workload from within will be crucial to protecting proprietary information and averting adversaries with bad intentions. These defense solutions should also factor in lateral movement — which can occur when an attacker gains control of one asset within a network and moves on to others. Teams should remain on high alert when it comes to internal communication tools, like instant messaging services and email, which can be used by hackers as a means to delve inside networks and compromise an entire organization’s network.
2. Unite network detection and response (NDR) with endpoint detection and response (EDR)
By integrating these two technologies, organizations can identify and expose potential threats before using automation to neutralize and remove them. Organizations should assume all digital transactions could potentially be compromised and should not authorize anyone to enter a network without being authenticated. With an increased hybrid workforce and shift to all things digital, employees can potentially be reckless with what they click on and download. Validating everyone within an organization will prevent bad actors from entering and potentially compromising the network by immobilizing any east-west spread movement. Using internal data analytics, security teams are able to gain access and complete visibility to the endpoint and network in real time.
3. Implement internal wellness programs to prevent burnout
Security talent has become extremely valuable as cyber threats continue to increase. It is critical for security leaders to encourage their teams to nurture their mental health and personal development to maintain a positive environment within the workplace. This can include supporting personal time off (PTO) or mental health days and allowing team members to spend valuable time away from their screens, which is key to preventing stress and burnout. Additionally, allowing security teams the time to become comfortable with a new technology or system before implementing it can significantly reduce confusion and stress among team members. Reducing burnout is possible, but it must start with arming security professionals with the tools and resources needed to do their job while maintaining a healthy mindset.
Cybercriminals are constantly adopting new ways to manipulate targets
Deepfakes are leading the charge here. To best defend against this, security teams must work hand in hand with IT and finance teams. In addition, human verification must become stronger, along with increased network and endpoint visibility, to ensure a solid security foundation. As cybercrime continues to take center stage, every industry should know they are not immune to potential threats. The good news is that government agencies are taking cyberattacks very seriously. The Department of Homeland Security (DHS) recently made a $1 billion investment in cybersecurity for state and local governments to give cybersecurity teams the flexibility to address some of the top issues threatening organizations. In addition, security vendors are learning valuable tools and techniques from each other and are implementing lessons obtained into their own strategies and technologies. Cybersecurity is a continuous effort because, as systems evolve, so do attackers.