It’s a global trend that cyberattacks are becoming more frequent and more sophisticated, as nation state actors and crime syndicates continue to leverage fileless attacks, lateral movement, island hopping, and counter incident response in an effort to remain undetected.
This issue is compounded by resources and budgeting. Not only is there a major talent deficit in cybersecurity, there is also a major spending differential. It’s estimated that the underground cybercrime community spends upward of $1 trillion annually on developing attacks. By comparison, worldwide businesses are spending about $96 billion to protect themselves which amounts to defenders being outspent by a ratio of 10 to 1 – a staggering and sobering statistic.
The million dollar question is really, “what can Italian businesses do to redress a situation where, at present, adversaries hold a distinct advantage?” Cybercrime groups are better funded, greater in number, and acting with increased sophistication.
In our recent threat report ‘Hacking, Escalating Attacks and the Role of Threat Hunting’, we concluded that proactive threat hunting is an essential activity in today’s threat armoury. A multidisciplinary team should be anticipating the potential weaknesses and viable attack paths not just within the organisation, but across the information supply chain, to get a step ahead.
In today’s digital environment success is less about waiting for the inevitable attack and more about establishing enterprise visibility, augmented by threat hunting and intelligent incident response, plus ensuring that we are deploying protection mechanisms that can detect and stop advanced attacks.
From a consumer perspective it is all about adopting a more cybersecurity conscious posture that incorporates personal phones, email, password managers, securing Wi-Fi, updating software, using secure browsers, etc.