- News & Resources: Listings >
- Blog
- How to Improve Safety and Security in Schools – Cloud Manage Network
- Top 10 Cybersecurity Threats in 2024
- Microsegmentation: Protecting Data from Cyber Threats
- Retail shoplifting and loss prevention: How to protect your business
- Generative AI Cost Optimization Strategies
- Why Do I Need to Protect My Cloud?
- 10 Reasons for Engaging Outside Experts to Manage Your Cybersecurity
- Why Hiring a 3rd Party MSP Expert Makes Sense and – and Cents (MANY cents!)
- Brand and Network Considerations When Adopting AI Corporately
- Integrating XDR, SIEM, and SOAR
- 3-2-1 –Go? Not so quick, this time.
- 5 Things a CISO Shoud Know
- 10-Step Patch Management Checklist
- Penetration Testing vs. Breach Attack Simulation
- Current big cyber breaches and impact on businesses
- Smart Infrastructure Gets Lit Up!
- Securing Industrial IoT: The Missing Puzzle Piece
- 7 Common Cybersecurity Mistakes Made by SMBs
- The Future of Physical Security: Cloud-Based Systems
- Autonomous and Sensor Technology Use Surging
- 2024 Facilities Trends Will Require Facilities and IT Teams to Work in Tandem
- NGFW vs. WAF. What’s the Right Firewall for You?
- Chris Hadfield’s Words To Live By
- Industrial Revolution 4.0 + IIoT
- Digital Fluency Drives Innovation
- Your Cloud Needs Protecting, Too
- Your building alarm systems could become obsolete. In 2024!
- Zero Trust 2.0: Zero Trust Data Resilience (ZTDR)
- We just got, or got used to, Wi-Fi 6. What is Wi-Fi 7?
- What Does the Board Need to Know? Business Metrics that CISOs Should Share – 4th and Last in a Four-Part Series
- Why 2024 is the Year for AI Networking
- International Women’s Day is Tomorrow – Great Time to Think About…
- Data-Centric Security Step One: Classifying Your Data
- The Network – Unsung Hero of Super Bowl LVIII
- What Does the Board Need to Know? Business Metrics that CISOs Should Share – Third in a Four-Part Series
- Boosting IT Team Performance by Fostering Intuition, Curiosity and Creativity
- Breach Remediation Costs Can Wipeout Bottom Line and Business
- Hoodied Hackers Now Favour Hugo Boss
- What Do You Need to Tell the Board? Business Metrics that CISOs Should Share – Second in a Four-Part Series
- How to Get People to Re-Engage After the Holidays
- What Does the Board Need to Know? Business Metrics that CISOs Should Share – First in a Four-Part Series
- Android Devices MUST be Updated + IT Departments Being Cut as Privilege Escalation Escalates
- Today’s Common Cloud Migration and Management Concerns
- Protect Your Healthcare Network from Cyberattack – Lives are at Stake
- Happy Halloween: Black Cats Lead to Boo….Hoo.
- Insurance Underwriters are Protecting Their Flanks
- Insurance Companies Cracking Down as Cybercriminals Become Better Business Builders
- Scary Cyberattacks Stats
- Parents, Profs and IT Professionals Perceive Back-to-School Through Different Lens
- Zscaler’s new IDTR and other tools that leverage generative AI
- Vanquish Vaping, Vandalism and Villainy
- Fabric for Fast-Paced Environments
- Changes to Cyber Insurance Requirements – What you Need to Know
- Cybersecurity Readiness – Newly Released Report
- Passwords Leaked…Again
- 10-Step Patch Management Checklist
- Remote – Again – For Now… and Still Maintaining Engagement
- Protecting Pocketbooks, Passwords and Property from Pilfering
- Raspberry Robin: Highly Evasive Worm Spreads over External Disks
- Cisco Introduces Responsible AI – Enhancing Technology, Transparency and Customer Trust
- Managing Customer Trust in Uncertain Supply Chain Conditions
- Hope on the Horizon
- Toys of Tomorrow… What will spark your imagination? Fuel your imagination?
- Protecting Purses and Digital Wallets
- The Password that Felled the Kingdom + MFA vs 2FA
- The MOE’s RA 3.0 and Zscaler
- 7 Critical Reasons for MS Office 365 Backup
- Penetration Testing Important, but…
- Social Engineering and Poor Patching Responsible for Over 90% of Cybersecurity Problems
- Breach Incidence and Costs On the Rise Again + 5 Ways to Reduce Your Risk
- Cybersecurity Insurance Policies Require Security Audits and Pen Testing
- Wireless strategies for business continuity gain importance as enterprise expand IoT, cloud, and other technologies
- How Cybercrooks are Targeting YOU
- Enabling Digital Transformation with Cisco SD-WAN
- WFH Post Pandemic – What It Will Look Like. What You’ll Need.
- Leaders to looking to the IoT to improve efficiency and resiliency
- Cyber Security Vernacular – Well, some of it, for now
- Why You Need Disaster Recovery, NOT Just Back-Ups
- 10 Reasons Why Having an Expert Manage Your Cybersecurity Makes Sense and Saves Dollars
- Converting CapEx IT Investments into Manageable OpEx
- The Hybrid Workplace – Planning the Next Phase
- Cisco Cloud Calling: Empowering Customers to Thrive with Hybrid Work
- When You Can’t Access the Cloud
- How to Keep On Keeping On
- New Cisco Research Reveals Collaboration, Cloud and Security are IT’s Top Challenges
- Threats from Within on the Rise
- Cloud Covered? If Not, Take Cover!
- Zero Trust and Forrester Wave Report
- Password Based Cyber Attack: Like Leaving Keys Under Doormats
- So, What’s Up With Sensors?
- Sensors and Systems Create a Digital “Last Mile” and Help Skyrocketing Costs
- Scanners Provide Peace of Mind for Returning Students and Workers
- Sensors Improve Operations and Bottom Line… Easily and Cost-Affordably.
- Cisco Meraki Looks at 2021
- 2020 Holiday Shopping: Cybersecurity and Other Tips to Safeguard Wallets and Systems
- How to make the most of the technology you have
- Personnel, Planet and Business Progress: More Interdependent Than Ever Before
- Sure… you can get them all in the boat – but can you get them to work well together?
- Pushing the Zero Trust Envelope – Cisco is Named a Leader in the 2020 Forrester Zero Trust Wave
- Cloud Data Must be Protected, Too!
- Don’t Let Anyone Get the Dirt on You – Make It Instead!
- How IoT Devices Can Help You and Your business
- WebEx – A World of Possibility
- Creating Your Breach Response Plan Now Will Save You Thousands Down The Road
- Been hacked? Here’s what you must do next.
- The Need for Pen Testing is At an All-Time High
- 5 Ways an IT Reseller Improves Your Performance and Peace-of-Mind
- 5G and Wi-Fi 6: Faster, more flexible, and future ready. Are you?
- Network and Data Security for Returning and Remote Workers + Disaster Recovery Symposium
- Collaboration and Cisco WebEx: Protecting Your Data
- Thursday’s Virtual Conference Tackles Today’s Supply Chain Trials and Tribulations
- 10 Tips to Reduce Cloud Storage Risk
- COVID-19 Crisis Fuelling IT Spending
- Supply Chain/Logistics Experts Share Their Expertise
- Cisco Breach Defence Overview
- Announcing Our New Website and Blog
This blog post won’t give you solutions but, rather, is intended to shine a light on scary stuff happening in cyberspace right now, for those of you who need a little ammunition for upcoming budget planning sessions.
10 years ago, cybersecurity was not a commonly-used phrase, even within IT departments. Today, the term is not only well-known, but a major concern for organisations of all sizes, in every sector, in every country around the world.
Every day there’s a new horror story on my news feeds. Massive network breaches. Data being stolen from major companies. Personal records compromised.
Some Recent Headlines
In March 2023, the ChatGPT data breach prompted OpenAI, the parent company, to take it off-line until the matter was resolved.
Two others to which most viewers can probably relate are the Twitter and WhatsApp breaches.
Twitter is in the news being accused of covering up a data breach that affected millions of users in the US and EU – and this is in addition to the July 2022 breach that affected millions of accounts at that time.
But the biggest headline grabber of all came on November 16, 2022 when it was revealed that a hacker was selling personal information of some 500 million WhatsApp users from 84 countries on the dark web. This cyber crook claimed to have up-to-date details of 32 million users from the US, 11 million from the UK and 6 million from Germany.
Although the major headlines were about attacks on multinational corporations, mid-size enterprises, those companies with only 100 – 1,000 employees and somewhere between 50 million and $1 billion in annual revenues, have been targeted the most globally, followed closely by smaller enterprises in North America and Europe.
Corporate espionage is often behind attacks, especially nation-state ones, but in over 90% of corporate breaches, employee and client personal data is also stolen. And then there are the smaller e-criminals who only target individuals. It’s safe to say that no one is really immune to these special breed of virus spreaders.
The increasing scale of attacks
There have been double-digit increases in many quarters, but that’s hard to visualize if you don’t know how the figures have been escalating over time. Here are a few fun facts to which everyone should be able to relate.
- The cost of cyber crimes was $6 trillion in 2022 and by 2025, that’s only two years from now, expectations are that it will reach $10.5 trillion, that a 175% increase– and phishing will likely be the leading cause of this vulnerability.
- Right now, there is a hacker attack occurring every 39 second in the US alone.
- According to the FBI and Interpol, about 33 billion accounts will be breached in 2023. That’s about 2,328 a day, with 97 cybercrime victims being created each and every hour.
- And according to a 2023 Statista report, 300,000 new pieces malware are created every day – 92% of which are delivered by email. Worse, the average detection period is 49 days.
It’s no wonder then, that globally, corporate leaders rate cyber “incidents”, and the resulting business interruption, as their two biggest risk concerns.
Sectors in the Spotlight
For several years the MUSH sector (that’s municipalities, universities, schools and health are) has been the primary target, with healthcare having the dubious honour of filling the number one spot three out of the past five years. Indeed, 30% of all large data breaches in this time period occurred in hospitals, and there has been a 58% increase in healthcare industry attacks since 2020.
In Canada, the world-famous SickKids Hospital had to go into code grey for two weeks starting on December 18, 2022 because of a ransomware attack. Luckily, not all procedures were cancelled, and no health records were compromised, but the impact to the children and their families was huge – especially over the holiday,
Not long before that, on September 22, 2022, Optus, which is an Australian telecom company experienced a data breach that gave cyber criminals access to the medical and personal data of 11 million people. These hackers got names, birth dates, phone numbers, home and email addresses, driver’s licence and passport numbers, along with the Medicare ID.
It’s not all that surprising. After all, next to getting credentials from high net worth individuals, who have the resources to squash fraudulent activity pretty quickly, the most valuable IDs when creating new identities come from dead people and youngsters. Where better to get this information, but hospitals and, to a certain extent, schools?
How can we be so sure?
As cybersecurity experts, it’s critical that we stay on top of such trends, but we get a little help. Sometimes a lot of help. Cisco, one of our main partners, owns Cisco Talos Intelligence. Talos has the largest threat detection capabilities in the world, with the probable exception of the US military.
Every day Talos receives 100 TB of data, and uses its systems and over 300 full-time threat intelligence researchers, not to mention hundreds of threat intelligence partners, to assess nearly 2 million malware samples, over 600 billion email messages and more than 16 billion Web requests each and every day.
Not only does this rigorous approach ensure that Cisco’s security solutions are highly robust, and that malware and other threat vectors being created and launched in one part of the world can be nipped in the bud before they reach you, but it enables trends to be identified. This includes the industries being targeted.
Cisco is an exceptionally good source of information, but it’s not the only one we rely on. We speak with our other partners, SOC II and DRaaS systems experts, people whose systems have been breached, law enforcement officers, insurance brokers and other industry experts… we even talk to cyber criminals. Even so, I suspect these numbers are just the tip of the iceberg. As we said in the outset, scary stats. Scary stuff.