In the face of continuous threats and attacks in the IT field, how should companies move? Knowing how to read the data, interpret it and act. Knowing how to be resilient.
TAKEAWAY
- What year will 2023 be in terms of cybersecurity? It is a question to ask, given that last year was a disastrous one for many companies and public bodies. 79% of organizations have experienced ransomware attacks, according to Splunk’s 2022 State of Security report.
- To count on good IT security, it is good to focus on the tools made available by the digital transition (AI above all), but also to provide more space for professionals such as CISOs – Chief Information Security Officers.
- The application of artificial intelligence and machine learning techniques will also be advantageous in compensating for the lack of sufficient professional figures and will provide a valuable contribution not only to large companies, but also to SMEs.
Talking about cybersecurity and resilience now, especially in the corporate environment, seems obvious after the numerous cases of ransomware attacks that have occurred in recent times. Yet it was to be expected that things would not get better after a 2022 in which, globally, 79% of organizations have suffered ransomware attacks. Public institutions and private companies have lost a lot: at least 35% of the victims said that the attack caused losses in terms of access to data and systems.
The data emerges from the 2022 State of Security report by Splunk, a company specializing in data analytics and end-to-end security. The same reality has published Predictions 2023, forecasts useful for imagining the near future. What tomorrow should companies have to imagine dealing with ever more frequent cyber-aggressions? Cybercriminals are always finding new targets and new attacks.
The losers are businesses, which are fertile ground for IT offenders: only 33% of companies refused to pay the attackers. «It amazes me that 66% said that the organization, either directly (39% of cases) or through an insurance company (27%), paid the ransom», says Gian Marco Pizzuti, area vice president of Splunk for Italy. On average, respondents said the highest ransom paid by their organization was approximately $347,000..
What to do then to extricate yourself from this scenario? A road passes through resilience. The looming recession, the pressures of deglobalization and the talent crisis, in a still evolving “future of work”, will make even more evident the need to focus on the benefits and resilience of digital transformation, so as to get the most out of technologies emerging technologies, including artificial intelligence, machine learning, blockchain and the metaverse, and address economic and geopolitical challenges.
Ensuring cybersecurity and resilience for companies
Certainly, to face the future, the link between cybersecurity and resilience for companies will become stronger and stronger. You will need to develop new tactics to defend against cybercriminals – who will make use of new carriers – and increase the resilience of infrastructure and supply chains.
Cybersecurity will become even more central in the EU, also at the legislative level, especially in sectors such as energy and telecommunications, with the entry into force of the Cyber Resilience Act and the Digital Operational Resilience Act (DORA). The first intends to regulate information security requirements for hardware and software products; the second intends to bring together different initiatives on digital operational resilience for the financial sector.
«The post-pandemic crisis has in fact increased the attack surface: with the development of remote working and smart working, the number of devices that have entered the perimeter that every company must keep under control has increased, also to cope to other issues that have more or less direct implications» illustrates Pizzuti.
Here then is that in Predictions 2023 the watchword for the Chief Information Officers for the current year will not be security, but corporate resilience. «The risk faced by companies is not only linked to cyber threats, but wider, also concerning the effects of climate change, for example. Hence the importance of counting on operational resilience, considering however that – speaking of cybersecurity – attacks are becoming increasingly sophisticated».
The attacks imply heavy losses in economic terms: the European Commission itself, presenting the Cyber Resilience Act, highlighted that hardware and software products are increasingly subject to successful cyberattacks, implying an estimated annual cost of 5.5 trillion euros.
Furthermore, the Commission itself points out that most hardware and software products are not currently covered by any EU legislation addressing their cybersecurity. In particular, the current EU legal framework does not address the cybersecurity of non-embedded software, even though cybersecurity attacks are increasingly targeting the vulnerabilities of these products, causing significant social and economic costs.
2023, the year of certainties
To guarantee cybersecurity and resilience, certain solutions are needed: this is why 2023, from the point of view of those who propose digital solutions, such as Splunk, can no longer be a time for experimentation: «those who want to provide an excellent service to their customers must propose solutions capable of immediately returning value».
But how should companies prepare for this complex and difficult scenario? «As far as the regulations mentioned are concerned, they leave no room for interpretation. At this point, companies must respond – says Pizzuti again – In this regard, the role of the CISO – Chief Information Security Officer takes up more and more space within the company, because in many cases there is a loud demand that cybersecurity skills arrive within the board. It is no longer time to upset the business, but to ensure business operations. A lot of experimentation, however, will come in handy: I’m thinking of the cloud, which Europe sees as an element for diversifying risk».
Still on the subject of cybersecurity and corporate resilience, it becomes essential to act, no longer react, trying to better understand the landscape. In this case, artificial intelligence comes into play, delegated to provide tools and capabilities for understanding the cyber scenario in real time and understanding how to act, “transforming data into action”, as Splunk points out.
«The data assumes the value of guarantee of operational resiliencea concept that will be the mantra for us throughout the current year».
The importance of AI to ensure enterprise-level cybersecurity and resilience
It remains to be understood how artificial intelligence and/or machine learning techniques will explain their usefulness to provide effective answers to these problems related to cybersecurity and resilience at the corporate level, not only in large companies, but also in SMEs.
«In our forecasts, we have always talked about artificial intelligence or machine learning applied with the aim of predicting behavior – notes Pizzuti – Observing human behavior or infrastructure associated with AI allows us to observe much faster and more extensively the signals that I can try to predict. As regards the most adopted techniques, I believe that machine learning will be entrusted with operational tasks that can free up human resources to better manage business needs. Scenarios open up that Predictions 2023 outline as embryonic, but already present, regarding the concept of machine learning as-a-service».
Another aspect that will be increasingly important will concern the ethics of artificial intelligence. Making areas previously managed by human resources with free will operational towards a perspective characterized by machine learning has advantages, because the analysis criteria are objective, free from prejudices, delegating operational tasks to the ML that would only constitute a waste of valuable resources is a good starting point for user communities to drive ML adoption in an ethical way.
«There is certainly still work to be done to regulate the sector, but we know how important artificial intelligence is for self-feeding databases from which to draw information and make decisions».
In this regard, the words of Katie Bianchi, Chief Customer Officer of Splunk, take on particular value: «the application of ML techniques to behavior prediction represents enormous value, especially given today’s shortage of IT and security talents. Machine learning will simplify and improve all business outcomes, from application performance to security detection.
«In all these cases, ML provides better and more accurate information, so you can see what happens next and orchestrate the best response».