Cybersecurity Trends in 2021: Are We Keeping Up?
As we reflect on the past year, it is evident that the landscape of cybersecurity is continually evolving. With mega-malware attacks like Wannacry and NotPetya wreaking havoc on enterprises and services, and DDoS attacks reaching record-breaking levels of 1.7 Tbps, the importance of cybersecurity has never been more apparent.
One of the key changes in the past year has been the rise of cryptojacking and fileless malware as new types of threats. According to VirusTotal statistics, there has been an average of over one million potential new threat files submitted each day, with some days nearing two million. This rapid evolution of the threat landscape requires cybersecurity teams to adapt and invest in new technologies and training to stay ahead.
But are organizations truly keeping pace with these emerging threats? The latest research from ISACA sheds light on this question. It seems that security has slipped down the boardroom agenda, with only 20% of organizations having their security function reporting to the CEO or main board. Additionally, 57% of practitioners believe that their main board is not adequately supporting security initiatives, a 10% decrease from the previous year.
Despite these challenges, there is a glimmer of hope as 64% of enterprises are planning to increase their cybersecurity budget this year. However, there is still a significant number of organizations (36%) that do not plan to increase their security spending, indicating a sense of complacency or risk-optimism.
Recruitment of skilled cyber professionals remains a challenge, with 59% of organizations reporting unfilled vacancies within their teams. The lead time to fill open security positions has also increased, with 73% reporting a recruitment lead time of three months or longer. This shortage of qualified candidates highlights the need for more technical staff with operational cyber skills.
In terms of opportunities for cybercriminals, the survey results suggest that many organizations have yet to acquire the budget, skills, and controls needed to match the increase in cyber threats. With the majority of organizations still facing challenges in filling security team roles, the risk of cyber-attacks remains high.
So, what can be done to address these challenges? It is crucial for every enterprise to prioritize their security function and make the necessary investments in training, recruitment, and tools for their security staff. Cybersecurity is a dynamic field that requires continuous learning and adaptation to stay ahead of evolving threats. By taking proactive measures to strengthen their cybersecurity posture, organizations can better protect themselves against cyber threats in the ever-changing digital landscape.