Are IT Departments Unprepared to Defend Their Employers Against Today’s Advanced Cyber Threats?

• 10 months into the pandemic, secure access and endpoint security remain a top challenge for IT teams in enabling hybrid work environments going forward
• IT employees now spend five to eight hours per day solely on IT security
• Threat Intelligence, Managed Detection and Response (MDR) services and Endpoint Detection and Response (EDR) technologies can compensate for these new challenges and help organizations face these new threats

COVID-19 has significantly changed the types of tasks that fill a typical IT worker’s day. The pandemic has forced IT staff to spend more time than ever on virtual tasks like team web meetings, or remotely accessing employee devices to troubleshoot issues. According to some studies, many IT employees now spend five to eight hours per day solely on IT security.

The fear of a data security breach has increased sharply in the past two years, and tight budgets are forcing IT reps to do more with less, every day. In fact, some decision makers are trading IT personnel for technological investments in security. So, the question arises: are IT departments ill prepared to defend their organization against today’s targeted hacker attacks?

Caught off guard

Recent studies indicate IT staff in almost every industry and geography might be less prepared than ever, especially those tasked with protecting a small or medium-sized business.

According to the Bitdefender Business Threat Landscape Report 2020, four in 10 emails on the topic of the novel coronavirus are fraud, phishing or malware. At the same time, 43% of employees worldwide are not sure what a phishing attack is. This, even though phishing remains a top attack vector for cybercriminals.

When the human layer itself is breached, the organization’s security arsenal must trigger automatically, absorb the damage and reduce the attack surface. Not all organizations have these solutions in their IT tool stack. Whether through negligence or malice, insiders present a real threat in the new digital reality of the workplace.

New times, new threat models

Enterprise security teams have grappled with advanced persistent threats, or APTs, for years. These threats can range from politically motivated, state-sponsored attacks to profit-oriented ransomware offensives and data exfiltration. Today, even small and medium businesses (SMBs) must include APTs in their threat models.

APT mercenaries, or hackers-for-hire, completely change the premise for security for these companies. Neeraj Suri, Distinguished Professorship and Chair in Cybersecurity at Lancaster University, explains it best:

The reason that 63% of Infosec professionals believe that cyberwarfare is a threat to their organization is easy. Dependency on technology is at an all-time high and if someone was to take out the WiFi in a home or office, no one would be able to do anything. This dependency wasn’t there a few years back, it wasn’t even as high a few months back. This high dependency on technology doesn’t just open the door for ransomware or IoT threats on an individual level, but also to cyberwarfare which can be so catastrophic it can ruin economies. The reason that nearly a quarter of infosec pros don’t currently have a strategy to protect against cyberwarfare is likely because of complacency. Since they haven’t suffered an attack, or haven’t seen on a wide scale the damage that can be done, they haven’t invested the time in protecting against it.

Don’t fire your IT staff - ‘upgrade’ them instead

10 months into the pandemic, secure access and endpoint security remain a top challenge for IT teams in enabling hybrid work environments going forward. Cisco’s Future of Secure Remote Work Report shows that most organizations around the world were only somewhat prepared to support a remote workforce when COVID-19 struck. Bitdefender had published this finding months earlier, when 50% of infosec pros admitted they’d been caught off guard by the pandemic.

The business threat landscape has evolved tremendously in the past year. Small organizations are now finding themselves in nearly the same threat landscape as big ones. With the cyber playing field leveled, both big and small players must update their training and awareness programs, as well as their cybersecurity tool stacks.

The new normal for businesses now includes employees working almost entirely remotely, meaning threat actors are targeting company endpoints that are now away from the corporate network. Amid vulnerabilities, misconfigurations, lax budgets and skills shortages, companies face new challenges and risks that few could even conceive of 12 months ago. And APT hackers-for-hire have changed the way smaller businesses approach security.

Managed Detection and Response (MDR) services and Endpoint Detection and Response (EDR) technologies can compensate for these new challenges and help organizations face these new threats, without taxing their security budgets. And if this Frost & Sullivan analysis is to be believed, Threat Intelligence is fast becoming the go-to weapon to fight advanced threats.

Fight advanced threats with Threat Intel

Threat intel helps organizations navigate an ever-expanding threat landscape. The market for threat intelligence is estimated to reach $234.9 million by 2022 from $132.7 million in 2019, for a compound annual growth rate (CAGR) of 21%.

“Threat intelligence is instrumental in securing enterprises because it enables security teams to prevent cyberattacks in real time and identify a breach that might have occurred in the past,” according to the research.

Threat intelligence solves challenges in security operations by providing extensively curated insights into complex cyber-threats, and lets IT departments analyze and block indicators of compromise in a timely fashion. It also allows IT staff to understand sophisticated threats (i.e. evasive malware) and block threats before they make an impact.

Moreover, experts say threat intelligence represents one of the niche markets in cybersecurity that will be least affected by the COVID-19 situation.