The Importance of Cybersecurity Awareness and Insider Threat Management
2024-9-23 18:7:58 Author: securityboulevard.com(查看原文) 阅读量:3 收藏

Organizations are generating vast volumes of data at lightning speed and need to store that data in user-accessible ways to optimize business results. Yet, in today’s digital landscape, safeguarding data against cyberthreats and insider risks is more crucial than ever. National Insider Threat Awareness Month in September and National Cybersecurity Awareness Month in October remind us of the importance of being vigilant and informed of new innovative technologies to help better protect digital data assets. 

Insider threats, which involve individuals within an organization who exploit their access for malicious purposes or unwittingly cause security breaches due to human error, are a significant security challenge. According to a 2023 Ponemon Institute report, 55% of incidents experienced by organizations represented in the research were due to employee negligence, resulting in an average annual remediation cost of $7.2 million.  

Cybersecurity is equally vital. Data breaches in the U.S. are at an all-time high. In just the first nine months of 2023, U.S. data breaches increased by nearly 20% compared to all of 2022 — and organizations around the world face similar trends. Year over year, cloud intrusions increased by 75%, there was a 76% spike in data theft victims named on the dark web, and 75% of attacks were malware-free. 

Because personal data can be exploited and sold for a significant profit, it has become a growing and attractive target for cybercriminals. In 2023, ransomware attacks increased to levels never seen before, while also becoming more sophisticated and aggressive. Corporations, governments, and other types of organizations collect growing amounts of personal data, and sometimes, individuals have little, if any, choice in the matter.  

These statistics underscore the ongoing risks of insider and cyberattacks and the critical need for robust prevention strategies.  

Claroty

In light of the severe consequences of these varying threat actors, organizations would be wise to seek advanced, innovative solutions to thwart such attacks. Three key trends are unfolding that provide a more significant line of defense: 

  • Organizations demand greater data resiliency against cyberthreats. As data environments reach hundreds of petabytes and hundreds of billions of files, protecting data will become an increasingly difficult and complex challenge. Organizations need their data to be resilient and continuously available, with the ability to spring back seamlessly to reduce the risk of critical data loss and the impact of downtime, outages, data breaches, and natural disasters. Resiliency prevents downtime when performing upgrades, data migration and planned maintenance.  

Achieving data resilience at scale requires a radical new model to address the magnitude of modern data demands, one that maximizes data resilience and revolutionizes today’s broken backup paradigm. Traditional backup is independent of the file system, but a new approach merges the file system and backup as one entity. As a result, every change in the file system is recorded as it happens, making it seamless to retrieve lost or deleted data, regardless of when it existed and across the entire time continuum. This approach is redefining enterprise storage by converging storage and data protection within one system. 

  • IT leaders are shifting their focus from backup to recovery. Organizations need complete and immediate data recovery with no downtime or, at most, only milliseconds of downtime to prevent criminals from holding a business and its data hostage for days, weeks, or more. Traditionally, different backup sets are restored, one after another, and inspected until missing or damaged files are found. That process can take hours, days, or longer to recover data – a process that is inefficient and costly. Backing up petabytes of data is not only challenging but nearly impossible. A shift from backup to recovery is necessary if data is going to scale. New approaches are emerging that enable continuous data availability as a strong first line of defense against cyberthreats, enabling organizations to recover compromised data easily and almost instantly. Continuous data availability is a game-changing form of protection that actively records every significant change in real-time for every file so a user can go back to any point in time to retrieve data – easily and without the assistance of IT. Organizations will increasingly leverage continuous data availability technology to protect data from loss and cyber threats.  
  • Multifactor authentication goes a step further with authorization to thwart insider threats. Multifactor authentication alone is not sufficient to protect data from insider threats. Organizations should consider adopting new technology that adds authorization as a second layer to the authentication process to better protect their data. Multifactor authentication and authorization (MFA&A) confirms individual identity during authentication and then grants authorization or approval as appropriate when attempting to perform sensitive data operations to prevent unauthorized access, modification, and deletion. Together, multifactor authentication and authorization provide much more robust security, increase control over system access, and reduce the risk of data breaches. MFA&A also provides enhanced accountability through audit trails, helping to ensure compliance with industry regulations. Organizations that implement MFA&A in 2024 will achieve greater confidence that their sensitive data is protected while ensuring the integrity of their file systems. 

Despite the continued growth of cyber security and ransomware attacks, new technologies are rising to the occasion, delivering data resilience, immediate recovery mechanisms, and more robust access requirements for higher levels of data protection.  

Recent Articles By Author


文章来源: https://securityboulevard.com/2024/09/the-importance-of-cybersecurity-awareness-and-insider-threat-management/
如有侵权请联系:admin#unsafe.sh