By Shomiron Das Gupta
In recent years cyber-attacks have witnessed a significant surge in frequency, intensity, and sophistication. These breaches have caused colossal financial losses, irreparable damage to reputations, and disrupted critical services across various industries. Understanding the factors behind this increase is crucial for organizations to protect themselves effectively. This necessitates allocating an appropriate cybersecurity budget to fortify defenses and respond effectively to cyber threats. In this article, we delve into five reasons for the escalating cyber-attacks and provide insights into the recommended budget allocation for robust cybersecurity measures.
Evolving Cyber Threat Landscape:
The cyber threat landscape is ever-changing, with malicious actors continually adapting new tactics to exploit vulnerabilities in emerging technologies and business processes. Advanced persistent threats (APTs) are particularly concerning, as they conduct long-term, stealthy attacks aimed at stealing sensitive data or disrupting operations.
Globally the healthcare sector has been one of the most highly targeted sectors in recent times. This is because of the rapid digitization of patient records and increased reliance on connected medical devices. In India, 1.9 million attacks happened on the healthcare industry in 2022 with an intent to cripple operations and demand exorbitant ransoms.
Insider Threats and Human Error:
Despite the implementation of advanced security measures, human error remains a significant factor contributing to cyber incidents. From falling victim to phishing attacks to unintentionally misconfiguring critical systems, employees inadvertently fall prey to cybercriminals.
In 2021, the American Oil Pipeline system was hacked leading to widespread fuel shortages along the East Coast. This happened because a single password was compromised. A legacy Virtual Private Network (VPN) account lacking multi-factor authentication (MFA) allowed attackers to infiltrate the network.
Digital Transformation and IoT Vulnerabilities:
The accelerated pace of digital transformation has expanded the scope for cybercriminals. The rapid adoption of Internet of Things (IoT) devices has further introduced new vulnerabilities, as these devices often lack robust security features.
A classic example is the Mirai botnet. In 2016 it launched a massive Distributed Denial of Service (DDoS) attack by infecting poorly secured IoT devices. This incident highlighted the potential consequences of insufficiently protecting connected devices.
Ransomware Proliferation and Sophistication:
Ransomware attacks have become a lucrative business for cybercriminals, fueled by the anonymity provided by cryptocurrencies and the ease of monetizing stolen data. The emergence of ransomware-as-a-service (RaaS) platforms has lowered the entry barrier for cybercriminals, leading to a surge in attacks.
The global shipping company Maersk fell victim to the NotPetya ransomware in 2017, resulting in an estimated loss of $300 million. The attack disrupted their global operations and forced them to rebuild their IT infrastructure.
Cyber warfare attacks critical infrastructure, government agencies, and corporations to disrupt operations and, at times, even further geopolitical agendas.
For example, in February 2022, one of India’s leading airlines, Air India, experienced a major cyberattack that compromised approximately 4.5 million customer records. This attack led to the compromise of passports, tickets, and credit card information.
The SolarWinds supply chain attack from 2020 is another example that affected numerous U.S. government agencies and major tech companies.
How to budget cybersecurity?
While we know the types of cyber attacks, we also need to know what kind of budget to allocate while building cybersecurity defenses.
Threat intelligence solutions, threat hunting, and proactive monitoring should get a major share of the budget allocation. Every organization should invest in cutting-edge technologies to stay one step ahead of attackers. Alongside investing in technology, organizations should allocate resources to employee training and awareness programs. A security-conscious culture is important for promoting cybersecurity best practices.
Next comes earmarking funds for securing IoT devices and implementing comprehensive security protocols for digital transformation initiatives. Regular security audits and patch management processes are essential to safeguarding the expanding attack surface. In addition, companies need to strengthen their backup and recovery systems and invest in advanced endpoint security solutions to detect and mitigate ransomware attacks before significant damage occurs.
Investing in advanced threat detection capabilities, security assessments, and conducting risk analyses to identify potential threats should also be budgeted depending on the size of the organization.
Organizations must acknowledge the evolving nature of the threat landscape and bolster their defenses. Determining an adequate cybersecurity budget may be a complex task that depends on the organization’s size, industry, and risk exposure. However, a general guideline could mean allocating approximately 5-10% of the overall IT budget to cybersecurity. Businesses with a high dependency on technology or sensitive data may need to allocate a higher percentage.
By prioritizing cybersecurity, organizations can protect their assets, reputation, and customer trust in an increasingly interconnected world.
(The author is Mr. Shomiron Das Gupta, Founder of DNIF HYPERCLOUD, and the views expressed in this article are his own)