Ransomware is the number one cybersecurity concern for Chief Information Security Officers (CISO) are facing at the beginning of 2022, but it’s just one of many issues which they’re attempting to tackle.
According to research by Microsoft, addressing the threat posed by ransomware is the number one cybersecurity challenge currently facing CISOs, closely followed by configuring cloud security and protecting hybrid, multi-platform enterprise environments.
Ransomware was the most significant cybersecurity issue during 2021 and, according to the survey, CISOs don’t think that’s going to change anytime soon, as cyber criminals continue attempts to encrypt networks and demand a ransom payment – which can be millions of dollars – for the decryption key.
The threat is also increased by the rise of ransomware-as-a-service schemes which allow even more cyber criminals to conduct ransomware campaigns, putting organisations at even greater risk of falling victim to an opportunistic attack.
“No longer do individual cybercriminals have to develop their own tools. Today, they can simply buy proven cybercrime kits and services to incorporate into their campaigns. This gives the average cybercriminal access to better tools and automation to enable scale and drive down costs,” said Vasu Jakkal, corporate vice president for security, identity and compliance at Microsoft.
“As a result, attacks of all types are on the rise, with the economics behind successful ransomware attacks fueling a rapid trajectory,” she added.
SEE: A winning strategy for cybersecurity (ZDNet special report)
But while ransomware is viewed as the number one threat, CISOs have a variety of other concerns, including cloud security, which has been pushed to the forefront due to the rise of hybrid working .
While cloud offers opportunities, it also comes with several security concerns which need to be addressed, For example, it’s useful for staff to be able to access corporate cloud accounts remotely, but the way they can be accessed from anywhere provides cyber criminals with additional avenues to infiltrate networks, especially if they’re able to steal the legitimate username and password of a real user.
According to the Microsoft survey other key cybersecurity challenges CISOs are facing in 2022 include the challenge of recruiting security professionals, along with enabling user productivity without sacrificing security.
Cloud security is the most desired investment for the year, along with the likes of vulnerability management and application security.
“As security leaders look to mitigate threats now and in the near future, we’re seeing an increased focus on improving the prevention capabilities of the highest growth threat vectors, such as cloud security, access management, cloud workloads, hybrid work, and ransomware,” said Jakkal.
Recommendations by Microsoft on how to improve cybersecurity throughout organisations includes the implementation of multifactor authentication (MFA), as well as shutting down legacy authentication methods which could be exploited by cyber criminals.
MORE ON CYBERSECURITY