In a 24×7 connected world rapidly going digital, effective cybersecurity is becoming table stakes and the key to not only business success — but also business survival. Failure to protect your digital assets ‑ data, applications, devices, networks, people and an acceptable user experience (a bad digital experience negatively impacts the future buying behavior of more than 90% of customers) — is tantamount to putting up a ‘going-out-of-business’ sign.
Increasingly, this means ensuring that the network infrastructure is not only protected, but is a critical component of your cybersecurity toolkit. Today’s networks feature fast and intelligent security that’s built around real-time threat prevention, automated enforcement and adaptive protection that are essential to ensuring a secure business, especially with the evolution to digitization.
Digital transformation (DT) is being fueled by the explosive growth of data and devices, and it is changing everything, especially cybersecurity. The changes will be fast and pervasive:
• Connected devices will grow by more than 50% by 2020, to 30 billion, and almost triple — to 80 billion — by 2025;
• Between 2020-2025 the volume of traditional data will grow by 2.3x;
• The volume of data that can be analyzed will grow by 4.8x; and
• Actionable data will grow by 9.6x.
At the same time data, devices and their importance are skyrocketing, internal threats — negligent or malicious employees — and external threats — i.e. viruses, phishing, ransomware and Zero-day attacks — are also surging, putting the cybersecurity threat landscape under increasing pressure. The situation is made even worse by the fact that the bad guys only have to get it right once; the good guys have to be right every time, and that is unrealistic in the face of these growing attacks.
Evidence of the severity of the worsening threatscape is everywhere:
• Within the next 5 years 1.5 billion people, or 25% of the global population, will be affected by data breaches. “Breach is the new normal,” according to IDC;
• Almost 750 million data breaches were reported in 2015, and over 320 million for the first half of 2016;
• The majority of breaches (89%) had a financial or espionage motive;
• In almost all cases (93%), it took attackers minutes or less to compromise systems;
• Data exfiltration occurred within minutes in 28% of the cases;
• Ransomware, malware used to lock you out of your devices and demand a ransom in return for access has quickly become a major cybersecurity threat, with annual costs to small and medium companies of at least $75 billion in expenses and lost productivity; and,
• 93% of phishing emails, the act of defrauding a target of financial and/or personal information by posing as a legitimate company or institution (6.3 million in the first quarter of 2019, a 789% increase over the previous quarter), are now ransomware (averaging 4,000 attacks a day, and up 300% in the past year).
People present a double-edged threat to cybersecurity. They are both the cause of most problems — i.e. 95% of security breaches were caused by human error — and are the weakest link because they don’t have the training and resources necessary to ensure effective cybersecurity.
Fortunately, the situation is not as bleak as it may appear. A broad selection of cybersecurity products and services are available to identify, protect, detect, respond and recover from the activities of deliberate and inadvertent attacks and breaches.
In fact, cybersecurity can be a competitive advantage. “We’re seeing more and more that cybersecurity can actually become a remarkable way to help a company innovate and move faster,” stated David Burg, PwC, US and Global Co-Leader, Cybersecurity.
Cybersecurity solutions like software-defined secure networks (SDSNs) can enable the move from the firewall-centric, hardware-defined era of security to one where problems are solved with software and cloud-based technologies. The new era will provide pervasive security that enables policy, detection and enforcement throughout the network infrastructure, reducing the need for manual updates and automatically applying policies and enforcement rules, driving down the costs of managing network security.