The Imperative Of Patching: A Resolution For Cybersecurity In 2024

Recent cybersecurity events, highlighted by a major breach at ICBC bank, have cast a glaring spotlight on the importance of patching as a vital component of cybersecurity. This recent incident, involving a malicious exploit known as Citrix Bleed through an unpatched Citrix server, underscores the urgency for organizations to reimagine patching. As we step into 2024, let patching be one of our key resolutions, and move from a routine IT task to a strategic, proactive security service.

Unseen Vulnerabilities in Unpatched Systems

Unpatched systems have become the Achilles’ heel of organizations, offering gateways for destructive cyberattacks. Even the smallest unpatched flaw can be exploited and pose significant risks. The ICBC ransomware attack illustrates the devastating ripple effect of such oversights, underscoring the need for vigilance in patch management.

Patching as a Proactive Security Service

Breaking the cycle of reactive cybersecurity practices starts with redefining patching as a proactive security service. Consistent and timely patch application is crucial in reducing an organization’s vulnerability, and proactive patching should be part of any comprehensive cybersecurity strategy. As we embrace 2024, it’s vital to adopt this proactive mindset and take initiative to secure digital assets.

The ICBC incident is a stark reminder of the need to elevate patching within cybersecurity strategies. As we make our resolutions for the new year, let’s view patching as not just fixing vulnerabilities, but as a proactive measure to change the cybersecurity game. Diligent patching, as part of a comprehensive strategy, transforms operations from reactive scrambles to calculated, anticipatory defense mechanisms.

The Human Element

Addressing the human element in cybersecurity is imperative for success. A lack of awareness or urgency often leads to delayed patching, and organizations must bridge this gap. Employee education, automated patch management systems, and a culture that values security are all ways to empower teams to prioritize patching.

Patching should be a collaborative effort between organizations and software vendors and involve transparent communication about vulnerabilities. In 2024, consider partnering with a managed services provider that specializes in both patching and overall security. Such partnerships provide a single point of accountability and enhance an organization’s ability to manage cyber threats effectively.

Elevating Patching to Cybersecurity Strategy

As we enter 2024, the imperative of patching in cybersecurity is clear. In an era where digital threats are constantly evolving, patching is not a choice but a necessity. The new year calls for a reevaluation of how businesses perceive and prioritize patching, in order to transform it from a reactive response to a proactive measure. Let’s rise to this challenge and secure our digital futures by resolving to make patching a central part of our security strategies this year.

This article was originally published in Forbes, please follow me on LinkedIn.

Under Siege: Cybersecurity Failures Sound the Alarm

The public has been aware of cyber incidents for a long time, but recent high-profile cybersecurity breaches have ignited fresh concerns and garnered elevated attention. These incidents underscore the persistent threats that exist to businesses across industries, hospitals, and even the cryptocurrency market. What valuable lessons can we extract or re-emphasize from these events as we close out Cybersecurity Awareness Month?

Money Alone Can’t Buy You Security: MGM Resorts

The most conspicuous incident in recent memory was the substantial cyberattack on MGM Resorts, a global leader in hospitality and entertainment. MGM boasts generous IT and security budgets, essential for maintaining their seamless gambling operation around the clock. However, despite substantial investments in IT resources and attention to cybersecurity, this attack forced the company to take the drastic step of shutting down its highly sophisticated IT systems completely. While the precise nature of the attack’s origins will become clearer over time, the immediate impact was disruption of the company’s operations — and the raising of critical questions about customer data security. Financial implications of the attack are beginning to appear, as well.

The MGM incident highlights the paramount importance of cybersecurity in the hospitality industry, where customer trust and data protection are non-negotiable. An attack can ripple across multiple operational facets, including financial operations, physical security, planning and client services. It serves as a stark reminder that no organization, regardless of its size or reputation, is immune to cyber threats. To safeguard their operations and customer data, companies must make continuous investments in cybersecurity measures and build robust incident response plans.

Target on Crypto Funds: North Korean Hackers

In a daring cyber heist, North Korean hackers reportedly siphoned off $41 million in cryptocurrency to finance their ongoing cyber activities. Their target was a cryptocurrency exchange, where they exploited vulnerabilities in the security infrastructure to pilfer the digital assets. While criminal activity has long plagued crypto operations, financial threats have also become a persistent concern.

This incident involving North Korea underscores the audacious and relentless nature of cybercriminals. Cryptocurrency exchanges are particularly attractive targets due to the potential for substantial financial gains. To shield against such attacks, exchanges must prioritize security, conduct regular audits, and educate users about best practices for securing and accessing their digital assets.

Healthcare Sector Vulnerabilities: Prospect Medical Cyberattack

This year has witnessed a surge in healthcare cyberattacks, an unsettling reality confirmed by emerging reports. These attacks are especially dangerous, as they can jeopardize sensitive patient data and essential medical services. In a recent attack, Prospect Medical, a healthcare management company in California and Pennsylvania, fell victim to a cyberattack that disrupted its operations. Beyond these operational hindrances, Prospect Medical encountered billing issues with Medicaid and is grappling with an extensive recovery process. Reports also suggest the financial toll and implications of the breach could affect a planned sale of various hospitals, extending the impact to future business operations.

This incident underscores the life-threatening consequences of cyberattacks targeted toward healthcare organizations. They can disrupt patient care, compromise sensitive medical records and even impact the organization’s future business plans. The lesson here is clear: robust cybersecurity measures, regular staff training and investments in technology that guard against threats are imperative.

Key Takeaways

These recent cyber incidents offer several vital takeaways that can be applied more broadly:

  • No Entity is Immune: Cyber threats can impact any organization, from global corporations to local hospitals. Acknowledging this reality is the first step in developing a proactive cybersecurity strategy.
  • Invest in Cybersecurity: Investing in cybersecurity infrastructure, regular updates and employee training is not an option; it’s a necessity in today’s digital landscape.
  • Rethink and Reset on Cyber: Major incidents provide an opportunity to reevaluate cybersecurity programs and strategies from top to bottom, and to extract insight from tough lessons learned.
  • Comprehensive Security is a Must: Whether through outsourcing, partnerships or in-house measures, comprehensive security, 24/7 monitoring, early detection, incident response and actionable insights are non-negotiable.
  • Ransomware Preparedness: Robust backup and recovery solutions are essential to minimize disruption and data loss in the face of ongoing ransomware attacks.
  • Investing Wisely in Cybersecurity: While financial resources are essential, effective cybersecurity goes beyond budget size; it requires a holistic approach to protection and readiness.

Cybersecurity: A Continuous Imperative for Safeguarding the Digital Future

The recent cyberattacks on MGM Resorts, cryptocurrency exchanges and healthcare organizations serve as stark reminders that the cybersecurity landscape is continually evolving with high stakes. In the spirit of Cybersecurity Awareness Month, let’s remember that readiness is not a choice. Organizations must take proactive measures to protect their digital assets and customer data. Safeguarding the digital future is a collective responsibility that demands continuous improvement, collective action and the latest tactics and technologies to address evolving risks.

This article was originally published in Forbes, please follow me on LinkedIn.

The New Normal for Cybersecurity

Cybersecurity seems to be making news headlines more and more recently. Hackers are becoming more widespread and more efficient with ransomware attacks up 105% from 2020 to 2021 according to the 2022 Cyber Threat Report. With new virtual realms such as the Metaverse close within our reach, it is crucial that proper protocols are set in place. 

For a Security Operations Center (SOC), monitoring customer infrastructure activity and quickly mitigating cyber threats is always a top priority, but it is especially important right now as conflict continues between Russia and Ukraine. Current Advanced Persistent Threats (APTs) and destructive malware includes: 

  1. Disinformation, defacements, Distributed Denial of Service (DDoS) 
  2. Destructive Wiper Communities  
  3. WhisperGate 
  4. HermeticWiper 
  5. IsaacWiper 

 All of the attacks are initiated to spread propaganda or disrupt normal operations for businesses and individuals. The Destructive Wiper Communities are different destructive malware with the intention to erase computer hardware and delete data and programs having crippling results for these businesses.  

 Following the initial attacks on Ukraine, cyberthreats were heightened globally by over 800%. While the Ntirety SOC team have not seen any targeting of Ntirety customers, we know that this could change at any moment, so we remain vigilant. We are continuing to take steps to enhance cybersecurity postures and increase monitoring for cyber threats.  

 Many data breaches can be tracked back to the tiniest flaws such as a weak or stolen password. As cybercriminal groups grow, it can be difficult for security teams to seal the cracks and fix the bugs fast enough. Protecting your business should be an ongoing effort, as there will always be cyberthreats. It is important to have all the right tools and technologies in place working together. 

 Cyber attackers look for access into endpoints- these endpoints are easily readable, readily available, and easy to access. As remote work has become increasingly more common, these endpoints, which were once located in relatively secure buildings, have moved outside of the four walls of an office. From these endpoints, cybercriminals will steal data and take down critical applications. Malicious attacks can include: 

  • Phishing: Users surrender personal information by responding to fake official emails or links to fake websites 
  • Malware: “Malicious software” designed to damage or control IT systems (Example: Ransomware) 
  • Man-in-the-middle attacks: Hackers insert themselves between your computer and the web server 
  • DDoS: “Distributed Denial of Service” A network of computers overload a server with data, shutting it down 
  • Internet of Things & Edge Processing: Rogue data thefts; user error (not encrypting) 
  • SQL Injection Attack: Corrupts data to make a server divulge potentially sensitive information 
  • Cross-Site Scripting: Injects malicious code into a website to target the visitor’s browser 

Attackers are continuing to evolve their game and crowdsource their efforts. They can find vulnerabilities and exploit weak points within cyber infrastructures. With the help of Ntirety’s SOC your business will have eyes on your cyber infrastructure 24x7x365. For more information watch our recent webinar here and stay tuned for the next blog in this series. 

Cybersecurity Challenges in a Nutshell

Computer security researcher Dan Farmer once said, If security were all that mattered, computers would never be turned on, let alone hooked into a network with literally millions of potential intruders.” This is not reality because as individuals and businesses we rely on these devices. 

The mindset must be changed about where cybersecurity falls on a business priority list. Cyber incidents most often occur because a cybersecurity plan was not set in place prior to an incident. Cybercriminals around the world are deploying ransomware in our cyber infrastructures. after hours or over the weekend so that by the time the effects of it are seen, the damage is done through a phishing attack email or another form of exploitation.  

It is critical to be proactive when it comes to cybersecurity and already have defenses in place before bad actors reach your cyber infrastructure. Cybercrime has (unfortunately) cost companies trillions of dollars a year according to Cybersecurity Ventures 

$6 Trillion USD A YEAR 

$500 Billion A MONTH 

$115.4 Billion A WEEK 

$16.4 Billion A DAY 

$684.9 Million AN HOUR 

$11.4 Million A MINUTE 

Most recently, ransomware groups and criminal enterprises from Russia have been able to operate in their country with no chance of going to jail because it fits with the desires of the country’s leadership. If this leniency on cybercrime remains in countries like this, we cannot rest knowing our cyber infrastructures are not safe. 

Small to medium businesses are at a high risk for ransomware attacks and often cannot fully recover afterwards. 71% of cyberattacks happen to businesses that have less than 500 employees. 

Implementing Zero-Trust and having visibility into attacks and resiliency in order to mitigate the damage is critical in moving forward for any business. Frequent patching is another key operational strategy for defending against attacks-a prime example of insufficient patching would be the recent log4j incident. Without proper patching, organizations remain vulnerable to external entities.  

Additionally, phishing is one of the top ways that cybercriminals enter IT infrastructures, and without proper training, employees and their organizations are vulnerable. Phishing accounts for 90% of data breaches. Through these phishing campaigns, bad actors can steal passwords, install malware to access/control the system, or ransomware to immediately shutdown the business. Weak or stolen passwords make up 81% of breaches according to the Data Breach Investigations Report. This is why it is important to create strong passwords and change them often along with implementing two-factor authentication.  

Vice President and Global Chief Information Security Officer Stéphane Nappo of Groupe SEB said, “The five most efficient cyber defenders are: Anticipation, Education, Detection, Reaction and Resilience. Do remember: “Cybersecurity is much more than an IT topic.” 

For more details on how to secure your cyber infrastructure watch our most recent webinar and schedule an assessment with us today. 

The Changing Cyber Landscape

Cyber-attacks have increased by over 800% since the start of the Russia-Ukraine war from suspected Russian bad actors. Attacks have become so much more frequent and unprecedented and their impacts even more devastating. The Colonial Pipeline ransomware attack in 2021 is a recent example and is the largest publicly disclosed attack against critical infrastructure in the United States. The Colonial Pipeline is the largest refined oil product pipeline in the U.S. and can carry 3 million barrels of fuel per day between Texas and New York. Attackers exploited an exposed password for a VPN account, stole data, and asked for a ransom of $4.4M. The attack was felt across the country through shortages of jet fuel, and fear of a gas shortage caused panic-buying, and a spike in gas prices. 

 

Global threats are not only dominating mainstream media headlines but unfortunately our cyber infrastructures as well. 2022 has already seen its fair share of challenges between Covid-19, supply chain issues, natural disasters, and the Russia-Ukraine war. Amidst all these events, cyber incidents were still the top global threat according to the Allianz Risk Barometer 2022 

 

Ransomware attacks cost companies millions each year. The top 5 known ransom payments include: 

 

  1. CWT Global 

AMOUNT PAID: $4.5 MILLION 

RANSOMWARE: RAGNAR LOCKER> 

  1. Colonial Pipeline 

AMOUNT PAID: $4.4 MILLION 

RANSOMWARE: DARKSIDE 

  1. Brenntag 

AMOUNT PAID: $4.4 MILLION 

RANSOMWARE: DARKSIDE 

  1. Travelex 

AMOUNT PAID: $2.3 MILLION 

RANSOMWARE: SODINOKIBI 

  1. University of California San Francisco (UCSF) 

AMOUNT PAID: $1.14 MILLION 

RANSOMWARE: NETWALKER 

 

 

Most of these vulnerabilities were hacked due to weak passwords or not having many defenses in place and only relying on firewalls. Most of these incidents could have been prevented through a proactive cybersecurity solution such as Identity and Access Management Services. 

 

Cyber criminals will often pose as co-workers, friends, or family members for network/password credentials or financial gain-this is called social engineering. The sense of urgency from an authority figure or family member often outwits our sense of realizing this is an out of character request. It often leads to instantly sending money to what seems like a familiar face. The network/password credentials shared provides entry that your typical security hardware and software won’t notice and allows unfettered access to valuable, critical data. 

 

Existential Threats 

As the attacks increase, so do the costs associated with them. The average cost of a data breach is $4.24 million for companies worldwide according to the 2021 Cost of a Data Breach Report. With all the hackers and scammers flooding our cyber infrastructures today, it is more crucial than ever to have the proper defenses in place. The toll on business productivity and financial standing is far too much. 

 

  • Existential Threat: Ransomware 
  • Real World Impact: Average cost of a ransomware attack is $732,520 when the ransom was not paid, but doubles to $1,448,458 if the ransom is paid 
  • Existential Threat: Downtime 
  • Real World Impact: Amazon, Microsoft,
    Delta, Sony, Nvidia—no company is immune from downtime and the brand damage
    it inflicts 
  • Existential Threat: Compliance Fines 
  • Real World Impact: New state compliance requirements are rolling out and the penalties are no slap on the wrist—California Consumer Privacy (CCPA) fines can run up to $7,500 per violation with no cap 
  • Existential Threat: Data Loss 
  • Real World Impact: Whether from a cyberattack or human error, 40%-60% of SMBs won’t reopen after data loss 

In addition to these existential threats, enterprises have faced a slew of IT challenges: 

  1. The average enterprise has 6 different forms of application infrastructure 
  1. …each of which comes with unique management systems and tools 
  1. 80% of time is spent managing risk 
  1. …which leaves little time for IT to create additional value for the business 
  1. Compliance requirements are evolving in real-time including the addition of state privacy laws.  California led the way with CCPA and 38 other states recently implemented privacy laws. 
  1. IT is expected to do more with less year-after-year managing cross-platforms, and security and compliance of different environments 

With the ever-increasing threat landscape affecting more businesses and individuals each year, it is understandable companies are seeking out a reliable partner to protect their cyber infrastructure. Ntirety can help your business build a security and compliance solution that meets today’s needs while strengthening your long-term strategy. For more information watch our recent webinar here and stay tuned for the next blog in this series. 

Building An Industry Response To Ransomware

While your business may have a disaster recovery plan in place, it is equally if not more important to proactively put security measures in place to defend your cyber infrastructure from ransomware and similar threats. The following piece is by Ntirety CEO Emil Sayegh originally published in Forbes. 

 

Building An Industry Response To Ransomware 

The term ransomware will often trigger a detectable response in even the most hardened security professional, especially as the industry sees an 800% increase in cyberattacks in the early days of the Russia-Ukraine war. This well-known digital blight carries so much impact that the appropriate response to the word itself is justified. Year after year, we can see that the rate and scale of ransomware attacks are skyrocketing, and recent attacks on Samsung and Nvidia illustrate an even more rapid acceleration —thankfully, the response to ransomware is also on the way up. One of the actionable ways that the threat is being addressed is through proposed legislative acts. 

A First Try: Ransomware Disclosure Act 

Among the most significant legislative measures proposed in the last few months is the Ransom Disclosure Act. On the surface, this governmental initiative, like many other initiatives, seems like a great idea, until you dig into it. The provisions in the act create a 48-hour window in which a company that has paid a cyber ransom must report various details about that payment. The disclosure mandate includes information on the amount paid, the date of the occurrence(s), the type of currency used, and any available data about the parties that made the ransom demand. This information is then sanitized by the U.S. Department of Homeland Security (DHS) and published on a public website. Still unquantified are the prospective penalties of non-compliance with the Act. 

From an enforcement perspective, it cannot be denied that there is a deficiency of active data that could assist in criminal implications and recovery. Rapid, detailed information can make a big difference in the ability for governmental agencies to step in, tracking funds and potentially being able to seize ill-gotten proceeds. 

For example, there was a partial but significant ransom recovery that occurred after the ransom payment in the case of the Colonial Oil Pipeline event. The Colonial incident was a major attack that had considerable national impact and publicity. Due to the publicity, federal agencies were involved in the response, and the partial financial recovery speaks for itself. Should similar actions be the response framework for all attack incidents? There are many practical points to debate in the matter, starting with whether the governmental authorities have the mandate, resources and capability to pursue these cases adequately and in a fulsome way. 

Disclosure Flaws 

While we all want actionable intelligence to maintain a level of awareness, the public aspects of this Act are cause for some legitimate concerns. Over the course of events, as they are publicly disclosed, it is possible that the proposed DHS site could amount to a ransomware leaderboard. This could add the unintended effects of increased ransoms, increased ransomware cybercriminal participants, increased volume of attacks and increased severity of successful attacks across the board. Here are some key flaws in this proposed reporting requirements by DHS: 

  • Public disclosure could result in the creation of successful ransom intelligence that cybercriminals can use by correlating data. It is possible to unintentionally disclose industry information, date, and time information, ransom amounts, and preferred payment methods. Even with the company names redacted from this base of information, cybercriminals can glean the identity of the biggest “scores” from public news, service information, and countless methods of dark web underground chatter.
  • The collection of information proposed in the act only focuses on the impact of the attack upon targeted companies. Once published, an incident could serve as a reference point for unknown public and financial repercussions.
  • Compliance and the roll out of a reporting program could lengthen the duration of disruption, extending the time needed to return to operations.
  • There doesn’t appear to be a history of successful piloting of such a system, including the impact on an industry.
  • Rival global cyber-gangs could derive intelligence from successful attacks, and fine tune their strategies.

What About False Security? 

Starting with Cyber-liability insurance, beware of a false sense of security. Ransom payments should be exceedingly rare and even nonexistent. This should never be part of a response plan even if you have cyber liability insurance, but these principles somehow persist. Publication of these flawed decisions serve to highlight the prevalence of unfortunate planning and a perceived lack of available ransomware responses. 

Numerous industry reports show that there is a false sense of security in ransom payment. Close to half of the companies that pay ransoms discover that their recovered data is corrupted. As we saw in the case of Ukraine, suspected Russian hackers used wiper code to completely destroy key data in banks and key governmental organizations. If, during the course of the attack, data made its way outside the company, that data is now “out in the wild” and there are no ransom-backed guarantees about what happens to that data. Further insult to injury, reports show that most organizations that are hit once with ransomware and pay a ransom will experience a second, likely-related ransomware attack. 

Bad Ideas and Good Ideas 

On the frontlines, organizations must continue to break free of the mentality and false sense of security that relies on outdated security such as cybersecurity insurance, vulnerability scanning, signature detection, and VPN systems. Instead, companies that are prepared to prevent ransomware threats must implement security measures that are comprehensive and full spectrum across the data center, cloud, endpoint, and applications. 

Actions against ransomware gangs such as the arrest of the REvil gang by Russia, and the extradition of the alleged REvil Ukrainian Hacker from Poland are a good thing, but insufficient if done as one-time events, as more sophisticated gangs will quickly pop up. Reporting programs such as what is proposed in the Ransom Disclosure Act have the potential to provide great advantages for a new breed of cybercriminals. This information should be privileged as the public focus carries too many unknown implications. Public information should instead be focused on identifying information about the attackers when available and figuring out their apprehension and prosecution. More detailed information should be passed on only to a group of private companies that are entrusted to fight cyber-criminals, while protecting the privacy of the victims. 

This First Step is Critical 

Time will tell what becomes of this proposed measure and how much traction it will gain. It is an indication of an important first step into these matters. With some tweaking and industry partnership, it could possibly be the right step in the right direction. 

In any case, the industry will continue to drive towards improvements in the defense and prevention of ransomware incidents but needs proper Governmental leadership. This type of partnership between industry and government is the best path for prevention of incidents in the first place. 

As we build up these improvements, organizations will be looking at both next level and first level steps to address these novel and continued threats including threat model strategy, multiple-layer security, advanced anti-ransomware technology suites, and behavior-based incident detection. While many of these disciplines are needed now, the cybersecurity talent drought persists driving a need for outsourcing and security partnerships. 

 

Check out this piece, originally published in Forbes, here and follow me on LinkedIn.

2022 Cyber Realities

While 2022 holds promise for a better future through advancements in technology, new cyber risks will come along with it. We must move forward with a positive mindset, while not forgetting past mistakes. Originally published in Forbes2022 Cyber Realities builds on Ntirety CEO Emil Sayegh’s Predicting What 2022 Holds For Cybersecurity piece published prior.

Looking to the Future

In addition, to my top ten predictions posted on January 6th, here are a few more: 

  1. Ransomware Will Continue to Evolve

Ransomware, which is malware that encrypts a user’s data and demands a ransom payment to unlock it, is one of the most rapidly evolving cyber threats. Ransomware attacks continue to cost businesses billions, a trend that is expected to continue and attacks that ask for larger ransom amounts. This is a market, and incentive will drive innovations and evolution in an already rapidly changing and challenging arena of cat and mouse.  

  1. Blockchain Technology Will Be Used for More Security, Finally

Blockchain technology is often associated with cryptocurrencies like Bitcoin, but it can actually be used for so much more. Companies are already using blockchain to secure business data, improve cybersecurity, and protect user privacy. In 2022, many businesses will have moved their operations to the cloud – instead of having physical servers on-site – making protections from cyberattacks a priority. Blockchain technology can help to secure these cloud-based operations by creating a tamper-proof record of all transactions.  

  1. Employees Will Be a Major Source of Cybersecurity Threats

Employees are often the weakest link in a company’s cybersecurity defenses. They can be tricked into opening emails that contain malware, clicking on links that lead to phishing scams, and using unsecured Wi-Fi networks. In 2022, businesses will need to focus more on employee training and awareness to protect themselves from these types of attacks.   

As cyberattacks become more sophisticated, businesses will also look to AI, machine learning, and monitoring services to help them detect and respond to these insider-based threats.  

  1. Will the Password Become Obsolete?

Even though new technologies that can replace passwords are emerging, they won’t be very popular by 2022. These technologies include fingerprint scanners, eye scanners, and facial recognition. They are not very user-friendly and can be easily hacked.   

As a result, 2022 will still see the use of passwords for the foreseeable future. However, organizations should start to move away from using passwords and towards using two-factor authentication. Two-factor authentication is a more secure way of logging in that requires users to input a password as well as a randomly generated code that is sent to their mobile device. This will make it much more difficult for hackers to gain access to your account. It’s a step in the right direction as passwords are extremely fallible. 

  1. Governments Will Finally Realize How Much They’ve Lost Due to Lax Cybersecurity

State and regional governments have been slow to adopt new security measures because they have been underestimating the power of cybercrime. They think that their current policies are enough to protect them from attacks. But as more and more breaches happen, it becomes clear that this is not the case. In 2022, governments will finally realize how much they’ve lost due to lax cybersecurity and they will start to take action. They will allocate more resources to improving their security infrastructure and they will also work with businesses to ensure better protection of their data. 

  1. The use of AI for Cybersecurity Purposes Will Increase Exponentially

As mentioned earlier, the use of AI is going to increase exponentially in the next few years. This will be especially true for cybersecurity purposes. Cybersecurity companies will escalate the use of AI-based tools to detect and prevent cyberattacks. These tools will be able to analyze data at a much faster pace than humans and they will also be able to identify new threats that wouldn’t have been seen before. 

Looking forward to 2022, we must fully incorporate and reflect on the key cybersecurity events of the year behind us. There are valuable lessons, a bit of dirty laundry to clean still, and a challenge that should always be at the forefront of our operations. 

 

Check out this piece, originally published in Forbes, here and follow me on LinkedIn.