Cyber Security- The Sword and the ShieldHistory is full of examples of new weapons being developed to overcome the latest defenses. We are now in an era where there is a Cyber Security arms race happening with more sophisticated and dangerous malware being developed and new practices, frameworks and technologies being employed to defend against them.
The Cooper Fitch cyber security, IT audit and software functions recruitment specialist Ryan McDougall is going to discuss current trends and innovations in the cyber security space with regards to both hackers and viruses and frameworks and practices.
I’ve been recruiting in the IT space for the last 8 years with a big focus on cyber security since day one, both cyber security and software engineering have been long time passions of mine since I first learnt how to write injection scripts to hack flash games. I’ve been keeping a finger on the pulse of all things related to cyber security and speak to many cyber security professionals each year. This has given me some unique insights into the industry when it comes to sector specific and hiring trends.
Cyber security has historically been one of the most underappreciated sectors in the IT industry (only making a brief appearance in mainstream media when a Hollywood movie shows a hacker furiously typing away on a keyboard with a flabbergasted cybersec team standing idly by). This has however changed in recent years due to the exponential increase of cyber security attacks in both the public and private sectors. Cyber warfare has also raised its head and become a formal part of the military for many countries.
I’d like to give my input in regards to trends and innovations on both the “Sword” (hackers, viruses, vulnerabilities, etc.), the “Shield” (antivirus, the professionals, frameworks, practices, etc.) as well as the hiring and innovation trends I’ve experienced in this sector. In this blog I’ll be focusing on the Sword and in my next blog post I’ll focus on the shield.
One of the most significant trends in cyber security attacks at the moment is in the form of ransomware. Targeted ransomware has become one of the “go to” tools for cyber criminals in recent years. Imagine you sit down at your computer in the morning to start work and overnight a hacker has encrypted the entirety of your organisation’s files and won’t release the decryption key unless you pay them a sum of money. This type of cyber attack is particularly devastating for large organisations and there is no guarantee that your data will be released if the money is. A good example of this would be the worldwide WannaCry attack in 2017 where more than 200,000 computers were affected globally in more than 150 countries!
Ransomware victims are no longer small firms with zero cyber security presence and multiple vulnerabilities, but multinational technology firms that manage the data and web traffic for some of the largest and most prolific businesses in the world. Last year, ransomware made up nearly 25% of the incident-response engagements for IBM Security’s X-Force threat intelligence group. 60% of the ransomware incidents involved cybercriminals exfiltrating and encrypting the data in double-extortion attacks. Ransomware attacks have also been on the rise, largely thanks to their high rates of success, which can be attributed to their simplicity and significant immediate impact on a business, as well as the fact that many organisations still end up paying the ransom, thus encouraging hackers to continue utilising this method.
Another significant rise in cyber attacks would be in regards to cloud storage.
Just about everything we access or save nowadays is in some way connected to cloud technology such as your PC, tablet, phone, TV. In addition, with the rise of IoT and smart home devices even your toaster, coffee maker or fridge might be an access point for cyber criminals to gain access to your home network and private information. As remote work and online collaboration intensified during the coronavirus pandemic, cloud adoption has emerged as an ally for enterprises to ensure business continuity. Though global businesses have been migrating to the cloud before the crisis, the pandemic acted as a catalyst for accelerating the process. According to IDC, the global cloud services market spending is projected to reach USD 1 trillion in 2024. However, rapid cloud migration is set to introduce a host of new security threats and challenges. Cloud-based security threats, including misconfigured cloud storage, reduced visibility and control, incomplete data deletion, and vulnerable cloud-apps, will continue to disrupt businesses in the future ahead.
With more organisations now established on cloud, security measures need to be continuously monitored and updated to safeguard the data from leaks. Although cloud applications such as Google or Microsoft are well equipped with security from their end, still, it’s the user end that acts as a significant source for erroneous errors, malicious software, and phishing attacks. The list for cyber security attacks, vulnerabilities/entry points, malware and trends could fill out 10 blog posts all by themselves, in summary we are in an era of escalating cyber threats with no end in sight. cyber security needs to adapt and keep evolving to keep up with the growing threats that we face in the virtual world.
Stay tuned for part 2 in which I will discuss the “Shield”, which includes innovations in cyber security technologies, new practices and also current hiring trends in the Middle East in the cyber security market. If you require my recruitment expertise please contact me at firstname.lastname@example.org
Get to know the specialist
Representing the firm since 2021
Recruitment, executive search
Mid to senior-level Cyber, IT Audit, and Software development roles
Technology into the private and public sector
Ryan is a Principal Consultant on the Consulting and Technology team at Cooper Fitch leading the Cyber, IT Audit and Software functions. His recruitment career started in 2013 where his focus was on the Oil and Gas industry before moving into the Technology sector and becoming a subject matter expert in Cyber and IT Audit. Ryan has worked extensively across the MENA region with both SME and multinational corporations across many sectors including Banking, Financial Services, Consulting, Governmental, Telecommunications and Tech Business.