Cyberattacks to disrupt the business are now ranked as the third-biggest threat, after phishing and malware. This comes as no surprise because distributed denial-of-service (DDoS) attacks, for instance, can trigger a major service interruption that will bring the business to a standstill. Outages have always been painful but given the trend toward moving workloads and applications off-premises, and operating revenue-critical platforms, business operations virtually come to a stop if the IP network collapses.
Knowledge of the breaches is discouraging some organizations from upgrading their operational technology systems with productivity-enhancing digital technology. Aware that installing sensors on industrial equipment might open them up to compromise, many would prefer to suffer inefficiency as the price they must pay for keeping their systems secure. The new and dangerous threats to OT and critical infrastructure require an innovative defensive strategy. With digital transformation implemented and the convergence of IT and OT networks, many organizations are not ready for the attacks and threats they are facing.
As AI gets better and more sophisticated, it also enables cybercriminals to use deep learning and AI to breach security systems just as cybersecurity experts use the same technology tools to detect suspicious online behavior. Deepfakes, using AI to superimpose one person's face or voice over another in a video, for example, and other advanced AI-based methods will probably play a larger role in social media cybercrime and social engineering. It sounds scary, and it's not science fiction.
The poor coordination of security measures may be due to subpar or ill-informed senior leadership. Cybersecurity is a prime concern for business leaders. Rightly so, as the dependence on IT uptime and resilience has never been greater. However, corporate boards need to move beyond awareness and rhetoric into action in order to reduce the risk exposure of their organization and ensure long-term success. In the digital era, virtually every board decision will affect the organization's cyber-risk posture. That's why cybersecurity should be a recurring item on board agendas and continually reassessed in terms of the broader risk framework.
IT is increasingly being weaponized to unleash cyberattacks in an unprecedented order of magnitude. Coupled with the emergence and anonymous nature of both the Dark Web and cryptocurrencies, illicit transactions have never been easier or more convenient. Distributed denial-of-service (DDoS) attacks have become more common, more powerful, and more useful to attackers. They have advanced from mere botnet-based approaches to artificial intelligence (AI) and data-driven models. While many DDoS attacks go unreported and unnoticed, some are making the news. Here's how to fight back.