Economic uncertainty increases cybersecurity risks

Today, cyber attackers are always looking for ways to make their attacks, scams, and campaigns as effective as possible. This includes exploiting anything that dominates the news agenda and the minds of their victims.

Economic uncertainty and cybersecurity risks

The economic uncertainty and cost of living pressures currently facing many consumers around the world is one example. Unfortunately, the stress, fear and worry felt by the public is a perfect opportunity for cybercriminals to exploit.

For example, in just two weeks, 1,567 phishing email campaigns related to energy rebate scams were reported through Action Fraud's Suspicious Email Reporting Service (SERS). In addition, "friends and family scams" - where scammers impersonate family members and trick relatives into sending money to pay bills - have increased 58 per cent in recent months, according to TSB data.

Risks from within the business

While these scams primarily target individuals, the organizations they work for can also be at risk. Extreme stress (or coercion) increases the chances that an individual could become an insider threat — stealing data, funds, or other sensitive information from their employer. That’s not to mention the threat from scammers posing as supervisors or managers, making fake requests to transfer money. Anything can be a trigger for a potential incident — a disgruntled former employee, an unused account with full administrative privileges, misconfigured cloud storage exposing data, and so on.

The economic downturn and uncertainty will cause many organizations to review their spending and cut back. This is a natural reaction.

The challenge with cybersecurity is that successful cybersecurity programs are often invisible. They work quietly behind the scenes, stopping threats and incidents from escalating and preventing them from being noticed by the rest of the organization. If leaders haven’t experienced a cybersecurity crisis firsthand, they may be tempted to reduce investment in existing tools and talent. But it’s a fine line—cutting off vital controls and capabilities can impact an organization’s ability to observe, sense, and react to incidents before they escalate. A hack is usually devastating to a company, but one that occurs during this time can be even more devastating.

Eliminate bloat, not capacity

Meanwhile, the cybersecurity market has historically been dominated by specialized point products. Companies can amass a wide variety of tools and solutions to manage their IT infrastructure and network security. The shift to cloud computing and remote work has driven a 19% increase in the average number of security tools an organization must manage over the past two years, from 64 to 76, according to Panaseer research. That doesn't take into account the broader range of IT assets, from cloud services and software to workstations, personal mobile devices, users and more.

Depending on the size of your company, various departments may use overlapping tools to try to solve the same problems. With so many separate solutions and software, it’s no surprise that security teams may feel overwhelmed and unable to track and respond to incidents.

Adding to the challenge is the overabundance of alerts and warnings that creates fatigue and makes it difficult to distinguish between real threats and false alarms. Manually compiling an asset inventory of everything an organization might use takes an average of 86 person-hours, using eight different tools. By the time the inventory is complete, the results are often out of date.

Effective cybersecurity detection and response is only possible when IT teams know what they are dealing with and how users and data interact. They need continuous, accurate and up-to-date information to mitigate threats, avoid risks and eliminate incidents.

In times of rising costs and falling profits, increasing efficiency and cutting budgets are sensible responses, but cybercriminals never rest. Organizations must strike a balance between eliminating bloat and limiting their cybersecurity capabilities, or leaders may find themselves paying far more.