As more people are given access to digital resources, there is expediency in getting everyone involved in cybersecurity matters.
GDPR was the first major legislation for consumer privacy, but it was quickly followed by others, including Brazil’s General Personal Data Protection Law (LGPD) and the California Consumer Privacy Act (CCPA).
By the end of 2023, modern privacy laws will cover the personal information of 75% of the world’s population.
Modern attacks now take place on multiple levels - and they are no longer purely technical. Criminals are using your employees against your defences - although most of these people will have no idea that they are doing anything wrong.
With so many potential attack points, the key to improving security is to create a culture of healthy suspicion. In the era of openness and social business, this approach may seem counterintuitive, but the stakes are too high to continue making basic mistakes with security.
Cybersecurity training rarely finds enthusiastic participants in most organisations.
Here are 7 reasons why cybersecurity is not fixed yet:
1. Blurred lines between personal and professional life increase the likelihood of a cyberattack.
2. Ransomware and other sophisticated attacks are growing due to weak regulation and lack of data privacy.
4. The internet of things (IoT) devices are consistently evolving.
5. Lack of employee training is still prevalent.
6. Social engineering and remote work attacks are getting smarter.
To make cybersecurity learning engaging, the concept of gamification can help motivate employees to learn more about cybersecurity.
Many companies are already using this approach to boost their cyber protection learning efforts, but more efforts are needed.
A focus on privacy laws, ransomware attacks, cyber-physical systems and board-level scrutiny are driving the priorities of security and risk leaders.
The proliferation of cyber-physical systems — which includes systems that combine the cyber and physical worlds for technologies like autonomous cars or digital twins — represents yet another security risk for organisations, and how threat actors will target these systems is one of our top predictions for the coming years.
Digital transformation adds complexity to the threat landscape, which will impact how you produce products and services.
By 2025, hackers will have weaponized operational technology environments successfully enough to cause human casualties.
Matthew Rosenquist is an industry-recognized pragmatic, passionate, and innovative strategic security expert with 28 years of experience. He thrives in challenging cybersecurity environments and in the face of ever shifting threats. A leader in identifying opportunities, driving industry change, and building mature security organizations, Matthew delivers capabilities for sustainable security postures. He has experience in protecting billions of dollars of corporate assets, consulting across industry verticals, understanding current and emerging risks, communicating opportunities, forging internal cooperation and executive buy-in, and developing practical strategies. Matthew is a trusted advisor, security expert, and evangelist for academia, businesses, and governments around the world. A public advocate for best-practices, and communicating the risks and opportunities emerging in cybersecurity. He delivers engaging keynotes, speeches, interviews, and consulting sessions at conferences and to audiences around the globe. He has attracted a large social following of security peers, is an active member on advisory boards, and quoted in news, magazines, and books. Matthew is a recognized industry expert, speaker, and leader who enjoys the pursuit of achieving optimal cybersecurity. Matthew Rosenquist is experienced in building world class teams and capabilities, managing security operations, evangelizing best-practices to the market, developing security products, and improving corporate security services.