With the progression into a new year comes a critical, contemplative time for leaders to examine the state of their organization. As you went through last year navigating new obstacles and opportunities, the world of cybersecurity continued down its path of expeditious and transformative change. From new data protection compliance requirements to breach volumes previously unseen, the past few years have proven that reactionary movement is never enough to stay ahead of the game and keep your organization safe.
As a proponent of creating partnerships where technology follows strategy, we want to share with you some of our top takeaways from 2022.
- Financial and healthcare services were a huge draw for threat actors. In 2022, both industries faced ransomware, supply chain attacks, and zero-day vulnerability exploits. Attacks were able to steal sensitive data and—in the case of healthcare services—interrupted potentially life-saving services.
- Heightened risk has tightened regulatory requirements. There are dozens of lookalike regulations governing data security and privacy, and a lack of available, competent experts keeps many organizations from meeting those expectations. Last year, the FTC extended the deadline for compliance with the Safeguards Rule another six months due to a shortage of personnel and ongoing supply chain issues. Which brings us to our next takeaway…
- There is an IT staffing crisis. Compared to other support areas in an organization, 30% of executives believe skills gaps are more prevalent in IT, and 93% of employers indicate there is a skills gap among their IT staff. The leading drivers of the gap? Fast changing technology (46%), lack of resources for skills development (43%), and education not translating into workforce performance (39%).
- Data breaches are more expensive than ever. IBM’s annual report revealed surging costs associated with the average data breach globally to nearly $4.4 million per organization. Cybercrime is a $6 trillion annual industry, affecting all businesses and individuals. Global cybercrime costs are expected to grow 15% per year over the next 5 years, reaching $10.5 trillion USD annually by 2025. For comparison, the cost was $3 trillion USD in 2015.
- The cost of cybersecurity insurance skyrocketed. As cyberattacks have continued to rise, so, too, has the cost of cyber insurance. Since 2021, direct-written premiums collected by the largest US insurance carriers swelled by 92% year-over-year. And although the cost has increased, many carriers have decreased what their policies will cover—and been more selective about the risks they’re willing to take on by creating stricter criteria for those who want to sign up for coverage.
- CIOs need to make security a priority. Cybersecurity has always been an issue for CIOs, but because of the dangerous, volatile, and costly landscape, it jumped to the top of many CIO priority lists in 2022. This year’s State of the CIO survey found that increasing cybersecurity protection was the number one business initiative driving IT investments in 2022, ahead of strategic issues such as increasing operational efficiency and improving customer experience.
By understanding how a cyberattack will impact your organization, you can better develop proactive and systematic processes like business continuity and recovery plans. You can create or hire a cross-functional team to plan for threats and attacks—and implement strong cybersecurity measures to prevent them.
Just as threats continue to develop, so, too, must your cybersecurity. We’re here to help you make continuous improvements to the plans you have in place to support your organization and thrive in the new year.
