A New Era of European Cyber Defence – looking ahead to 2023
The increase in hybrid working, a more global workforce and the ongoing Russia-Ukraine war have led to a new era in European cybersecurity. Now, more than ever, businesses need to be wary of cyber criminals and ensure that their cybersecurity solutions are effective in protecting data and effectively securing their networks.
Hybrid working has had an unprecedented effect on cybersecurity. Businesses which are still implementing hybrid working policies must reevaluate their infrastructure to guarantee it is protecting sensitive data.
As the pandemic led to more employees working remotely, company infrastructure has become increasingly congested. This has led employees to take matters into their own hands by using shadow IT systems that have not always been checked and secured. Employees connected to online applications without the traditionally secure perimeter of VPN networks are therefore effectively paving the way for cyber criminals to access and steal sensitive data. While COVID restrictions have been lifted around the world and life has gone back to normal in many countries, hybrid working is clearly here to stay. IT managers must ensure that their cybersecurity solutions are reliable as businesses embrace both hybrid working and a more global workforce.
However, even with the expectation that hybrid working will only continue to increase in 2023, our Cybersecurity Market Survey found that only 1 in 3 companies think they have good enough coverage to secure their hybrid workers, and most companies agree that they have a long way to go towards a truly ‘secure’ hybrid working model. The survey also found that the public sector has been leading the charge to ensure data is secure for all employees.
Impact of war
The rise in hybrid working is not the only new factor that has increased the need for cybersecurity solutions. During the Russia-Ukraine war, we have seen a growing number of cyber-attacks. Russian cyber criminals have targeted high-security sites and critical national infrastructure.
The war has led to a monumental shift within European cybersecurity, as it has raised awareness among businesses and the public that nobody is immune to cyber threats. In fact, our research found that 9 in 10 companies have undertaken measures to improve their cybersecurity infrastructure since the start of the war. This is particularly important as by 2024, ransomware damage costs are estimated to total $42 billion, and by 2032 this figure is expected to rise to $265 billion. Businesses must invest in adequate cybersecurity protections, such as next-generation firewalls, as the damage costs and dangers posed by ransomware and cyber-attacks are too large to ignore.
Cloud delivered cybersecurity
Cloud delivered cybersecurity, or security delivered as a cloud service, is a collection of security measures designed to protect cloud-based infrastructure, web applications, and data. It allows organisations to ensure that they have the latest cybersecurity solutions without directly having to invest in more capital, which is particularly beneficial for SMBs.
According to our research, there is a growing interest in cloud delivered cybersecurity, with 51% of organisations already opting for online applications. However, it’s likely that this will co-exist with on-premise solutions for the next few years as businesses try to fully move their cybersecurity solution onto the cloud. This is particularly the case for SMBs, who tend to have a higher proportion of legacy on-premise security infrastructure.
Cybersecurity ‘Made in Europe’
The Russia-Ukraine war has been a major factor in the changing landscape of European cybersecurity in 2022, and has exacerbated issues of trust around cybersecurity solutions. While many solutions come from Silicon Valley, many also come with connections to Russia, making IT managers and businesses wary about using them to protect their data.
As confidence is key in cybersecurity, there is a need for a European cybersecurity ecosystem so that the continent can reduce reliance on other regions and instill trust in businesses and the public sector. According to our survey, 38% of organisations stated that the origin of cybersecurity is ‘important’, with 19% saying it is ‘very important’.
As cyber criminals become smarter and global tensions continue to foster a lack of trust, it is highly likely that the origin of cybersecurity will become a key requirement for critical infrastructure.
Defence in Depth
As cyber-attacks become greater in their consequences and hackers become more attuned to gaps in companies’ cybersecurity solutions, the focus needs to shift from traditional security to strategic security. One of the key components of strategic cybersecurity is to have multiple layers of cybersecurity built in. Multiple layers ensure that it is difficult for hackers to penetrate the IT infrastructure, and if they do get through the first layer, there are other security infrastructures in place that will minimise the impact of the breach.
Our research survey found that only 27% of organisations are using at least a second layer of cybersecurity solutions whilst 59% of organisations are considering using second or multiple layers of cybersecurity vendors. The survey also found that within organisations, there has been a shift in priorities from solely protection of data to a need for detection and response too.
In 2023, it is important that businesses consider how both hybrid working and the ongoing Russia-Ukraine war have changed cybersecurity needs. It is crucial that all businesses, whether large or small or in the private or public sector, evaluate their current cybersecurity infrastructure and invest in adequate protection.