IT Security: An Overview, World’s Top Breaches, & Trends to Come
IT Security: An Overview, World’s Top Breaches, & Trends to Come
The world is advancing at a rapid pace – But advancement means more technology, more information, and subsequently more threats, this calls for more diligence when selecting the best IT security solution for your organization.
Data shows that the global IT security market is forecasted to grow to $372 billion by 2028.
Cybercrime threats towards companies, governments, and entire nations are increasing in severity, complexity and frequency. Recent data shows that the global cost of cybercrime is set to increase by 15% every year in the coming 5 years to as much as $10.5 trillion by 2025.
With the increasing number of cyberattacks, billions of dollars are at stake. If you were to compare cybercrime to the GDP of a country, then it “would be the world’s third-largest economy after the US and China,” according to Cyber Ventures.
IT Security threats and attacks’ losses are not merely financial. Cyberattacks can disrupt entire organizational value chains, paralyze entire industries, and even hurt public health. An example of the latter can be seen in the March 2021 attack on the Florida water supply system, where a cyber criminal managed to increase the amount of sodium hydroxide to a potentially dangerous level.
In the same month, one of the largest US cyber insurance firms CNA Financial suffered a ransomware attack that disrupted its business operations and services for 3 whole days. The company had to close its doors to “prevent further compromise,” according to Security Boulevard.
It’s worth remembering that cyberattacks are not limited to the western world. Governments across the Middle East have been making significant progress in digitization. This progress, however, has resulted in a greater exposure to cybersecurity risks and attacks.
A 2020 study by the Ponemon Institute and IBM Security found that the average cost of a data breach in the Middle East and North Africa (MENA) region was $6.53 million, which is almost double the average cost per incident of $3.86 million.
In this article, we’re going to deep dive into the world of IT security, along with its data, solutions, top world breaches, and upcoming security trends.
What is IT security?
IT security is a number of strategies that protect an organization and its technology, data, and information against hackers and all types of unauthorized access.
It also protects against cyber security threats and helps maintain an organization’s assets including but not limited to computers, applications, data, and networks.
Governments, public works, and companies, among others, are constantly investing in more advanced IT security solutions to protect their assets including data, information, and patents against breaches by cyber criminals.
A 2017 study by the University of Maryland found that there were 2,244 cyber attacks each day, meaning there’s at least one cyber attack every 39 seconds.
As of 25 May 2021, HC3 has tracked 82 ransomware incidents across the global healthcare sector. Fourty-eight of these ransomware incidents (nearly 60%) affected the United States health sector.
As the number of cyber attacks continues to increase, entities need to find means to secure their data and technology more rigorously.
What constitutes a secure environment?
Every IT manager, director, or business owner wants to have a system that protects their business, application, or company. This system is called a secure environment.
In tech and computing, a secure environment system offers controlled storage and use of information. In other words, it protects personal and confidential information, often employing cryptography in order to protect this information.
A secure environment also protects files and application data, prevents hackers from adding malicious code and scripts or reverse engineering files they may have gained access to.
IT security industry statistics
· Global Overview
Globally, the cyber security market was valued at $167.13 billion in 2020, according to GrandView Research, which forecasts a compound annual growth rate (CAGR) of 10.9% from 2021 to 2028, reaching roughly $372 billion.
The report attributes the IT security market’s growth to “the growing sophistication of cyberattacks,” adding that both the intensity and number of cyberattacks and cybercrimes has risen over the past 10 years.
This, in turn, has translated into massive losses for businesses across the globe. As a result of the growing number in cybercrimes, companies and organizations began investing heavily in advanced technologies and IT security solutions to secure their entities.
“The need to defend critical infrastructure from Advanced Persistent Threats (APTs) has encouraged governments across the globe to reform their cyber security strategies, creating a pool of opportunities for industry participants,” notes GrandView Research.
In the same vein, Fortune Business Insights put the global IT security market at $153.16 billion in 2020. The research firm forecast that the market would rise to $165.78 billion in 2021, reaching $366.10 billion by 2028, and registering a CAGR of 12.0% during the 2021-2028 period.
“The global impact of COVID-19 has been unique and staggering,” Fortune Business Insights noted in a recent report, indicating that the cyber security market witnessed “a slight negative impact on demand across all regions amid the pandemic.”
The company expects “growing demand” for IT security solutions from Germany, France, Spain, India, Qatar, Italy, South Korea, and Canada, among others.
“The increasing adoption of enterprise security solutions from manufacturing, banking, financial services, and insurance (BFSI), and healthcare is expected to drive market growth in the forthcoming years,” the report highlighted.
· MENA ZOOM-IN
Taking a deeper look into the Middle East and Africa (MEA) region, the IT security and cyber security market was valued at $7.174 billion back in 2019, according to Report Linker.
The market research firm forecast a CAGR of 14.08% between 2020 and 2025.
The fast-paced digitization across the Middle East and particularly the Gulf Cooperation Council (GCC) across countries like Saudi Arabia and the United Arab Emirates (UAE) has resulted in an increase in cyber security attacks across internet-connected devices.
This has prompted Middle Eastern governments to raise their investments in the IT and cyber security sector.
Although the Middle East “has never been a significant target for cyberattacks,” compared to North America and Europe, for example, the fast-paced digitization across various government and private sector processes and initiatives has increased the number of attacks.
Digitization in the UAE and Saudi Arabia “has triggered the number of connected devices, opening new gateways for cyberattacks,” notes Report Linker.
To combat this rise in cyberattacks, Smartworld launched the first Cyber Security Center in the UAE. India-based Tata Communications followed suit and launched an advanced cyber security response center in Dubai.
It’s worth noting that in July 2020, the UAE’s Telecommunications Regulatory Authority (TRA) reported that the National Computer Emergency Response Team (aeCERT) had “repelled” over 100,000 cyberattacks against Federal government entities in June that year. Roughly 73% of those attacks were malware, whereas 15% were vulnerabilities, and 12% were phishing attacks, the TRA revealed.
“Over 80% of organizations in the UAE reported at least one cyber-attack in 2019,” says Report Linker, citing a May 2020 survey of 150 senior IT executives in the UAE.
· Egypt ZOOM-IN
Looking at Egypt, the most populous Arab country and one with a robust IT sector, cyberattacks aren’t far off either.
The Egyptian cyber security market is expected to grow at a CAGR of 10.7% between 2020 and 2026, according to 6W Research.
The rise in cyber threats has prompted the Egyptian government to focus its efforts on combating such attacks and threats. And as part of its National Cybersecurity Strategy 2021, the government has launched the Egyptian Supreme Cybersecurity Council (ESCC).
The strategy aims to “establish rules and regulations to deal with [various levels of] cyber-crime and cyber-attacks […and to] develop human capital and expertise required to implement [a] cyber security system across various sectors,” according to 6W Research.
In its 2020 report, the research firm expected the number of cyberattacks and threats to be “sluggish” due to the COVID-19 outbreak, which slowed down various sectors including manufacturing and retail.
Moreover, the Egyptian cyber security market is forecast to grow in the coming years as the government seeks to digitize much of its establishments, in addition to its plan to develop the largest international data center by its telecom arm WE. This “would further propel the cyber security market in Egypt [between 2020 and 2026],” the report indicated.
Types of IT security
But what counts as IT security and what doesn’t?
In this age of fast-paced advancements in technology, more types of security are coming to light.
As a business, what do you need to protect first?
The following are the main types of IT security solutions that you need in your company’s arsenal.
· Cyber security
Internet security or cyber security involves protecting information that’s sent and received across web browsers against malware and unwanted traffic.
Cyber security also includes network security which protects web-based applications.
Internet security comes in the form of firewalls, anti-spyware, and antimalware.
Part of cyber security is cloud security, which protects companies’ data and applications that are uploaded to their cloud.
· Network security
Network security solutions prevent hackers, cyberattackers, and other unauthorised users from accessing your network, people or employees on your network, and your data on that network.
Unlike other types of IT security solutions, network security covers hardware (including servers), software (such as antivirus), and cloud applications and data.
For example, if your company is using a strong network security solution, it’s unlikely that a hacker would be able to enter that network and steal information or put malware on any of your employees’ computers which are logged on that network.
It’s worth noting that “hardware can be installed out of the path of network traffic, or ‘out-of-line,’ but it’s more commonly installed in the path of traffic, or ‘in-line.’”
N-able further explains that the main advantage of this is “that in-line security appliances are able to stop data packets that have been flagged as potential threats, whereas out-of-line appliances simply monitor traffic and send alerts when they detect something malicious.”
In addition, as businesses increase the number of endpoints and migrate many – if not all – of their services to the cloud, the risk to their network intensifies. This, therefore, requires stronger security solutions to be put in place.
This security type is provided by network security administrators within a company or organization or externally via an IT security solutions provider, such as Link Datacenter.
· Endpoint security
This type of security measure is carried out at the device level and is used to prevent your devices from going on to malicious networks that may hurt your devices or your entire organization.
Devices that are protected by endpoint security, in the form of device management software and advanced malware protection, usually include mobile phones, laptops, desktop computers, and tablets.
· Cloud security
Many businesses are now moving their data and applications to the cloud. This means that in order to access any of this data, they would have to access the internet and may not be protected by a security stack.
Cloud security is used to secure software-as-a-service (SaaS) applications and the cloud which holds all the data and information.
· Application security
Application security encompasses those security measures at the application level, which are designed to prevent data or code in the app from being stolen.
These measures are often included during the development and design stages of the application, and in often after the application is deployed or released.
With many businesses now having mobile-based or web-based applications or both, there’s a growing need to secure these apps and prevent the data on them from being leaked or stolen.
That said, application security can include hardware and software, as well as code that identifies and reduces vulnerabilities. For example, a router that stops potential hackers or any unauthorized person from viewing a computer’s IP address via the internet is considered application security hardware.
The 3 principles of data protection: The CIA Triad
But what constitutes a secure system?
In the world of IT and cyber security, there are three pillars that ensure a system is secure.
These pillars are: Confidentiality, Integrity, and Availability. They’re often called the CIA triad.
Data needs to be confidential. This means it’s only made public to relevant or concerned parties. If people have no relation or need to view this data, then it’s confidential for them.
Imagine a hospital that has many patients. Each patient has a patient file, which includes information about their illness history, their doctors, and their medication. This information is only accessible by doctors working in the hospital and possibly the patient’s medical insurer, but is confidential to doctors from outside the hospital, the patient’s distant relatives, and anyone else who isn’t directly treating this patient.
The integrity of data means that the information has not been altered, modified, tampered with, or degraded in any way during or after the time of its submission.
“There are two points during the transmission process during which the integrity could be compromised: during the upload or transmission of data or during the storage of the document in the database or collection,” explains DNV.
In the third pillar, information is available to those who are authorized to access it.
“For a system to demonstrate availability, it must have properly functioning computing systems, security controls and communication channels. Systems defined as critical (power generation, medical equipment, safety systems) often have extreme requirements related to availability,” adds DNV.
These ‘critical’ systems need to be well-guarded against cyrberattacks and equally safeguarded against hardware failure, power outages, and other events that may affect the system’s, and subsequently the information’s, availability.
What is Zero Trust?
Zero Trust Architecture, or what is known as the Zero Trust Network, is a 2010 security model that focuses on the idea to not to trust anyone or anything – entirely.
Zero Trust is centered around the belief that companies, organizations, and governments shouldn’t “automatically trust anything inside or outside” their perimeters. Instead, they should verify “anything and everything trying to connect to [their] systems before granting access,” according to CSO Online.
Similarly, Palo Alto Networks describes Zero Trust as:
“A strategic initiative that helps prevent successful data breaches by eliminating the concept of trust from an organization’s network architecture. Rooted in the principle of ‘never trust, always verify,’ Zero Trust is designed to protect modern digital environments by leveraging network segmentation, preventing lateral movement, providing Layer 7 threat prevention, and simplifying granular user-access control.”
The Zero Trust model emerged as a response to growing security threats worldwide. In its 2017 Annual Cybercrime Report, Cybersecurity Ventures forecast that the global cost of cybercrime will double to $6 trillion annually by 2021 from $3 trillion in 2015.
By using a Zero Trust security strategy, your entity’s security system will no longer trust any request for access that’s not coming from your environment. Instead, it will require a verification before allowing this request to come through.
In its 2020 report, Cybersecurity Ventures projected that global cybercrime costs would increase by 15% annually over the next five years, reaching $10.5 trillion annually by 2025.
“This represents the greatest transfer of economic wealth in history, risks the incentives for innovation and investment, is exponentially larger than the damage inflicted from natural disasters in a year, and will be more profitable than the global trade of all major illegal drugs combined,” Cybersecurity Ventures highlights.
Moreover, the 2017 Data Breach Study, conducted by Ponemon Institute and sponsored by IBM, revealed that the global average cost of a data breach was $3.62 million.
World’s biggest data breaches
In the past few years, the world was a-buzz with various large data and security breaches in what you-would-assume are mega corporations with high IT security in place.
Here are four of the biggest and most well-known data breaches in the past 10 years.
The largest cyber security breach in history was at web services company Yahoo. Known as an email provider, the company suffered two subsequent breaches in 2013 and 2014 resulting in 3.5 billion compromised user accounts.
In the 2014 breach, which was uncovered in 2016, Yahoo said that hackers had compromised data, including real names, emails, dates of birth, and phone numbers of 500 million Yahoo users.
In December 2016, Yahoo revealed another breach that had taken place in 2013, where different attackers comprised information including names, emails, and passwords of 1 billion user accounts. Yahoo later revised that number to 3 billion user accounts.
Australia-based graphic design tool Canva suffered a security breach in May 2019. Nearly 137 million users’ emails, names, usernames, and residence details were hacked.
At the time, Canva said that hackers “managed to view, but not steal, files with partial credit card and payment data,” according to a CSO Online report.
The world’s largest social network for business professionals suffered two hacks less than five years apart.
LinkedIn fell prey to hackers who conducted social engineering attacks.
In 2012, LinkedIn said that 6.5 million encrypted passwords were dumped on a Russian hacker forum, according to TechCrunch.
However, in 2016, nearly four years later, LinkedIn revealed that in fact more accounts had been compromised.
“We became aware of an additional set of data that had just been released that claims to be email and hashed password combinations of more than 100 million LinkedIn members from that same theft in 2012,” former chief information security officer Cory Scott revealed on the LinkedIn blog at the time.
According to CSO Online, the total number of breached LinkedIn accounts was around 165 million.
- Marriott International
The Marriott International breach is a bit different from the previously mentioned IT security breaches.
In 2014, hackers breached the systems that supported the Starwood Hotel brands. In 2016 and unaware of the breach, Marriott International acquired the Starwood Hotel chain.
It was only in 2018, two years after the acquisition, that Marriott International discovered the breach, revealing that nearly 500 million customers’ data was stolen by Chinese hackers.
The hackers stole contact information, travel information, passport numbers, Starwood Preferred Guest numbers, as well as other personal information.
“The credit card numbers and expiration dates of more than 100 million customers were believed to be stolen, but Marriott is uncertain whether the attackers were able to decrypt the credit card numbers,” CSO Online reported, citing a New York Times article.
The security attack was attributed to a Chinese intelligence group that was gathering data about US citizens.
Security and Risk Trends in 2021 and beyond
As we talk about the IT security industry and its past, we must also consider what’s to come.
What do the top IT security professionals expect will impact the industry in the coming years? Let’s find out.
- Funding for non-US-based cyber security firms is expected to grow by 20%
The number of new startups is overwhelming across the globe, but even more so in Europe and Asia Pacific.
“Moves by the EU Commission to promote its digital sovereignty and further economic protectionism in Asia will result in increased funding for regional cybersecurity firms,” notes Heidi Shey, Principal Analyst at Forrester.
She adds that businesses should “develop a startup scouting capability to identify promising new regional security technology, build an adaptable procurement and sourcing plan to obtain them, and create standard security guidelines to create consistency across disparate vendors.”
- Chief Information Security Officers (CISOs) will come under fire amid bad working environments
There’s a growing focus on how teams operate post pandemic. Security teams are no exception. Especially if work environment toxicity comes from the CISO and hurts employee retention and recruitment.
“2021 will be a year of reckoning for leaders who create, tolerate, or ignore hostile cultures. CISOs must invest in improving empathy and people management skills and cultivate a positive culture for their teams to thrive in,” adds Forrester’s Shey.
- Company boards will add more cyber security experts
Recent security breaches and the COVID-19 pandemic will see more companies adding cybersecurity experts to their boards in a bit to stem the number of cyberattacks.
“As the new normal takes shape, all organizations will need an always-connected defensive posture, and clarity on what business risks remote users elevate to remain secure,” notes Gartner VP Analyst Peter Firstbrook.
- Too many tools
With tech advancement, security leaders are presented with too many tools.
Roughly 78% of CISOs have “16 or more tools in their cyber security vendor portfolio,” Gartner reported in its 2020 CISO Effectiveness Survey.
Why is this bad? Because too many security vendors means complex security options and a need for higher security head count.
- Remote work needs BETTER IT security solutions
In its 2021 Gartner CIO Survey, Gartner found 64% of employees working from home due to the coronavirus pandemic. The work-from-home opportunity that was previously offered to executives and senior staff is now available to everyone everywhere. In addition, many businesses are planning to shift their employees to work remotely full-time.
“From a security perspective, this requires a total reboot of policies and tools and approved machines to better mitigate the risks,” Gartner said.
IT security solutions with Safeguard Suite by LDC
In the Middle East and Africa, where enterprises and governments are beginning to ride the fast-paced digital transformation wave, the threat landscape is becoming a tricky one, making IT security an increasingly important element for public and private businesses and entities alike.
As a world-class managed IT services provider, LDC has worked with various organizations on securing their environments and migrating their data and applications safely.
Over the course of its long history, Link Datacenter has implemented, managed, and consulted on hundreds of enterprise and government IT security projects across the Middle East.
SafeGuard Suite by LDC is an enterprise-grade end-to-end IT security solution that provides comprehensive and powerful security and compliance features of Microsoft 365.
LDC’s SafeGuard Suite encompasses the SafeGuard Audit, which entails a security strategy analysis, threat advisory, compliance assessments and systematic evaluations carried out by professional data and infrastructure analysts. It also includes network security, identity and access management, GDPR compliance, asset security, and more.
It’s time to secure your data
With cybercrime costs projected to surge to $10.5 trillion – that’s more than twice the gross domestic product (GDP) of the entire Japanese economy – there’s a growing need for investing in the right IT security solutions to keep cyber criminals in check.
In addition, the fast-paced digital transformation that’s sweeping across the MEA region, helping businesses migrate to the cloud and allowing them to work outside their organizations has provided lots of room for cyber attacks.
Discover the Safeguard Suite by LDC, built using flexible modules to cater to the different security needs of small businesses and enterprises specifically in the Middle East & Africa.