Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

10:00 AM
Emil Sayegh
Emil Sayegh
Connect Directly
E-Mail vvv

The Ruthless Cyber Chaos of Business Recovery

Critical technology initiatives leveraging the best of technology solutions are the only way through the cyber chaos of 2020.

To call the times we are living through "unusual" would be an understatement. Despite that fact, we are all cautiously inching our way back to familiar routines and activities. The world of business is in a similar situation, with many companies continuing recovery efforts amid economic uncertainties and a perilous quandary of choices. A state of cyber chaos lingers in the shadows of every decision, where wrong decisions and gaps in security could spell failure — and even certain ruin — for industries that are teetering on edge.

Related Content:

5 Steps to Greater Cyber Resiliency

State of Endpoint Security: How Enterprises Are Managing Endpoint Security Threats

New on The Edge: RASP 101: Staying Safe With Runtime Application Self-Protection

Significant security weaknesses emerged for many US businesses during the rapid transition from "in-person" to remote in March 2020. Security budgets shifted from planned updates and upgrades to accommodate the increased expense of running a remote workforce, combined with the hard economic time that befell many industries. Existing security technologies are being extended in place, expected to face "novel" threats and viruses. In the haste of business survival and adaptation, information technology maturation will stall — if things such as security, governance, monitoring, and analysis fall.

The Threat Surge of 2020: Everything Is a Target
In 2019, cybercrime statistics showed that over $1.5 trillion in impact and losses siphoned off the economy — and that was before COVID-19. Today, cyber threats are more prolific than ever, and the ranks of active cybercriminals have at least doubled since massive unemployment and economic uncertainty rocked global economies. Cybersecurity has become a significant industry focus as cyberattacks have spiked up to 400% since the pandemic began. As more people work from home without the IT oversight and protection that they'd receive in the office, hackers have ample opportunities to exploit this environment of change.

Navigating Deadly Twists and Turns
A recovering business climate means that every decision is critical, including those tied to technology. The harsh reality is that cybersecurity could be what determines whether a business will recover or not. With new technology, new features, and new efforts rolling forward, security gaps could easily spell outages, security incidents, and even ruin.

While it is next to impossible to completely prevent cyberattacks, more in-depth efforts toward security are imperative in this age of heightened risks. Fortunately, tools and concepts such as monitoring, data classification, access and identity controls, cloud governance, next-generation data analysis, security training, and enterprise resiliency can create a more secure technology foundation.

Yet even with tools and preparation, organizations still find themselves as targets from ransomware, as was the case for the University of Utah recently. Despite having a disaster recovery plan in place able to restore almost all of the stolen data, the university still ended up paying $457,059 to stop the hackers from leaking sensitive student information online. For organizations without robust business continuity plans before the pandemic, stretched resources make them easy pickings for ransomware attacks. 

Business — Not as Usual
Over the last several months, many businesses have both thrived and suffered. The media streaming, home delivery, telecommute tools, and entertainment industries are doing well, while other sectors merely survive, including the hospitality and travel industries. Some small and midsize businesses will never come back or may never look the same again.

While the pandemic has brought about many challenges, it has also uncovered new growth opportunities across multiple industries such as online learning, telemedicine, e-retailing, virtual-reality tourism, and live streamed events. Opportunities such as these count on enterprise IT resilience to be successful long term.

There are multiple options and paths to business recovery, including technology and innovation, which pave the way for renewed and continuing growth. Initiatives that feature transformation delivered securely, with agility and speed at the core, will provide the sort of experience that customers, partners, and employees require.

Resilience also relies on flexibility and evolving contingency plans. Just as businesses had settled into a routine using the videoconferencing tool Zoom, and on what would have been the first day for most schools teaching virtually through the platform, the conferencing tool suffered a three-hour outage on August 24, 2020. For organizations that did not have an alternative at the ready, productivity came to a standstill. The University of Iowa reportedly had 1,359 meetings scheduled to occur during the outage, causing more than just a major headache for school officials, teachers, and students.

Yet while there are countless technology options out there today to build contingency plans for outages of that kind, cybersecurity must rule them all — the cyber-threat challenge is here to stay.

Invest or Perish
Shifting resources and budgets as well as incorporating a suddenly mobile workforce has enabled organizations to keep steady on the IT front throughout the pandemic. As businesses begin to reawaken and position themselves for recovery, the need to prepare for significant business disruption is a clear and present danger. As company budgets and planning are in the pipeline for 2021, we can expect accelerated migrations to flexible cloud infrastructure and cloud applications to continue unabated. Among all these shifts, it is imperative to drive robust security technology investment and initiatives.

Challenges and initiatives are driving efforts towards a unified state of cyber operations. With security at its core, critical technology initiatives leverage the best of technology, practices, and training resources. This is the only way through the cyber chaos of 2020.

Emil Sayegh, President and CEO of Ntirety, is an early pioneer of Cloud Computing, recognized as one of the industry's cloud visionaries and "fathers of OpenStack," having launched and led successful cloud computing and hosting businesses for HP and Rackspace.Emil Sayegh ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Google's new See No Evil policy......
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-06-18
RIOT-OS 2021.01 before commit 44741ff99f7a71df45420635b238b9c22093647a contains a buffer overflow which could allow attackers to obtain sensitive information.
PUBLISHED: 2021-06-18
SerenityOS contains a buffer overflow in the set_range test in TestBitmap which could allow attackers to obtain sensitive information.
PUBLISHED: 2021-06-18
SerenityOS in test-crypto.cpp contains a stack buffer overflow which could allow attackers to obtain sensitive information.
PUBLISHED: 2021-06-18
SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation.
PUBLISHED: 2021-06-18
RIOT-OS 2021.01 before commit 85da504d2dc30188b89f44c3276fc5a25b31251f contains a buffer overflow which could allow attackers to obtain sensitive information.