According to a forecast by Gartner, worldwide IT spending is expected to increase by 5.5% this year, reaching a total of $4.6 trillion. Additionally, the spending on information security and risk management products and services is projected to grow by 11.3%, surpassing $188.3 billion. However, with the possibility of a recession looming on the horizon, many executives and business leaders are being forced to make difficult cost reductions, which may potentially impact investments in cybersecurity.
While cybersecurity programs are known for their resilience in the face of economic uncertainty, chief information security officers (CISOs) and security leaders are still under pressure to tighten spending, demonstrate the value of their investments, and improve efficiency. A survey conducted by Hanover Research revealed that 47% of organizations listed economic disruption and recession as their top business risks for 2023. Surprisingly, only 11% ranked cybersecurity vulnerabilities as a top concern. This discrepancy is particularly troubling given the rising geopolitical tensions and the prevalence of ransomware attacks worldwide.
Ransomware has become one of the most damaging forms of malware and a rapidly growing cybersecurity threat. Verizon’s 2023 Data Breach Investigations Report (DBIR) indicates that ransomware now accounts for one out of every four breaches, with 95% of incidents resulting in losses ranging from $1 million to $2.25 million. Unlike other types of malware, ransomware can cripple an organization within minutes, causing a ripple effect throughout society and the global economy.
With cybercriminals taking advantage of crises for exploitation, any compromise in an organization’s security posture or a potential ransomware attack during an economic downturn can leave them vulnerable to greater risks and could even lead to dire financial consequences or complete business shutdown.
Despite a decrease in the number of publicly reported ransomware attacks in 2022, the amount of data exposed and the ransom demands have increased significantly. Comparitech reported that the number of individuals’ data exposed in ransomware attacks grew from 49.8 million in 2021 to nearly 115 million in 2022. Moreover, ransom demands in the business sector rose from $8.4 million in 2021 to $13.2 million in 2022.
Given the severity of the ransomware threat landscape, organizations must prioritize prevention. The White House has classified ransomware as a threat to national security, public safety, and economic prosperity. However, the actions taken by government entities such as the FBI, CISA, and OFAC to counter ransomware are not sufficient to fully eliminate this evolving threat.
In the face of rapidly evolving ransomware attacks, CISOs and security leaders must focus on getting the best return on their investment while implementing a multilayered approach to enhance overall IT security. Managing attack vectors using encrypted channels and preventive technologies can help stop adversaries before they compromise networks or execute their multistep campaigns.
It is important to note that attackers not only use malicious encryption to ransom victims’ files but also leverage commonly adopted encryption standards to further their own ends. This is particularly concerning as nearly 90% of all Internet traffic is now encrypted with SSL/TLS, making it easier for cybercriminals to mask ransomware and exploit popular breach tactics like phishing. Ransomware gangs take advantage of legitimate websites encrypted with SSL/TLS that have been infected with drive-by downloads, and they also exploit browser vulnerabilities to infect encrypted entry points with malicious payloads.
To effectively manage encrypted threats, organizations should prioritize gaining visibility into encrypted traffic and consider implementing SSL Inspection or Break and Inspect (BNI) to decrypt and inspect incoming and outgoing encrypted traffic. Automating traffic orchestration can also enhance efficacy and control. However, given the strain on resources and the flood of SSL/TLS traffic, it is crucial for businesses to optimize their security investments to handle traffic at a large scale. Failure to do so could lead to increased chances of infected traffic bypassing decryption and add to the overall total cost of ownership.
In conclusion, as the world faces the possibility of a global recession, cybersecurity should not be overlooked. The impact of a potential economic downturn combined with the evolving and damaging nature of ransomware attacks demands that organizations prioritize prevention and invest in the necessary technologies and strategies to stay ahead of cybercriminals. By taking proactive measures to manage encrypted threats and optimizing security investments, organizations can mitigate the risks posed by ransomware and protect their business, employees, and customers from the devastating consequences of an attack.