8 things we've learnt about cyber security so far this year
2017 has been home to some of the worst cyber attacks seen to date.
As well as making it clear that we have a limited understanding of the urgency of cyber crime, this year has also highlighted a huge shortage in cyber security professionals and our lack of knowledge on how to protect ourselves.
Let’s take a look back on what’s happened this year in the world of cybercrime and what the future might hold.
1. Cyber attacks are our fault and are preventable.
Well, sort of.
IBM observed that 95% of all security incidents involve human error. Organisations large and small lack the essential cyber security knowledge to appropriately prepare their staff and warn them of what to look out for. WannaCry’s ransomware attack on the NHS was caused by a combination of out of date Microsoft updates and unwitting staff members clicking on a phishing link. Better cyber education within companies and institutions could drastically reduce the number and severity of cyber attacks.
2. Healthcare Data is the most vulnerable.
As previously mentioned, the NHS has been targeted time and time again by cyber criminals. Healthcare is very behind on security systems, despite the fact that it regularly has to share data with big companies such as insurance brokers. Cyber security training within the healthcare sector would vastly improve everyone’s privacy and security.
3. We need to look out for the good guys.
The secret services have, obviously, always required a backdoor into cyber space. However, there have been occasions when they’ve been duped by their own software or have been hacked into – leaving not only themselves exposed, but also every single company that they are keeping an eye on. Case in point, the NSA developed a tool designed to infect and control computers running certain versions of Windows. Hackers, known as the Shadow Broker’s, stole the tool and used it to carry out a ransomware attack.
4. No one is safe. No one is prepared.
From WannaCry and ShadowBrokers to Petya, Goldeneye and WikiLeaks – there’s a hacker for everyone. Large companies and infrastructures such as the NHS, the US voting database and the CIA have been targets in 2017 – but so have smaller international companies such as Cloudflare Security, US pharmaceutical company Merck, Danish shipping company Maersk and Russian oil company Rosneft. Proving that all companies need better equipping in the fight against cybercrime.
5. Open source could be a solution.
Open source software has often been regarded as unsafe and non-secure due to the fact that it is accessible to everyone with the source code. However, many companies have recently realised that holding all their cards to their chest makes them more of a target. A more transparent culture, like Google’s openness about how they secured Android, suggests that open source security could be the future.
6. Cyber crime damages predicted to cost $6 trillion annually by 2021.
Cyber crime is an economy in and of itself. Without cyber crime, companies wouldn’t have to spend millions on cyber security. It’s widely accepted that cyber crimes, and notably cyber theft, is the fastest growing criminal industry. In order to stay ahead of the game, companies have been investing billions into cyber security which promises to protect their precious data. The stock market has also seen the investment in cyber security increase this year, with many top investors looking to back cyber security firms and benefit from the current cyber crime economy.
7. Cyber security unemployment rate has dropped to 0%.
It’s predicted that cyber crime will more than triple the number of currently unfilled cyber security jobs by 2021. As a result, there’s a gap in the employment market for those who want to capitalise on the cyber crime crisis. If 2017 has taught us anything, it’s that cyber security specialists are in alarmingly high demand, meaning there’s no better time to start your cyber security job hunt.
8. Europe is the most behind on cyber security employment.
We’re expected to have a digital security skills gap of 350,000 by 2022. As many as two thirds of surveyed EU security professionals agreed that there are already too few staff in their field. Most large global companies are looking to increase their IT workforce as a result of the varied cyber attacks of 2017. As a hugely sort after skill with almost guaranteed employment, many people are turning to cyber security as a new career.