- Cyberattacks and data volumes are increasing, necessitating a shift in cybersecurity strategies.
- Cloud architectures present new risks, with healthcare being particularly vulnerable to ransomware.
OUR TAKE
As cyber threats escalate and data volumes balloon, CISOs must prioritize resilience and recovery, with healthcare’s heightened vulnerability to ransomware underscoring the urgency for robust cloud security strategies to safeguard data integrity and business continuity.
— Zoey Zhu, BTW reporter
What happened
Chief Information Security Officers (CISOs) are grappling with a rapidly evolving threat landscape today. The frequency of cyberattacks is on the rise, and new technologies like AI are providing attackers with advanced tools. Concurrently, the volume of data that needs protection is growing, exacerbating the challenge for CISOs. In the UK alone, 85% of IT and security leaders reported significant cyberattacks last year, with 36% facing ransomware attacks.
The shift towards cloud computing has introduced new vulnerabilities. In 2023, 13% of data was stored in the cloud, up from 9% in 2022, while on-premises storage fell to 70%. Cloud environments, especially hybrid ones, have become primary targets for cyber-attacks. Many organisations were compromised across multiple touch points, including cloud and SaaS platforms. The nature of cloud storage, with its inherent security blind spots like object storage and unstructured data, adds to the risk.
Also read: HGS launches AI-driven cybersecurity solutions to combat evolving threats
Also read: ECB’s cyber resilience stress tests reveal room for improvement
Why it’s important
The transition to cloud storage brings significant risks due to its less secure and less visible nature compared to on-premises systems. Addressing these blind spots is crucial for maintaining robust security. For sectors like healthcare, which is a frequent target for ransomware, the stakes are even higher. Healthcare organisations saw a 27% increase in data volume last year and are particularly vulnerable, with 20% of their sensitive data affected in ransomware attacks.
The pressure on CISOs is compounded by static budgets and increasing responsibilities, affecting their mental health. As regulations like the Digital Operational Resilience Act (DORA) and the NIS2 Directive come into effect, emphasising cyber resilience will be critical. Organisations must prepare for cyber resilience, not just defence, to manage the impact of inevitable attacks and ensure continuity.
