The pre-Christmas excitement around Black Friday and Cyber Monday is hotter than ever. Deal-hungry consumers and businesses in the US are expected to spend $36 billion over the weekend, more than three times the amount in 2020, according to Adobe. Similar records are likely elsewhere, including the UK.
But Black Friday and Cyber Monday bring severe dangers too. The weekend is increasingly targeted by cybercriminals who see busy online sellers and their suppliers as easy targets. Retailers’ cybersecurity strategies are often woefully inadequate, and they need a much more comprehensive approach to help prevent and respond to attacks. Cybercrime is rising at an alarming rate. From January to August 2021, crimes in the UK increased seven times on the same period in 2020, according to the National Fraud Intelligence Bureau. Businesses lost £1.3 billion as a result – a threefold increase.
Retailers were among the hardest hit, with an astounding 44% hit by ransomware globally last year and 32% paying the ransom, according to software firm Sophos. The average payment was $147,000. You might think companies would be bolstering their defences in response. But a troubling proportion of small businesses don’t believe they need to protect against cybercrime, or don’t know how. For those that do invest in cybersecurity, growth in that spend is slowing, from 12% in 2018, to a projected 7% by 2023, according to consultant Gartner. This is despite the increasing aggression and sophistication of cybercriminals worldwide.
Building better cybersecurity strategies
The rising tidal wave of crime means companies must build more effective strategies or face even greater risk of disruption and damage. Rather than the typically disjointed and reactive approach of many, strategies must be proactive, joined up, and improving continuously. All parts of the company must collaborate towards cybersecurity goals under a centrally managed operation centre with strategic monitoring, early threat intelligence and rapid incident response. As fraud attempts become ever more sophisticated, proactive monitoring of the threats landscape is critical. Companies will increasingly need to use tools such as artificial intelligence to detect suspicious activity. Staff must upskill to keep pace, and cybersecurity training and development should take place continuously rather than yearly, which is the current norm for many.
Designing more comprehensive approaches
Technology group Prytek holds three portfolio companies that can help you create a more comprehensive cybersecurity strategy — Thrive DX, CYREBRO and Orchestra Group. ThriveDX is a digital training platform that prepares workforces for digital transformation. The platform addresses the growing need for cybersecurity talent and is expanding its cybersecurity training programmes to more geographies and business-to-business offerings.
Learners on the ThriveDX Cybersecurity Bootcamp gain work-ready skills in networking, systems, programming, and best practices so they can hit the ground running.
CYREBRO is an interactive, cloud-based security operations platform that integrates all your cybersecurity events with strategic monitoring, proactive threat intelligence, and rapid, 24/7 incident response. CYREBRO aims to put the power of a full operations centre in the hands of any user in any organisation. Orchestra Group provides an integrated cybersecurity platform with proactive security policy management and collaborative enforcement orchestration. The platform combines compliance, risk and security, helping you define and manage your risk-based security practices and policies.
Tools like these help companies evolve their strategy in a way that keeps them on the front foot in the fight against cybercrime. It takes hard work and dedication to get the right technology, training and strategy. But once they are in place, Cyber Monday is more likely to be a dream for online retailers, not a nightmare before Christmas.
Author: Arnon Shiboleth, Co-CEO, Prytek