Cyberattacks: Not if, but when
Juniper anticipates that the cumulative cost of data breaches between 2017 and 2022 will reach $8 trillion, with variable per-business losses depending on the nature and scale of the attack. Shipping company Maersk, for example, estimated the cost of NotPetya infecting its global network in 2017 at between $200 and $300 million.
Juniper argued that, as a result, stakeholders must plan in terms of risk mitigation rather than prevention. It predicted that service providers in high-risk environments would be forced to restructure their networks to avoid potential compliance breaches, data theft or service outage.
Research author Steffen Sorrell explained: “Once a single endpoint is breached, the big danger is lateral movement across the network. Layered networks, proper lifecycle management and user ‘least privilege’ approaches will prove key to containing serious breaches.”
Security through flexibility
Meanwhile, the research found that securing the IoT, with 46 billion connected units anticipated in 2021, would require more forward-thinking. With devices ‘in the field’ for years at a time, adopting a cybersecurity strategy that is flexible enough to react to future demands would be essential.
It highlighted the fact that cybercriminals’ efforts soon render modern approaches less effective. For example, the Cerber family of ransomware has analysed how machine learning systems detect malware behaviour and applied evasion techniques as a result.