The Biden administration is set to unveil a new set of international cybersecurity measures, building on top of their existing cybersecurity focus. This comes against the background of continued cyberattacks and other threats, as well as a reticence by large corporations to go along with the existing national recommendations.
The upcoming measures, as outlined by POLITICO, have four main areas of focus. These are:
- promoting a secure digital ecosystem globally
- upholding “rights-respecting” digital technology approaches with allied nations
- building coalitions to counter malicious cyberattacks
- enhancing the cybersecurity resiliency of partner nations
It dovetails well with existing pressure being put up by the Biden administration. Per CISA’s National Cybersecurity Strategy and Principles and Approaches for Security-byDesign and -Default, much of the online sphere and especially the Cloud should be designed as “safe-by-default.”
For now, companies are resisting the call to implement basic security features as free and automatic in products like their popular cloud platforms. But the increased pressure and continued developments on the national regulation front, as well as now international cooperation, clearly shows a set of priorities for the USA.
At the same time, while the priorities are clear, there is still significant pushback – not the least because one of the changes being proposed is to lay the burden of blame on vendors, rather than users, of software. Unsurprisingly, this has slowed the adoption of many of the suggested reforms.
While regulators bicker, attacks continue
The upcoming international cybersecurity measures, whether they see adoption or not, indicate clearly that cyberattacks are continuing at a sufficient pace and severity to draw this manner of attention. Combined with Microsoft’s stated focus on cybersecurity improvements this quarter, it paints an unpleasant picture.
Globally, an estimated 30,000 websites are hacked each day
A good example is the February attack on United Healthcare Group. While HealthcareITSecurity reports that payment processing has returned to 86% of previous levels, this still represents an ongoing recovery more than three months in length. And surveys of healthcare centers and providers indicate that the repercussions are more severe than this statistic would imply.
95% of cyberattacks are due to human error
There have been high-profile attacks publicized throughout the last few months, including the breaches of Microsoft that prompted their new focus and a number of attacks on government systems. With damage caused by cyberattacks reaching 2 trillion USD in 2022, we can expect that this number (once it has been finalized) will have grown into 2023 and will risk growing still more into the current year.
What should we do better?
As mentioned above, the main cause of cyberattack damage is human error. While regulatory measures are taken at higher levels to try and improve the situation, steps have to be taken on the ground as well:
- Education and preventative training
- Cybersecurity audits to regularly refresh your posture
- Having in place a response and recovery plan
- Having in place backups and other tools to ease recovery
Prevention remains a key aspect of cybersecurity. With a vast majority of cybersecurity failures, breaches and leaks happening due to individual error, a great deal of good can be covered by emphasizing best practices, educating employees and ensuring adherence to standards.
If and when prevention fails, training continues to play a key role. Organizations should ensure they have a disaster recovery plan in place. Having planned out a known response to incidents, including individual roles, greatly eases the recovery process and lessens the likelihood of further damage being done.
These disaster recovery plans lean heavily on having tools in place for your team to use – including archives and backups to help ensure data integrity after the fact. These tools grant you a snapshot of your data before an incident, allowing you to roll back if any data was lost, corrupted or encrypted. In the case of archives, it also allows you to better track data access and ensure a smooth chain of accountability.
Having these tools, however, is not in and of itself enough. Organizations have to also make sure the tools they use are current and up to date. Cybersecurity is a moving target, with threats evolving in scope and complexity. In addition, government regulations trying to improve the security of the online space also place new requirements on software. Your chosen archives, backups and other tools need to be constantly evolving to take these developments into account. Make sure you update! If the tool doesn’t update for a longer time, seriously consider if it isn’t time for a change.
Protect your company information with contentACCESS
Cybersecurity requires your company to be prepared for eventualities, with a clear plan for both recovery and mitigation. As we have covered previously, part of any disaster recovery plan should be an archive and backup solution. Here, contentACCESS has you covered.
With our unitary system, contentACCESS can provide an archive and backup for a wide spectrum of your company’s critical business information including your SharePoint, Email communications, Microsoft Teams chat, and a file archive. This added layer of security helps ensure your business continuity in the event of a cyberattack on your company. At the same time, contentACCESS comes with an unprecedented ease of access; browse your archived information through our Web Portal, Outlook integration, or Mobile App – at home, at work, or on the fly. Improve both your productivity and security all in one package.
Are you prepared to face the challenges industry experts predict are coming in 2023? Do our offers interest you or your company? Our team of experts is waiting to walk you through our offer and show you how best to leverage our unitary archive and backup to match your company needs. Contact us to schedule your free consultation today!
Archive Smarter with TECH-ARROW
