President & Chief Executive Officer, Netsfere.
Cybersecurity is evolving along with the technologies that power the digital world. Ever increasing connectivity is creating new threat vectors and elevating cyber risk in enterprises. As organizations look for ways to secure their digital environments, cybercriminals are working overtime to find ways to breach these defenses.
A brief history of cybersecurity illustrates how technology is evolving to stay ahead of bad actors. Cybersecurity has been around almost as long as there have been computers. While the word cybersecurity is said to have entered the English lexicon in 1989, cybersecurity began developing as early as the 1970s.
1970s
The first computer virus was created by engineer Bob Thomas. In 1971, he wrote the code for a virus called Creeper that could move across a network and between computers, leaving the message “I’m the creeper: Catch me if you can.”
In response to this, Ray Tomlinson (known as the inventor of email) wrote a code that searched networks to find and remove Creeper, acting as the first anti-virus program. Thus began the evolution of cyberattacks and cybersecurity.
1980s
The first “real” malware emerged during this decade. While the Morris Worm was originally written to map the size of the internet, this computer program had the unintentional effect of slowing computers and clogging networks as it kept replicating. The code even crashed some systems altogether.
To combat these cybersecurity threats and protect the increasing number of devices connected to the internet, commercial antivirus programs were developed and made their debut in 1987.
1990s
The 1990s were plagued with viruses such as the Melissa virus, which infected computers, overloading email servers, disrupting email accounts and slowing internet traffic to a crawl in some locations. The collective damage resulting from this virus was an estimated $80 million for the cleanup and repair of affected computer systems.
As this decade rolled on, antivirus software continued to evolve to identify and protect against malicious programs. A new generation of firewalls also emerged, offering a set of simple rules that controlled outside access to internal company resources.
2000s
The massive amount of data that became digitized in this decade created opportunities for cybercriminals and elevated risks for enterprises. This decade saw new and more sophisticated hacks that victimized government entities and well-known businesses. Massive denial-of-services attacks architected by a 15-year-old boy took down the websites of eBay, Yahoo, Amazon and more.
By decade’s end, cybersecurity became a major concern for both government agencies and large corporations.
2010s
In this decade, the scale of attacks increased, moving beyond the intentional destruction or modification of digital assets. Over the course of the decade, credit card breaches and ransomware became more common as bad actors focused on making money from cybercrime. For example, an unprecedented 2013 hack of Target credit and debit card information, one of the largest ever data breaches at the time, affected more than 40 million of the company’s customer payment card accounts.
As threats of data breaches and ransomware attacks increased along with the risk of these attacks leading to business disruption, loss of customer loyalty, lawsuits and regulatory fines, improving cybersecurity vaulted up the list of business priorities.
2020–Present
In the wake of the Covid-19 pandemic, the start of this decade became known for a massive enterprise shift to remote work to keep employees safe. The surge in remote working had the knock-on effect of increasing the attack surface in enterprises, adding another potential entry point for threat actors and resulting in escalated cyber threats like ransomware, malware and phishing.
Now, three years since the start of the pandemic, as the transition to hybrid and remote working models continues, the use of collaboration tools is skyrocketing to help support a distributed workforce while making remote collaboration easier, improving communication and increasing productivity.
Cybercriminals are taking note of the pervasive use of these tools and continue to target unsecure consumer-grade mobile messaging apps and collaboration platforms to gain access to sensitive enterprise data.
Over the last few years, organizations have learned the hard way that using these unsecure communication and collaboration tools can result in data breaches, compliance violations, reputational damage and legal exposure. In the first years of this decade, the fall-out from data breaches and noncompliance associated with consumer-grade messaging apps and unsecure collaboration platforms included a massive crackdown by the SEC on the use of unapproved communication apps, which led to 16 firms being fined more than $1.1 billion in 2022.
Moving Forward
Cybersecurity used to be a problem only for CISOs, but as the world becomes more remote and digital, I predict it will become an enterprise-wide priority. Protecting networks and employees is an all-hands-on-deck project now.
That being said, in the coming years I suspect cybersecurity will level up to meet its match. With the growing frequency and sophistication of cyber threats and increasingly stringent industry regulations and privacy laws, secure tools and platforms will play a vital role in cybersecurity, keeping organizations compliant and secure. One thing is for sure: The biggest challenges facing the future will be keeping up with the growing sophistication of attackers.
For business leaders looking to future-proof their systems, I recommend finding solutions that have qualities such as end-to-end encryption, robust administrative controls and the highest compliance-guaranteed technology that never collects or shares data.
I also encourage CIOs to prohibit the use of shadow IT as it will help reduce the enterprise risk exposure to data breaches and compliance violations.
Additionally, providing staff with proper cybersecurity education will allow them to identify, report and prevent cyberattacks. Training and education on threats such as phishing, malware and password security are effective ways to prevent future attacks and set a business up for success when it comes to cybersecurity.
These efforts collected together will be business critical for improving cybersecurity and securely supporting the connected workforce of today and tomorrow.
Forbes Business Council is the foremost growth and networking organization for business owners and leaders. Do I qualify?
Read the full article here