Streamline your cloud experience and maximise your cloud investment with Microsoft Azure-aligned public cloud services.
Host all of your workloads in the most appropriate location while experiencing the simplicity of one cloud from Six Degrees.
Enhance your cyber security and safeguard your organisation with our cyber security strategy and advisory, consultancy, and managed services.
Connect your business through a comprehensive connectivity portfolio delivered via our owned and operated core Next Generation Network (NGN).
Secure your productivity on any device, anywhere, any time.
Streamline your hosting with comprehensive colocation services delivered from three UK data centres.
Gain clarity and control of your 5G estate, ensuring ongoing cost efficiencies are managed on your behalf through our managed service.
Gain confidence in your cloud direction and achieve accelerated time to value through our assured and optimised cloud services.
Master today’s complex threat landscape and protect your business with our intelligence-led security services.
Videos and webinars are a great way to digest the latest technology insights.
Our eBooks and whitepapers provide in-depth insights from our experts.
Our thought leaders publish regular blogs on up-to-the-minute topics.
Learn all about the latest news from Six Degrees as we continue to evolve.
We host regular in-person and virtual events for our clients.
Discover how Six Degrees has driven success for others.
Learn how we enable our clients to achieve more; providing superior secure solutions, powered by our passionate people.
We are proud to partner with many of the world’s leading vendors, enabling you to leverage our continual investment in difference-making technology.
Learn how CNS at Six Degrees delivers intelligence-led security services that protect organisations in today’s hostile landscape.
We are committed to operating in an environmentally and socially conscious way. Learn more about our commitments as a business.
We are proud of our secure cloud credentials. Learn why we’re one of the most highly accredited providers in the UK.
We are a friendly and passionate bunch here. Whether you want to work with us or for us, we think you’ll enjoy the Six Degrees experience.
Home » Blogs » The Threat Landscape Never Sits Still: Four new risks organisations face in 2022
Alongside an increase in ransomware and phishing attacks linked to COVID-19, organisations must consider how the rapid shift to remote working may have increased the risk of a cyber incident.
For example, it is likely organisations have bypassed existing cyber security procedures and possibly taken shortcuts — expanding existing issues with shadow IT. This now needs to be reviewed. But there are other risks at play, and it is worthwhile looking at these in more detail.
What is becoming clear is that a flexible cyber security strategy that combines technology, people and processes is essential to staying secure in light of the latest cyber security trends.
Here we’re going to take a look at four cyber security risks organisations face in 2022, and some strategies that can be employed to combat them. Let’s get started.
Additional resources: If you need help explaining the value of additional cyber investments, check out our toolkit — Board Presentation Template: Cyber Security and Threat Management.
Social engineering attacks use psychological manipulation in order to gain confidential information. This includes techniques such as baiting, scareware and phishing. Specifically, phishing emails are among the most significant security threats facing organisations, and will remain one of the primary threat vectors hackers will use in 2022.
COVID-19-related phishing emails are just one of many examples of ways in which social engineering cyber-attacks are on the rise, and increasing in sophistication and relevance. Last year when restrictions began in March, email scams related to the pandemic surged 667%.
Examples like the above show the value that cyber criminals see in utilising public fear and confusion around current events when launching their attacks. We expect to see more of that, and the expansion to a wider range of contexts.
Specifically, with reference to phishing, there are additional steps that can be used to protect organisations from such attacks. These include:
Ransomware is on the rise. The average recovery cost has more than doubled in the past year — rising from $761,106 to $1.85 million in 2021. Ransomware attacks can cause a computer itself to become locked in an attack, or the data on it deleted, encrypted or even stolen. Fundamentally, ransomware attacks aim to spread throughout a network and cause the maximum possible disruption in order to encourage victims to pay up. The 2017 WannaCry attack on the NHS was a very successful example of how this might occur.
The current ransomware landscape does look worrying. Social distancing has limited employee facetime — making cyber security training difficult. Work-from-home has also forced a lot of organisations to adopt BYOD policies, which introduce more risk to operations. But these are critical challenges to overcome. If we needed proof of how devastating ransomware can be, the US Colonial Pipeline hack is a prime example, resulting in shortages at petrol pumps, states of emergency declared and the US Government calling for calm.
A defence-in-depth approach is essential in order to mitigate ransomware threats. This means using layers of defence with several mitigations at each layer.
When employees are working outside of office space, the usual network protections are no longer adequate. Bring Your Own Device (BYOD) and remote working can force many organisations into a less-than-secure position, with employees accessing sensitive information through unsecured networks and devices.
The cyber security risks that have increased due to remote working include:
Realistically, hybrid working is here to stay. It’s critical that the risks of remote working are accommodated rather than ignored, and effective solutions put in place. Fundamentally, organisations need to find new ways to secure and embrace new, flexible working patterns.
Overcoming remote working challenges requires creating agile and responsive security systems that are able to accommodate new devices and applications while minimising risk. Fundamentally, this hinges on your ability to achieve defence-in-depth by employing a combination of technology and people-led processes to contain remote threats before they impact your system at large.
Managed Detection and Response (MDR) is an incredibly effective way to overcome the challenges of remote working. If you’re unfamiliar, MDR delivers active threat monitoring and response as a service — creating a flexible and effective cyber security solution. Although similar outcomes can be achieved using in-house monitoring, the expertise and efficiency of MDR simplifies execution and brings benefits including:
Suggested reading: If you want to learn more about the impact of remote working on cyber security, take a look at our blog — Has Remote Working Created a Massive Cyber Security Threat? And what to do about it
The increase in remote working has led to more cloud-based infrastructure and services being used. As a result, cloud services are now a prime target for cyber criminals, creating new cyber risks and avenues for attack.
Data breaches, human error, malicious insiders, account hijacking, and DDoS attacks all present challenges to cloud services and cyber security more generally. Relying on third-party service providers introduces additional compliance considerations — making it critical that you appraise both your partner’s’ and your internal operations. Research shows that an average of 51% of organisations have been exposed to at least one cloud storage service to attack.
In 2021, we saw an increase in the variety of cyber-attacks. Cyber security is a journey, not a destination, and has to be an ongoing, iterative process that adapts to new threats.
As a result, even with the context of budget and skills constraints, it’s crucial to build on existing knowledge and make investments in the right areas in order to mitigate cyber security risks.
A practical cyber assessment approach, and partnering with a managed security provider, will be crucial for organisations in overcoming these threats.
Here at Six Degrees, we can provide the knowledge and expertise to help deliver a range of flexible, on-demand services to combat the cyber security risks facing organisations in 2022. Ready to begin your cyber security journey? Get in touch today.
In 2020, the world witnessed a dramatic shift…
Many of us have adapted to new ways…
More information on our Privacy and Cookies Policy can be found here: https://www.6dg.co.uk/privacy-cookies/. You can update how we contact you in the future by visiting our Communications Preference Centre here: https://www.6dg.co.uk/preference-centre/.
