It comes as no surprise that the Russian invasion of Ukraine has triggered increased cyber activity in Europe and the US, with suspected Russian state-backed hackers looking for opportunities to destabilise western economies and critical infrastructures. It’s even prompted US President Biden to recently release a statement outlining the risks and what businesses need to do to try and counter any attack.
As a Sophos Russia-Ukraine cyberattack page claims, this is all sound advice but the fear is that despite years of guidance and warnings, so many businesses still come up short on security. As Sophos reveals, “every day we assist companies who have only protected some of their assets, keep few if any, logs, are months if not years out of date on patching their systems and have open remote access to the internet with single-factor authentication.”
While for many enterprises this is fixable, there are growing fears that for many verticals it represents a more complex challenge, particularly with the internet of things (IoT). With vertical industries expected to spend over $188 billion on IoT devices and services this year, the prospect of cyber breaches and disruption to industry is very real.
According to a PSA Certified 2022 Security Report, there are significant gaps in IoT security provision, with technology decision-makers citing a lack of internal expertise and cost as inhibiting them from implementing stronger security. Only 31% of technology decision-makers feel ‘very satisfied’ with their level of security expertise in-house, while 59% still admit that internal validation is relied upon to certify security implementations.