Cyber crime is a threat that is growing all the time. Every year, attackers get more sophisticated and come up with new ways of breaching network security defences. As a result, security professionals are in a constant arms race with criminals to protect their systems and safeguard the wider business.
Therefore, demand for cyber security roles and professionals with expertise in this area is higher than ever. But how is this threat evolving, and what skills will firms need to counter these attacks?
The growing threat of cyber crime
Cyber crime has become a leading concern for companies of all sizes, and the threat has been growing rapidly in recent years.
In fact, business insurance firm Allianz found that in 2020, this was rated the number one threat by risk management leaders, with 39 per cent of professionals naming it as a leading issue. By comparison, in 2013, the same survey found only six per cent of respondents rated it as a risk, placing it just 15th on the list.
Meanwhile, the UK government's Cyber Security Breaches Survey 2020 also shows more firms are coming under attack, with larger enterprises particularly at risk. It found:
46 per cent of businesses overall reported cyber security breaches in the previous 12 months.
75 per cent of large businesses and 68 per cent of medium-sized firms experienced a breach.
32 per cent of firms experience attacks at least once a week - up from 27 per cent in 2017.
39 per cent of businesses reported negative impacts from these attacks.
Key cyber crime trends firms must deal with
It's not only the volume of attacks that's growing. Many attacks are becoming more sophisticated, while lower barriers to entry allow more criminals access to the technologies they need to target businesses.
The National Crime Agency, for instance, reports: "The scale and complexity of cyber attacks is wide-ranging. 'Off the shelf' tools mean that less technically proficient criminals are now able to commit cyber crime, and do so as awareness of the potential profits becomes more widespread."
Meanwhile, Verizon's 2020 Data Breach Investigations Report found 86 per cent of breaches are financially motivated, while 55 per cent come from organised crime. Among its other findings, it revealed:
45 per cent of breaches involved hacking
22 per cent of breaches were caused by errors
22 per cent were the result of social engineering attacks
17 per cent involved the use of malware
Eight per cent were the result of misuse by authorised users
This highlights how attackers can use a multitude of tactics to get access to business systems and data.
Whether it's direct attacks such as SQL injections, taking advantage of misconfigurations or zero-day vulnerabilities, ransomware, or phishing attacks, cyber security professionals will have to be aware of a wide range of potential attack vectors.
The costs of failing to protect business systems
The consequences to businesses of failing to tackle cyber crime threats are higher than ever, both in terms of direct financial losses and wider reputational damage.
For instance, IBM and the Ponemon Institute estimate that firms in the UK lose $3.88 million (£2.9 million) per breach. There are several factors that contribute to these losses, including:
Direct lost business as a result of downtime
Investigation and forensics activities
Customer churn due to lost reputation and trust
Customer compensation and regulatory fines
However, costs can vary widely. The most expensive breaches are typically those that involve the loss of personally identifiable information, so protecting these records must be an especially high priority.
The key roles businesses need
To avoid these consequences, it's vital businesses have skilled and experienced cyber security personnel to build and maintain defences, as well as respond to threats in progress.
However, this continues to be a challenge for many firms. According to research from the Information Systems Security Association, 70 per cent of organisations suffer from a skills shortage in this area.
Meanwhile, the EC-Council has highlighted the most in-demand cyber security job roles among employers in 2020, which include:
Therefore, anyone with skills and experience in these roles is likely to find there are great opportunities out there to advance their careers. If you're looking for a new challenge or a change of role, find cyber security jobs today to take the next step.