CFOtech Australia - Technology news for CFOs & financial decision-makers
Story image
Threats surge as cybersecurity budgets are slashed
Thu, 6th Apr 2023

In the face of economic turmoil, businesses are confronting the dual challenge of declining or stagnating cybersecurity budgets and escalating and increasingly complex threats, according to Telstra Ventures.

Telstra Ventures has brought together industry leaders from AttackIQ, Cofense and Corvus Insurance to discuss how to tackle the issue.

According to data from Telstra’s forthcoming ClubCISO report, which surveyed 182 global CISOs, 14% of respondents said their budgets had either decreased or been cut completely, with a third (34%) stating these decreases were due to economic downturn/potential recession, while 30% revealed cuts had been driven by profit and loss pressures.

This comes at a time when threats are surging, as provider of phishing detection and response, Cofense, revealed.

In 2022, Cofense Intelligence, which sources insights from the company’s global network of more than 35 million people, detected 569% more malicious phishing emails, had a 478% increase in the number of credential phishing - related Active Threat Reports published, and identified a 44% increase in malware.

This follows a recent study from AttackIQ, which revealed that the company’s cloud customers found that endpoint detection and response (EDR) security controls only stopped top adversary techniques 39% of the time, highlighting the importance of continuous testing to maximise return on investment.

Compounding the challenge is the fact that threats are becoming increasingly sophisticated. According to Cofense, 2022 saw a 341% increase in Web3 technologies being used in phishing attacks.

With economic pressures raging, attacks are becoming more financially motivated; some 37% detected by Cofense last year were financial-related, underscoring the risk breaches pose to businesses’ bottom lines.

This was further supported by Corvus, with ransomware and fraudulent funds transfer being consistent tactics of choice for threat actors in Q3 2022, together representing more than half of all Corvus claims.

Despite this concerning outlook there remains optimism, with 52% of ClubCISO respondents experiencing increases in their security budget in spite of economic headwinds. Of this figure, 39% stated this was due to the evolution of the threat landscape, demonstrating recognition of the need to bolster security capabilities in the face of increasing risk.

Camille Mendler, Chief Analyst, Enterprise Services, at Omdia, who chaired the panel, framed the conversation by discussing the increasingly fragmented security landscape, and how it is vital that security is seen as a business priority and not just a CISO responsibility.  

Keith Ibarguen, CPO, Cofense, called on the industry to collaborate and share intelligence to mitigate threats, with the company announcing that its global network has enabled it to achieve a 99.996% occurrence on phishing analysis over the last year.

Jonathan Reiber, Vice President at AttackIQ, an independent vendor of breach and attack simulation solutions, stressed the importance of democratising cybersecurity to both mitigate cost pressures and tackle threats - and the importance of leveraging resources already available.

In particular, he called on companies to pay close  attention to the MITRE ATT&CK Framework, and how it can help companies bolster their security capabilities against known techniques.

“What’s changed the democratisation of preparedness in cybersecurity is this framework that says this is how an attack works," says Reiber.

"You can then build defences around these methods. We now know what adversaries do. We see the same tactics and techniques repeated over and over. What companies must do is exercise their defences against those known tactics and techniques.” 

Speaking ahead of the panel, he spotlighted the role of technology not just in terms of threat mitigation, but to help companies secure cybersecurity insurance while reducing premiums.

Drawing on the example of a leading bioscience company, Reiber highlighted how data from AttackIQ had enabled the organisation to work with their underwriter to reduce their insurance costs, helping to save the company money at a critical time.

Lori Bailey, Chief Insurance Officer at Corvus Insurance, further emphasised the need for data-driven risk mitigation, and discussed how insurance can be combined with real intelligence on vulnerabilities to make policyholders safer.

Bailey also commented on the urgent need for insurance coverage to be adapted to current threats, stating: “While the cyber attack continuum has been evolving and continues to grow irrespective of the economic environment, with the economic downturn, we are seeing a real increase in activity – and tightening of security budgets.

“From an insurance standpoint, we’re very focused on making sure that if policyholders are facing budget constraints, they are really focused on the areas that are going to make the most impact and have the most robust outcomes," Bailey says. 

"Events such as the banking crisis over the last few weeks create huge pockets of opportunities for ransomware and threat actors.

"It's these types of incidents for which we make sure our policyholders are educated, look for areas where they can protect themselves, and ensure they do not fall victim to these threats.”

Despite the increasing risk, the industry leaders remained broadly optimistic, particularly given the advent of technology to tackle challenges. 

However, Rob Robinson, head of Telstra Purple, EMEA, says technology alone is not enough to mitigate threats and people capabilities must be seen as just as important.

 “Keeping pace with the rapidly evolving threat landscape requires innovative technology, but that’s only part of the solution," he says.

“Organisations must also focus on people and actively promote a culture that empowers employees to act as the first line of defence against emerging threats. 

"With 29% of security leaders viewing the human element as a key determining factor of cyber resilience, ingraining security into an organisation’s DNA ensures that security best practices and behaviours become second nature.”