Since early 2020, incidents of cybercrime have begun climbing at an alarming rate1, leading many organizations to urgently reassess the strength of their IT security. A Global Data Risk Report from Varonis found that in 2019, only 5% of businesses had properly protected folder structures, highlighting the dire need for more highly trained experts pursuing a cybersecurity career.2
To further demonstrate the scope of the problem, a study by Yahoo! Finance in February 2021 found that 78% of companies lack confidence in their own cybersecurity systems, with 91% aiming to increase expenditure in this area.3 What has led to this sudden spike in cybercrime and why are businesses finding themselves unprepared for the onslaught?
COVID-19 and the cybercrime pandemic
Some analysts point to the COVID-19 pandemic as a notable driving force behind the drastic rise in cybercrime affecting millions of organizations since early 2020.4 With businesses scrambling to stay operational through lockdowns and panicked employees ever more susceptible to exploitation, cybercriminals have seized this opportunity to attack.5
Ransomware attacks, in particular, have seen a dramatic rise in the past year, with many high-profile organizations being surprisingly underprepared. These types of attacks typically involve the theft of sensitive data followed by the threat of a leak unless payment is made, usually in anonymous cryptocurrency.6 An eye-opening survey of 2,000 U.S. citizens found that as many as 20% of respondents reported being involved in a ransomware threat to some extent7, with a further study revealing that attacks occur as often as every 10 seconds.8
The rapidly evolving cybercriminal threat
Modern cybercriminals have evolved and are no longer just amateur hackers or individuals with an agenda. Modern technology like AI, machine learning, and 5G has helped them grow into highly coordinated and often state-sponsored groups that can outwit even the toughest security.
The sophistication of these modern hacker groups was made evident in the Solar Winds software hack - one of the most prominent cybersecurity attacks of our time.9 Attackers managed to infiltrate the Solarwinds supply chain and hide a Trojan Horse in the software, allowing them backdoor access to millions of computers around the world. The incident has been described as exceptionally complex and ongoing due to the widespread use of Solarwinds software and could be devastating for the future of the company.10
Other common threats include Distributed Denial of Service (DDoS) attacks, in which an attacker uses malware to infect a network with 'bots' - tiny, autonomous programs that hide in code and execute on their own. These bots can then overwhelm the internal network or server with thousands of useless queries until eventually, the entire system crashes. While these attacks are usually easy to identify and quick to remedy, if they remain hidden and go unchecked for long periods they can cause significant operational interruption and financial losses.11
Are organizations prepared for the threat?
With cybercrime estimated to cost the world $10.5 trillion by 2025, the need for better protection is fast becoming paramount.12 Much of the growth has been attributed to the rise in remote workers, who commonly use unsecured networks at home or while traveling to access cloud servers. This has created a sudden and ever-widening gap in security measures that organizations are struggling to address in a timely fashion.13
Email phishing attacks, wherein a hacker tricks a user into handing over sensitive information, are commonly used to gain access to unsecured home networks. Once in, a hacker can imbed malware onto a user’s work laptop and subsequently infect the entire organization's network.
With ransomware increasing by 435% in 2020 alone14 there is a critical need for adequate training to help staff recognize potential phishing attacks. While the education sector has increased its focus on cybersecurity training, there remains a massive deficit of skilled workers. Statistics suggest that 4 million jobs globally still need to be filled in 2021, leaving thousands of companies unprepared for this ever-growing cyber threat.15
However, for those considering a cybersecurity career, the jobs shortage could be a blessing. Average salaries for cybersecurity jobs have been rising sharply as 40% of employers cite difficulty filling positions.16 With cybersecurity unemployment currently at 0%17 and a projected 31% growth for Security Analyst positions going forward, there are few fields with a more promising future.18
Help organizations improve security with a cybersecurity career
If you already work in IT or are looking for a challenging career change, a cybersecurity career is a no-brainer. No matter what industry you work in, the desperate lack of talented cybersecurity employees poses a threat to all of us. In the coming years, cybersecurity will grow to dominate the field of IT, and professionals who already work in the industry will benefit from getting ahead of the change. Taking the time to develop your cybersecurity skills now could make a world of difference, not only for yourself but for thousands of unsuspecting targets.
Marquette University's Online Master of Science (MS) in Computer and Information Science is the ideal degree to advance your training in the field of cybersecurity. The small class sizes, accessible instructors, and excellent academic support put it in the top 15 best online information technology master's degrees. With top quality, face-to-face virtual classrooms, and a focus on long-term success, Marquette's MS in Computer and Information Science ranked No. 3 for student engagement amongst all leading online IT degrees.19
- Retrieved on September 13, 2021, from fbi.gov/news/pressrel/press-releases/fbi-releases-the-internet-crime-complaint-center-2020-internet-crime-report-including-covid-19-scam-statistics
- Retrieved on September 13, 2021, varonis.com/2019-data-risk-report/
- Retrieved on September 13, 2021, from finance.yahoo.com/news/78-lack-confidence-company-cybersecurity-153000182.html
- Retrieved on September 13, 2021, from cnbc.com/2020/07/29/cybercrime-ramps-up-amid-coronavirus-chaos-costing-companies-billions.html
- Retrieved on September 13, 2021, from deloitte.com/ch/en/pages/risk/articles/impact-covid-cybersecurity.html
- Retrieved on September 13, 2021,, from pbs.org/newshour/nation/why-ransomware-attacks-are-on-the-rise-and-what-can-be-done-to-stop-them
- Retrieved on September 13, 2021, from anomali.com/blog/anomali-harris-poll-ransomware-hits-1-in-5
- Retrieved on September 13, 2021, from infosecurity-magazine.com/news/one-ransomware-victim-every-10/
- Retrieved on September 13, 2021, from reuters.com/article/us-cyber-solarwinds-microsoft/solarwinds-hack-was-largest-and-most-sophisticated-attack-ever-microsoft-president-idUSKBN2AF03R
- Retrieved on September 13, 2021, from cisecurity.org/solarwinds/
- Retrieved on September 13, 2021, from cloudflare.com/learning/ddos/what-is-a-ddos-attack/
- Retrieved on September 13, 2021, from cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/
- Retrieved on September 13, 2021, from us-cert.cisa.gov/ncas/analysis-reports/ar21-013a
- Retrieved on September 13, 2021, from helpnetsecurity.com/2021/02/17/malware-2020/,
- Retrieved on September 13, 2021, from https://www.hdi.global/infocenter/insights/2020/cyber-skills-gap/
- Retrieved on September 13, 2021, from csoonline.com/article/3153707/top-cybersecurity-facts-figures-and-statistics.html
- Retrieved on September 13, 2021, from csoonline.com/article/3120998/techology-business/zero-percent-cybersecurity-unemployment-1-million-jobs-unfilled.html
- Retrieved on September 13, 2021, from bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm
- Retrieved on January 20, 2022, from usnews.com/education/online-education/marquette-university-OCIT0079/computer-information-technology