Many organisations have decided to adopt new ways of doing business, including the remote and contactless working and delivery of services. In addition to these new ways, the world is also rapidly adopting newer technologies and products, including the Internet of Things (IoT), Artificial intelligence (AI), 5G, Robotics, Cloud Services, Blockchain etc. "By some estimates, the current Internet of Things, a precursor to a hyperconnected future, will reach 64 billion objects by 2025, up from 10 billion in 2018—all monitored in real-time. Looking forward, a hyperconnected world could support up to 1 million devices per square kilometer with next-generation cell phone systems (5G), compared with the 60,000 devices currently possible with current cell networks, with even faster networks on the horizon". Source: dni.gov
The influx of such a huge number of devices changes the dynamics and size of the cyberattack landscape and creates more potential entry points for malicious actors. Compared to laptops and smartphones, most IoT devices have less processing and storage capabilities. This can make it difficult to protect them with firewalls, antivirus, and other security applications to safeguard them. These advancements have increased the organisation's technological footprint and the cyberattack landscape, with the possibility of threat events (malicious and accidental) occurring more frequently.
With the introduction and adoption of cloud services, the physical permitter has been erased; now anyone can reach cloud from any part of the world. Although cloud services offer a range of benefits – scalability, efficiency, and cost savings, however, they are also a prime target for cyber attackers. We have seen in the recent past that misconfigured / unsecured cloud settings are a significant cause of data breaches and unauthorised access, insecure interfaces, and account hijacking.
Securing these vast attack surfaces mentioned above is a herculean task for the businesses, making it more and more pertinent to hire relevant cyber experts/teams and implement tailored automated cybersecurity solutions to conduct the business in a safe and secure environment.