Remote and work-from-home are legacies of the COVID-19 lockdowns, which act as a booster shot for cybercriminals, according to Indeed. The company recently reported that 98% of employees used a personal device for work every day, which explains why a significant 67% of impactful cyberattacks originating from criminals targeting remote workers.
Moreover, as remote work will undoubtedly continue persist, these cumulative costs must be considered moving forward. To counter these trends, enterprises of all sizes in all sectors are placing a higher premium on business leaders fluent in cybersecurity to develop and implement technical policies that support overall business goals.
The University of West Florida (UWF) Master of Business Administration (MBA) with an emphasis in Cybersecurity Management online program equips graduates for those leadership roles through a curriculum that includes:
- The advanced application of management theory and principles of cybersecurity
- Information systems audit and control, contingency planning and computer center operations
- Developing threat models, vulnerabilities, analysis and security policy development
- The human aspects of cybersecurity, which is among the trends in cybersecurity management
Why Are Cybersecurity Managers Focusing on Human Risk Reduction?
According to McKinsey & Company, “Human failure causes nine out of ten cyber incidents. Behavior change and education are among the most effective ways to address cyberattacks.” Those human failures can include:
- Using unencrypted Wi-Fi when working offsite (creates easy attack opportunities for hackers to access enterprise passwords, financial data and personal information)
- Accessing personal apps, which are vulnerable to attack, installed on work-issued devices
- Relying on weak passwords and not recognizing potential threats and how to report them
Cybersecurity managers are adopting policies that encourage employees to modify their interaction with connected networks to human-enabled vulnerabilities and reduce risk, according to tech research and consulting firm Gartner. The publication notes: “Organizations using [security behavior and culture programs] have experienced better employee adoption of security controls; reductions in unsecure behavior and increases in speed and agility.”
Trends in Cybersecurity Privacy, Regulations, Ethics and Compliance
To navigate the tangle, organizations will seek cybersecurity managers with expertise in information assurance related to client-server, web-based, internet, cloud computing, virtualization and other advanced computer topics. Leading password management company NordPass describes evolving laws governing the protection of sensitive information as a “regulatory maze.”
“Compliance is no longer just about ticking a box; it’s about integrating these regulatory requirements into the fabric of our cybersecurity strategies,” according to NordPass’ assessment of developing information systems and audit controls.
How Is the Internet of Things Complicating Cybersecurity?
In 2020, 29 billion devices — everything from smartwatches and healthcare wearables to industrial monitors and infrastructure — were connected to data centers via Wi-Fi, Bluetooth and internal networks. According to FinancesOnline, 98% of them were on unencrypted external and internal networks. Hackers exploit those weaknesses to insert malware that has destroyed infrastructure, collapsed networks and corrupted sensitive data.
What Is Going on at the Intersection of Cybersecurity and Generative Artificial Intelligence?
Generative AI (GenAI), the web platforms powered by Large Language Models to create content based on user inputs, is a double-edged sword in cyberspace. For instance, security company Trellix recounts how a hacker used GenAI to write malware code that hijacked an estimated 150,000 WordPress websites. The hacker posted the script on the dark web with commentary that “emphasizes that one does not have to be a proficient programmer to exploit a vulnerability.”
GenAI occupies “significant headspace of security leaders as another challenge to manage,” Gartner notes. Cybersecurity managers are experimenting with ways to use it to enhance protections because of its:
- Efficiency at detecting threats and alerting security analysts, which accelerates the decision-making process
- Ability to analyze and summarize data from various sources and create natural-language threat and assessment reports
- Proactively identify and analyze threats based on machine-learned patterns
“There’s solid long-term hope for the technology,” notes Gartner, we’re more likely to experience prompt fatigue than two-digit productivity growth.”
Why Are Social Engineering Attacks Increasing?
Cybercriminals are becoming more adept at using IoT attacks, exploiting human vulnerabilities and using GenAI to create sophisticated deepfakes and other social engineering attacks. Using the personal data they access, hackers create personalized lures to trick users into infecting networks. Other tactics involve impersonating colleagues, IT techs and business leaders to gain their systems’ credentials.
A leader in cloud security Crowdstrike notes that “social engineering attacks pose a great threat to cybersecurity since many attacks begin on a personal level and rely on human error to advance the attack path.” This reinforces the demand for human risk reduction.
Graduates of an advanced business degree with an emphasis in cybersecurity management will have the knowledge and skills to anticipate and navigate the future cybersecurity trends with expertise. UWF’s program offers students the well-rounded skills necessary for a career in cybersecurity management.
Learn more about UWF’s online MBA with an emphasis in Cybersecurity Management program.
