Cyber-attacks happen around the clock, far more often than can ever be reported outside of the organizations they affect. But sometimes an attack is so widespread and devastating that it sends shockwaves through the business world and even into the mainstream media. Incidents like SolarWinds and Log4j were front page news, sending organizations scrambling to patch them.

Almost a year ago, I took on a new challenge: Start a podcast about cybersecurity – The Cybersecurity Sessions, hosted by Netacea co-founder and CPO Andy Still. To be honest it’s not always easy finding the time to record the podcast between Andy’s more business-critical duties, but it’s a task he’s looked forward to greatly each month since last November. That’s because, like me, Andy is always seeking out new perspectives and information.

In August 2022, password management company LastPass fell victim to a cyberattack, in which hackers breached its systems and stole its source code. LastPass’s success is built around offering secure, trustworthy software, so a hack like this could be seen as a knock against the company — but it also impacts wider public trust in password management software.

Cyberthreats are one of the most significant challenges facing society today. From illegal political influence to personal data theft, cyberattacks are already posing a huge problem for governments, businesses, and individuals. And as attacks become more sophisticated, it’s getting harder to protect ourselves online. So, what can we expect from the future of cybersecurity? Is it possible to keep up with the speed and complexity of these advancing attacks?

Bots now make up more than 43% of all internet traffic. It’s a growing problem — there are now almost twice as many bad bots as good bots. That’s why site administrators use programs like reCAPTCHA to block bots from accessing their websites, apps, and APIs. Bots aren’t a new problem. Back in 1950, Alan Turing created the Turing Test: a game designed to test a program’s ability to pass as a human.

Cyberattacks cost businesses trillions of dollars every year in lost productivity, lost business, and legal penalties. So companies try to solve the problem by signing up for as many WAFs, NIDS, and bolt-on bot bundlers as they think they need. But while these systems can help stop cyberattacks, they also cause another problem: alert overload. Alert overload happens when your security team is inundated with notifications about possible threats to your system.

‘Measure the Real Cost of Cybersecurity Protection’, by Gartner® analysts Stewart Buchanan, Paul Proctor and Bryan Hayes, is available for a complimentary download from the Netacea website until 31st August 2022. We think the report teaches how to use outcome-driven metrics to set protection-level agreements (PLAs), gaining business stakeholder support and the budget approval needed to deliver them.

Most cyber threats — like credential stuffing and card cracking — are committed by fraudsters with the aim of stealing money, data, or both. The law is clear on these cyberattacks: online fraud is illegal. But unlike these overtly malicious threats, web scraping isn’t always illegal, or even unethical. Aggregator sites like travel agencies and price comparison websites use scraper bots to help customers find the best deals.