The COVID-19 pandemic has exposed the unpreparedness of many conventional organizations to respond to widespread disruptions and security risks. Nearly 30% of those firms that face such assaults are expected to suffer severe financial losses in addition to business interruption and reputational harm.
With more people turning online for work, service consumption, and leisure, cybercriminals have an unprecedented opportunity to leverage sophisticated tools to launch their exploits and target key infrastructure for information theft.
According to EY Global Information Security Survey (GISS) 2021, the COVID-19 crisis has had a devastating and disproportionate impact on cybersecurity. Through a global survey of more than 1,000 senior cybersecurity leaders, the research finds CISOs and security leaders grappling with inadequate budgets, struggling with regulatory fragmentation, and failing to find common ground with the functions that need them the most. Enterprise security has become increasingly exposed as a result of the growth of work from anywhere, linked devices, and multi-cloud systems, which has also led to an increase in security breaches. IBM estimates that the average cost of a data breach in India increased by around 6.6% from 16.5 crores in 2021 to 17.6 crores in 2022. In our cover story for this issue, we will examine the key challenges and significant areas of attention for tech leaders in 2023 concerning cybersecurity.
A rise in ransomware attacks
Cybercriminals utilize ransomware, a sort of software, to profit financially. It is distributed similarly to how all malware infiltrates victim systems. According to Palo Alto Networks' Unit 42 Ransomware Threat Report 2022, the average ransom demand in instances they handled in 2021 rose 144% over 2020. Additionally, there was an 85% rise in the number of victims whose names and other information were made public on the "leak sites" on the dark web that ransomware gangs employ to blackmail their victims. These and other widespread extortion techniques are a sign of what the ransomware threat landscape will look like in the future.
CERT-In noted that India witnessed double the ransomware attacks in 2021 compared to 2020, leading to more organizations paying ransoms. Ransomware gangs are increasingly using many extortion strategies to coerce the target organization into paying the demanded ransom, which is a growing trend.
A malware assault on several Central Depository Services (India) Limited's computers occurred in November of this year, causing settlement operations to be delayed. In another incident, the All India Institute of Medical Sciences (AIIMS), India's foremost medical institution, experienced a large cyberattack on its networks, which was reportedly a ransomware attack. It compromised every file stored on the hospital's primary and backup systems in addition to interfering with routine medical operations, which had an impact on thousands of patients.
These are only a few of the numerous incidents that afflicted IT decision-makers in 2022 as they dealt with their cybersecurity initiatives. Organizations are more susceptible to assault in 2023 as hybrid working continues to rule most of the world. Industry experts predict that in the coming year, ransomware attacks would concentrate more on damaging data than encrypting it. Organizations need to become comfortable talking about cyber risks in the same way they talk about market risks and establish workable plans, according to KPMG. This can involve applying a "trust but verify" philosophy when it comes to the security tools your company uses and taking into account new business services that offer software assurance and continuously monitor your technological environment.
To manage a larger range of threats, risk and security professionals will need to think beyond traditional approaches to security monitoring, detection, and response. Most IT leaders place a greater emphasis on developing robust automation and security intelligence layers to protect against such ransomware concerns. In 2023, more emphasis is being placed on creating a solid data backup strategy to make sure that, in the event of a system attack, the crucial data is not destroyed.
In addition, to protect the company IT infrastructure, the IT teams should hold regular education and training sessions to teach staff the best practises, such as how to spot phishing, create strong passwords, and utilise separate devices for personal and business use.
Expansion of IoT
As we get closer to the information-driven 5G era, data is the glue that holds enterprises together, whether it's driving exceptional user experiences, increasing services, or anticipating customer needs. Across 2023, the ubiquity of connectivity, which will also enable frictionless data collection and transfer, will drive the widespread deployment of IoT sensors in sectors and industries across verticals. To increase production and efficiency, these connected devices are anticipated to see significant growth in the manufacturing sector.
Because there are so many of these devices, it is difficult for IT decision-makers to assess their multi-layered and end-to-end security requirements. These devices are also becoming more and more likely access sites for hackers. According to the 2020 Unit 42 IoT Threat Report, by Palo Alto Networks, 57% of IoT devices are vulnerable to medium- or high-severity attacks, making IoT the low-hanging fruit for attackers.
The IT decision-makers contend that there is no one-size-fits-all approach to enhancing an organization's cybersecurity when it comes to IoT and that to prevent these devices from becoming easy targets for cybercriminals, solid policies must be in place even during the deployment phase.
As AI has gained prominence, it has helped businesses by successfully streamlining their processes and automating tedious jobs. The technology has also been leveraged by enterprises to enhance their customer service and provide real-time support. It is also equally effective in enabling enterprises to identify possible threats in advance.
According to an IBM study, implementing AI and automation in security can help firms cut the entire expenses of a data breach by saving more than 14 weeks in threat detection and response times. But these days, technology is also being utilized destructively, and cyber criminals frequently use it to further illegal ends. The worry that cybercriminals may abuse AI is not new. The cybercrime industry, however, has never had the financial resources to construct tools or attract extraordinary AI expertise, which may put large businesses in a precarious position as they have all the resources and skill sets necessary to allay such fears.
The security company McAffe claims that soon, employees will be able to create AI-generated content in a matter of minutes since AI-driven content production tools are becoming more widely accessible to the general public, customers at home, and employees.
The same goes for desktop publishing, photo editing, and low-cost photorealistic home printers, which will provide sophisticated outputs previously only possible with specialized knowledge.
The 2023 threat predictions report adds that "improvements in desktop publishing and consumer printing also brought benefits to criminals by enabling better counterfeiting and more realistic image alteration."
Although the industry hasn't yet seen widespread AI-powered ransomware attacks because they would require highly skilled cybercriminals, many believe it's only a matter of time because cybercrime is developing into a professional industry and soon they may start hiring AI experts for illegal activities.
Experts predict that these technologies will help scammers and propagandists, including cybercriminals and others attempting to fool the public, progress their tradecraft with more effective and realistic results.
The use of AI-enabled tools by hackers to contaminate data and influence decision-making algorithms could modify the intended behavior of AI/ML tools used by enterprises, which might pose a big problem for IT decision-makers in the times to come. It will be a challenging task for tech leaders in to create effective defenses against AI-powered attacks. Strong AI-governance initiatives must be put in place by IT leaders to combat and prevent the risks to privacy and potential exploitation of data.
According to Gartner, there is no monitoring available to evaluate the impact on privacy because a substantial portion of the AI used by enterprises today is embedded into larger systems. These embedded AI capabilities are used to analyse consumer sentiment, follow employee activity, and create "smart" goods that adapt as they are used. Furthermore, judgments made years from now will be impacted by the data supplied into these learning models today.
“Once AI regulation becomes more established, it will be nearly impossible to untangle toxic data ingested in the absence of an AI governance program. IT leaders will be left having to rip out systems wholesale, at great expense to their organizations and to their standing,” notes Nader Henein, VP Analyst at Gartner in a report titled, Gartner identifies top five trends in privacy through 2024.
New and advanced software supply chain threats
When the SolarWinds hack was originally announced a few years ago, the supply chain attacks were heavily highlighted. According to industry analysts, supply networks will be more vulnerable in 2023 as we draw closer to that year. It is anticipated that hackers may leverage contemporary techniques and resources to target weaknesses at specific points in the software supply chain.
According to Kaspersky Security Bulletin (KSB), an annual project lead by Kaspersky experts, the main problem for 2023 will be supply-chain stability and cybersecurity. “Supply-chain will become more of a sweet spot for targeted ransomware and state-sponsored espionage campaigns,”it says. The reality of software supply chain attacks, according to ReversingLabs, hasn’t been lost on developers and those working for software firms. To assess organizations’ levels of awareness about supply chain risks, ReversingLabs commissioned a survey of 307 executives, as well as technology and security professionals at software publishers. According to the Dimensional Research poll, there are growing worries about software supply chain threats and the dangers that come with an increased reliance on open source and third-party libraries.
Cybersecurity talent gap
Cybersecurity skill scarcity has long been a problem for tech industry leaders, and this problem is expected to continue. Despite an expanding talent pool, attracting and keeping qualified cybersecurity professionals has become a top challenge for tech leaders. Cloud security specialists, Security Operations (SOC) analysts, Security administrators, Security architects, DevSecOps specialists, incident response specialists, and Network architects are among the main roles that enterprises are looking to fill.
The risk of data breaches and hackers has increased as a result of the new and emerging technologies such as AI and ML. Because of the extraordinary size and pace of the attacks, businesses must constantly assess their risk management plans, and this need strong availability of talent.
Across the world, 80% of firms experienced one or more breaches that they could link to a deficiency in cybersecurity knowledge and/or skills, according to the Fortinet 2022 Cybersecurity Skills Gap Global Research Report. According to the report, 64% of firms had breaches last year that cost them money in lost sales or fines. Organizations reported breaches that cost them more than $1 million in a startling 38% of cases. Despite having an estimated 4.7 million experts, the cybersecurity workforce still faces a global shortage of 3.4 million people, according to ISC's 2022 Cybersecurity Workforce Study. Its findings show that an additional 65% growth in the global cybersecurity workforce is required before all firm personnel requirements would be satisfied.
New regulations and data privacy
Data privacy compliance and local rules have recently emerged as a major issue impacting critical business decisions as firms strive to advance digitally. The amount of data being produced today is enormous, and there are numerous complex laws and regulations in place around the world to deal with it, including the General Data Protection Regulation, China's Cybersecurity Law, and India's proposed Digital Personal Data Protection (DPDP) law, among many others.
Although experts concur that these laws are necessary for a nation's and its residents' security, they can also result in conflicting priorities, which could somewhat jeopardise an organization's security. According to Gartner, 75% of the world's population
will have their personal data protected by contemporary privacy laws by the end of 2024.
Many firms will recognise the necessity to begin their privacy programme efforts now as privacy regulation activities spread across dozens of jurisdictions over the course of the next two years. In fact, Gartner forecasts that by 2024, large enterprises would spend more than $2.5 million annually on privacy. Technology leaders may find it difficult to balance maintaining compliance with making sure they are abiding by all laws in the nations in which they do business.
Nation-state cyber threats
Organizations in every industry must be prepared to deal with nation-state cyber threats in 2023. In a scenario, where cloud is enabling businesses and organizations to connect across the globe, threat actors and cybercriminals are extensively looking to attack government and enterprise infrastructure that are far outside of their historical boundaries. These assaults use highly effective methods to undermine public confidence, steal technological capabilities and sway opinion.
The proportion of nation-state assaults that target crucial infrastructure that Microsoft has identified has jumped from 20% to 40% since last year. This spike was primarily brought on by Russia's desire to damage the infrastructure of Ukraine and its persistent espionage campaigns against its allies, mainly the United States. The Microsoft research states that "in addition, many attacks are also coming from China, which is propelled by its ability to uncover and create "zero-day vulnerabilities" - particular unpatched gaps in software not previously known to the security community."
In addition, coordinated and destructive cyberattacks have also been noticed from Iran and North Korea. Industry experts say it's crucial for businesses and technology leaders to find the approach that best fits their needs rather of concentrating on the tried-and-true method. Enhancing protection mechanisms absolutely requires paying attention to fundamentals and culture transformation. If sufficient multi-factor authentications, pertinent policies, and automated threat detection technologies are not enabled, cybercriminals can simply attack susceptible environments in a hybrid configuration where hundreds and thousands of connected devices are present in an organization’s ecosystem.
According to industry experts, new technologies like artificial intelligence (AI) are being used to battle cybersecurity risks. AI aids in the detection of new assaults or intrusions as well as the development of security protocols. IoT and 5G together usher in a new era of technological advancement and hazards. A multitude of assaults that could be introduced by the 5G architecture must be screened using advanced hardware and software. A similar amount of attention would be paid to training, process improvements, and developing in-house cybercrime talent in 2023.