By Vijeth Shivappa
This week one of the major mobile operator in US suffered a major data breach. The mobile company confirmed that perpetrators behind this cyberattack accessed personal information related to about 7.8 million current subscribers, as well as records of 40 million people who had previously applied for credit with the company. Increased sophisticated Cyber threats are impacting enterprises and the global economy in general. Cyber attacks targeting enterprises across all sectors of the global economy . Cyber threats are among the most significant and growing issues confronting our economy and can cause “significant harm” if systems are compromised through malfunctions or malicious actors. Cyber Security breaches has now become an urgent threat to our global economic security , public health and safety. By 2022, it is predicted that 65% of the global economy will be a digital economy. As we accelerate our digital transformation and move towards a more connected world, addressing these threats becomes even more important.
The safety and security of the global economy rely on the resilience of the companies that provide essential services such as power, water, transportation, Information & communications, Healthcare & Banking services to the masses. Just for example consider a disruption in energy sector due to a possible cyber-attack . This could lead to a consequential reduction in electrical power generation, that would in turn leads to the forced shutdown of computerized controls, tele-communications, water supply , banking & financial services , road traffic systems , air traffic controls , and rail transportation & Emergency services might also get affected . The recent cyber security breaches at Colonial Pipe Line, Kaseya & SolarWinds have highlighted the threat in the supply chain, with critical components, critical manufacturers, and suppliers across the sector that could be a weak & vulnerable link.
Ransomware continues to top the list of cyberattacks as per the recent survey done by IDC ( International Data Corporation ,is the premier global provider of market intelligence, advisory services). Ransomware attacks significantly hamper business operations as data gets encrypted, compromising the availability of critical resources required to carry out day to day business processes. In such events the choices with enterprises are limited, either to rebuild affected systems of the infrastructure, which is usually a prolonged disruption, or pay the ransom with the hopes of getting the decryption keys to restore the data & operations back to normal. In a separate study IDC Future Enterprise Resiliency Survey, 49.4% of organizations that faced a ransomware attack chose to pay the ransom, 82.4% of those who paid managed to get a working decryption key, that means almost 20% paid the ransom but got nothing in return.
Cyber resilience should be part of business continuity planning. Cyber resilience has more broader scope, which includes cyber security and business resilience . Various steps can be taken by enterprises to build cyber resilience in to their business operations. Isolation of affected areas , response management & quick recovery of operations are key while dealing with ransomware attacks . Cyber resilience helps businesses to be aware that hackers also use latest technologies powered with Artificial intelligence & machine learning, element of surprise and can be successful in their attack attempt. This concept helps business to prepare, prevent, respond and quickly recover their business operations. This is a shift in mind set as the organizations incorporate security best practices in to day-to-day business operations. In comparison to cyber security, cyber resilience requires the business to be more agile on handling security breaches. To ensure cyber resilience, the concept of cybersecurity has to be built into the design of the enterprise wide data strategy .
Encryption technologies can be incorporated while storing production data without compromising performance. And encrypted data can be encrypted. So simply encrypting data is not enough. Now we need to build fences around the data. Using modern data platforms like content platforms for storing unstructured & semi-structured data can protect from ransomware attacks. The use of emerging technologies like artificial intelligence and machine learning is vital in anomaly detection
From a defense perspective, Artificial Intelligence and Machine Learning (AI/ML) are mainstream technologies in defending against both Ransomware & phishing threats. Technologies that connects the operational technology side of the business to the IT side of the business can also play critical role in achieving this objective. 200 billion connected devices by 2030 means that 75% data will be moving to edge . Data security and availability has to be treated as cornerstones of a digital transformation strategy.
As far as government policies are concerned, a comprehensive Cybersecurity Initiative with Public-private partnership is necessary to facilitate the development and deployment of technology to increase threat detection & remediation . Forming an empowered additional cyberlaw enforcement agency would be beneficial in enhancing the cybersecurity of critical infrastructure, which are vital to the day to day functioning of the economies. Otherwise the risks are very high to ignore . Average total cost of recovery from a ransomware attack for businesses in APJ has more than doubled in a year, increasing from US$1.16 million in 2020 to US$2.34 million in 2021.Cybersecurity Ventures expects global cybercrime costs to grow by 15 percent per year over the next five years, reaching $10.5 trillion USD annually by 2025, up from $3 trillion USD in 2015. This represents the greatest theft of wealth in the history. The risk is exponentially larger than the damage caused from natural disasters in a year, and will be more profitable than the global trade of all major illegal drugs combined. The latest forecast is for global ransomware damage costs to reach $20 billion by 2021 — which is 57X more than it was in 2015. The prediction is there will be a ransomware attack on businesses every 11 seconds by 2021, up from every 40 seconds in 2016.
The governments across the globe requires private sector in each of the critical economic sector to assess its vulnerabilities to both physical or cyber-attacks. Plan to eliminate significant vulnerabilities. Develop systems to identify and prevent attempted attacks. Alert, contain and rebuff attacks and then, to recover essential capabilities in the aftermath of the attack This centralized cyber law enforcement agency can then come up with sector-specific critical infrastructure cybersecurity performance goals. Incentivising entities for meeting these cybersecurity performance goals through potential tax credits & Cyber insurance is something can be evaluated.
– All views expressed are personal