The Indian Computer Emergency Response Team (CERT-In) announced that it has observed a 51 percent increase in ransomware incidents in India in the first half of the business year in 2022. This surge in cybersecurity breaches came as many organisations began to significantly expand their online footprints as they doubled down on hybrid work models.
As we can see, cyber threats will only become more sophisticated and organisations must look at implementing a cyber resilient framework as part of their long term business strategy to stay ahead.
Security leaders will increase their focus on cyber resilience. While protecting organizations against cyber threats will always be a core focus area for security programs, we can expect an increased focus on cyber resilience, which expands beyond protection to include recovery and continuity in the event of a cyber incident. It’s not only investing resources in protecting against cyber threats; it’s investing in the people, processes, and technology to mitigate impact and continue operations in the event of a cyber incident.
Security teams need to protect against increasingly sophisticated spear phishing and social engineering attacks. The sophistication of recent spear phishing and social engineering attacks make attribution of threat actors increasingly difficult, which makes it more challenging for organizations to properly defend against them. Next year, expect to see more sophisticated social engineering attacks utilizing emerging deep-fake and AI technologies.
Continuing instability across the software supply chain will provide a rich environment for large-scale attacks. We’ve seen major supply chain attacks over the past few years and the software supply chain has only grown in importance. A recent executive order on the security of the software supply chain for government vendors is a step in the right direction. But we need to see more companies focus on strengthening their security practices, from considering a zero-trust approach to further securing infrastructure services (e.g., code signing, PKI, and hardening the release process). Increasing dependencies on third parties will also require more focus on security controls throughout the software supply chain, such as instituting third-party risk assessments, identity and access management, and timely patching.
Increasing reliance on cloud vendors could expand companies’ attack surfaces. With the flexibility offered by the cloud, more organizations are layering cloud technology into new places and enabling unique use cases with cloud technologies. However, in doing so, they’re also expanding their attack surfaces and will also need to come up with new strategies to deploy cloud security technologies and protection strategies. IT leaders will also need to have a strong process in place to evaluate these vendors and understand the technologies they use on the backend.