By Rajarshi Bhattacharyya, Chairman and Managing Director, ProcessIT Global
As we know since the onset of the Covid-19 pandemic, cybersecurity incidents have been increasing rapidly and these include some high-profile attacks too in the past year. Check Point Research reports global attacks increased by 28% in the third quarter of 2022 compared to the same period in 2021. Worldwide, on an average weekly attacks per organization reached over 1,130. Government, defense, education, financial services, and healthcare sectors are frequently targeted.
Traditional cybersecurity strategies did not work as these legacy tools many a time failed to block attacks before they breached the network and caused damage. Organizations today acknowledge the importance of cybersecurity and have made it a business priority. With the appropriate tools and technologies in place, it is possible to prevent even the most advanced attacks, including zero-day attacks.
Here are some of the key cybersecurity trends and related developments that defined the threat landscape and related aspects.
Ransomware attacks remain a major threat across sectors
The challenges of ransomware have increased further in 2022. Cybersecurity Ventures predicted that by 2031 ransomware will strike a business, consumer, or device every 2 seconds and collectively cost victims USD 265 billion by then, from the USD 20 billion in 2021. These costs include loss of productivity and sales, data breach cleanup, and regulatory fines. The attacks have occurred across the globe and to successfully address them, the action to be taken should also be global in nature. In India also, businesses paid heavily to hackers to get their data decrypted. The ransomware attacks clearly indicate every organization, be it large or an SMB, is a potential target and has to be prepared to address threats. However, all attacks were not sophisticated as malware attacks as many were also due to exploiting existing vulnerabilities.
Cloud security – a key concern
As we witnessed the increase in remote working culture and digital services, the demand for cloud solutions has sky-rocketed with organizations migrating to the cloud. The benefits offered by the cloud such as scalability, flexibility, agility, and operational and cost efficiency appealed to organizations. However, the cloud does not provide complete protection for the data stored in it, although it is more secure than on-premise implementations. Data breaches and leaks and data losses were some major security issues that had to be addressed constantly. Increased APIs and misconfigured cloud storage were other cybersecurity threats. Organizations have to be proactive and always work at protecting the network and ensuring cloud assets are safe. They had to follow a shared responsibility model for security on the cloud that included, Cloud Service provider, SaaS Services Provider, and the Customer, each being accountable for the function, by leveraging the right tools and technologies.
Increase in popularity of Advanced SIEM, SOAR, UEBA, and IAM solutions
While taking a holistic approach to improving the cybersecurity posture, organizations leveraged several tools. There has been an evolution of Security Information and Event Management (SIEM) solutions. Advanced SIEM solutions incorporate purpose-built sensors to collect digital forensics data across the organization. They also use User and Entity Behavior Analysis (UEBA) which triggers an alert when any unusual user or entity behavior takes place. This can be in unusual ways, places or times, outside the normal pattern. The next evolution of SIEM, Security Orchestration Automation, and Response (SOAR) gained more traction as it acted on the suspicious behavior by consolidating data sources, and leveraged inputs delivered by threat intelligence feeds and automated responses. The Identity and Access Management (IAM) systems identified, authenticated and authorized individuals and gave them access rights to the resources. With Single Sign-On and Multi-Factor Authentication, the key IAM tools improved access and helped save costs.
Data-Privacy as a discipline grew in importance
Yes, in 2022, consumer concerns over data privacy increased and a significant rise was seen when Elon Musk bought Twitter. There were a significant number of layoffs including those responsible for the security and privacy of the users of this social media platform. Data, which is considered the new currency is a business asset as it provides business insights leading to better customer experience, and safeguarding it is critical. Data privacy, besides ensuring regulatory compliance appeals to the investor community. It also reduces financial losses, and customer churns and enhances brand reputation. By automating processes and technologies for continuous data protection and implementing a mechanism for continuous monitoring, organizations benefited significantly.
AIOps (AI for IT Operations) leveraged for accelerating cybersecurity
IT security teams worked on staying ahead of the threats and ensured technology helped in safeguarding data through innovation. One such innovation is the AIOps tool that combines AI and ML to establish AISecOps or AIOps for cybersecurity was noticed in the recent past. These tools help to determine in real-time, whether the activity was suspicious or not and provide resources to prevent and mitigate security threats thereby eliminating any irreparable loss. Most AIOps platforms integrate with other security tools, such as network firewalls, SIEM, and SOAR, and therefore could be used to boost cybersecurity. With the implementation of the AIOps strategy, a more proactive approach can be taken to performance monitoring and security issues can be proactively identified, isolated, and addressed.
As cybersecurity continues to remain a key business priority, cyber threats will also grow severe and attempt to surpass the defenses. In this scenario, to ensure cybersecurity becomes a success, organizations have to focus on relevant policies and effective implementation. Furthermore, CISOs have to work along with the C-Suite to establish a security-first strategy and opt for Zero-trust architecture while stressing the need for cyber resilience.
