Written By: Akshat Jain, CTO of Cyware
One thing is clear as we approach 2022: attacks are on the rise and threat actors are leveraging every opportunity to cause disruption in an industry still recovering from a worldwide pandemic. COVID has had profound effects on the cyber landscape, as it has on most industries. Businesses are starting to run their operations and build their infrastructure remotely, shifting the threads of communications between devices. This has led to a series of attacks on cloud infrastructure and digital supply chains and has forced CISOs to rethink their security strategies.
Cybercriminals are getting more and more audacious with sophisticated tools, posing a threat to businesses of all sizes. The digital dependency of our society has only grown over the last few years. New security vulnerabilities and challenges have arisen as a result of the rapid growth of cloud adoption, and the erosion of the perimeter. The need to protect digital assets and critical infrastructure from cyberattacks is growing, while at the same time becoming more challenging. Globally, cyber defenses are shifting toward a collective defense as more and more organizations are now sharing threat intelligence with each other.
A changing threat landscape will necessitate new strategies for businesses. As the industry moves forward in 2022, these cybersecurity trends will demonstrate what businesses should prepare for.
Cryptocurrency will be a hallmark of ransomware attacks
Cryptocurrencies continue to provide a safe haven for cybercriminals and ransomware groups looking to evade being traced. Because these coins are largely anonymous, cybercriminals are heavily relying on these currencies to carry out attacks.
As per the data shared earlier this year by Cybersecurity Ventures, “by the end of 2021, ransomware is expected to attack a company every 11 seconds and cause damages of up to $20 billion.”
The illicit use of cryptocurrency, both to evade sanctions and to obfuscate involvement in criminal activity, will continue to increase in 2022, with ransomware and crypto-jacking being the two most prominent ways that criminals can directly receive cryptocurrency payments from their victims.
Critical infrastructure cybersecurity will continue to face scrutiny as threat actors mount more frequent and sophisticated attacks, pushing private and public sector organizations to form a collective defense to address the security gaps in operational tech and information tech.
The breaking points of critical infrastructure have been tested like never before, with cyberattacks targeting the power grid in India, as well as cyber assaults targeting the Colonial Pipeline, CNA Financial Corp, JBS, and several more globally serving as stark reminders. Such attacks are trending upwards and will continue to draw attention from lawmakers.
The implementation of new security standards can help organizations tackle these threats, however, the maintenance and monitoring of such standards is also key. The surge in cyber threats can only be countered with new approaches, such as information sharing rooted in public-private partnerships and collaboration, along with investments in significant technology upgrades to step up the capabilities of control systems involved in sharing across diverse networks.
Security researchers have time and again warned about the expanding “attack surface” that is opening the doors for more ransomware attacks against Indian companies. Gartner also predicted that Indian companies will spend more than $100 billion on IT infra in 2022, while a PwC survey highlighted that 41% of organizations in India could see double-digit growth in their cybersecurity budgets in 2022.
Threat sharing will become imperative for all, leading way to more public-private collaboration
Information sharing is still considered an altruistic act and requires a culture shift to get skeptics on board. While we eagerly await the final approval of India’s National Cybersecurity Strategy in 2022, it is the right time to once again emphasize the importance of effective public-private partnerships, multilateral and cross-sectoral information sharing, and cooperation in management and response to security threats. Together, these collaborative approaches will help India in realizing the vision of a secure, resilient cybersecurity posture for all critical infrastructure entities, as well as organizations in the public and private sectors.
To adapt and thrive in today’s evolving work environment, Indian businesses will need to make intelligence sharing an integral part of their multi-pronged security strategy. Companies across different industries will find value in establishing mechanisms for intel sharing to empower their security teams in responding to critical threats. Lastly, the need for cross-sectoral sharing will also grow as we encounter new threats that impact companies across industry sectors regardless of their operational boundaries.
The future of cybersecurity will be one that is shaped by innovative solutions which enable greater collaboration among various stakeholders. It is up to the security stakeholders to catalyze this transformation of the cybersecurity landscape to build a secure cyberspace for all.