The stakes of cybersecurity have increased in the post-COVID digital-first world. Cyber attackers have become more professional. They launch sophisticated AI-based attacks at will. Remote work and the proliferation of IoT render conventional security apparatus obsolete. Most employees access the network from outside the firewall, rendering conventional firewalls inefficient. The increase in remote endpoints, owing to remote workers and IoT, strain network monitoring tools. Here are seven cyber security predictions for 2022-23.
1. Ransomware will become more menacing
Ransomware is not going away soon. Cyber criminals now launch AI-based phishing attacks. These attacks impersonate users with perfection and fool even highly aware users to click on a malicious link. Once inside the network, the attackers encrypt all data and seek ransom for unlocking or for not dumping the data in the public domain. Of late, cyber criminals simply demand ransom against the threat of making sensitive data public.
Paying the ransom is not a solution. Only 8% of enterprises who pay up the demanded random recover all their data.
Enterprises and nation-states are finally waking up to the ever-increasing threat of ransomware. By 2025, almost one in three nation-states will pass legislation to prohibit ransomware payments. In 2021, only 1% of national states had legislation in place to criminalise paying ransomware. Paying ransom encourages cyber criminals to continue their criminal activity with more vigour.
New laws against ransomware show the trend of legislative backing for cyber security efforts.
2. Privacy laws will become more tenacious
Privacy is becoming more important by the day.
The European Union’s General Data Protection Regulation (GDPR) was the first major consumer privacy legislation. Several similar legislations followed suit, such as California’s Consumer Privacy Act (CCPA), Brazil’s General Personal Data Protection Act (LGPD), and Turkey’s Personal Data Protection Act (KVKK). By the end of 2023, modern data privacy laws will cover the personal information of five billion people or 75% of the world’s population.
Enterprises juggle multiple data protection laws in various jurisdictions. For most enterprises, the only recourse is to set up automated data privacy management systems. Leading enterprises track metrics such as subject rights request, cost per request, and time to fulfil, to identify and set right inefficiencies in these systems.
3. Cyber Criminals will weaponise operational technology
Water mains have often been the target of physical attacks for long, but with little success. Cyber-based attacks may change the balance in favour of the attackers.
Attacks on the hardware and software that control equipment at critical utilities are becoming more and more common. Cyber-attacks on water mains, power grids, and other utilities will become more frequent and menacing. Cyber-criminals hack into the operational technology systems that control these utilities. At stake is much more than information theft. Cyber-attackers use the hacked systems as weapons to harm humans physically.
Consider the February 2021 attack on the Oldsmar water treatment facility in Florida. A hacker raised sodium hydroxide levels to 100+ times the normal level. An alert employee pre-empted the damage, but utilities cannot expect to be so lucky every time.
Following the attack, the US federal government launched its Industrial Control Systems Initiative. The move will boost operational technology network security across-the-board.
At the enterprise level, effective countermeasures include:
- Focus on asset-centric physical safety deployments
- Setting up rapid strike teams to handle threats.
4. Enterprises will adopt a unified approach to security
The spread-out nature of enterprise networks and disparate security systems raises too many gaps that hackers exploit at-will. Most employees today have a mix of cloud, on-premises, and web solutions. Traditional security tools give way to tools such as access security blockers, cloud-based secure web gateways and firewalls-as-a-service. But often, they purchase different solutions from different providers, leading to gaps. The move towards a unified, integrated approach to access such resources is gaining ground. Enterprises now deploy security solutions from the same vendor for optimization and consolidation. Integration reduces the number of management consoles and consolidates the locations for data decryption, inspection, and re-encryption.
By 2025, eight out of ten enterprises will adopt integrated security service edge (SSE) solutions. Embracing SSE improves both network security and internal efficiencies big time.
5. Zero trust is becoming the norm
Conventional network security adopts an identity and access-control-based approach. Such an approach, based on implicit trust, is becoming obsolete. Maintaining trust has become untenable with the proliferation and spreading out of users, devices, and services.
The zero-trust approach is effective in keeping AI-based attacks at bay. Zero-trust requires the authentication, authorization, and continuous validation of all users and devices.
Zero Trust works on the premise of not trusting anyone without verification. Every user and every device gets access only after confirming who and what they are. The principle of least privilege applies, and users or devices seek re-validation to access a new service or resource every time.
By 2025, 60% of enterprises will have embraced zero trust security. Success, however, depends on a cultural shift to give security prime importance in day-to-day operations.
6. Cyber security will become a business concern instead of an IT concern
The realisation has finally struck many enterprises that cybersecurity is not an IT issue, but a business issue. Such a realisation has deep implications across-the-board.
Companies will affect a formal shift in cybersecurity accountability. By 2026:
- Corporate boards will become more involved in cyber security. About four in ten boards will have a dedicated cyber security committee.
- The contracts of C-level executives will include cybersecurity performance requirements. The ability to manage cyber risk is becoming an important component of executive performance.
- Security considerations will become an important evaluation criteria, when choosing business partners and contractors. 70% of businesses will soon regard cybersecurity risks as a primary consideration when engaging with third-parties.
7. CIOs will focus on building flexibility and resilience
Today’s fluid business environment, with frequent changes in business models and tech stacks, mandates a flexible and resilient approach to security.
By 2025, about seven in ten CIOs will develop a resilience strategy to cope with the uncertain business environment. They would have learned from the failure of their business continuity plans during the COVID-19 pandemic and drawn up better plans for future uncertain events.
Enterprises supporting myriad technologies spread over vast geographical regions need resilience, anyway. A flexible security solution improves security.
Most cybersecurity experts agree that a major cyber disruption is only one crisis away. Preventing threats is outside anyone’s control. But a coherent and proactive cyber security strategy will help thwart attacks or mitigate the damage. Investments in upgrading the computing architecture and systems have become the need of the hour for enterprises.