By: Kartik Shahani, Country Manager, Tenable India
2021 has been a landmark year for cybercriminals who have relentlessly taken advantage of vulnerabilities and misconfigurations in supply chains, critical infrastructure and organizations’ move to remote and hybrid work models. According to a study by Forrester Consulting commissioned by Tenable, in the past year, a staggering 88% of Indian organizations experienced a business-impacting cyberattack, with 56% of respondents indicating that the attacks targeted remote workers. It comes as no surprise that, as organizations adopted new technologies to embrace remote work, their software supply chain expanded. Sixty-three percent of security leaders attributed recent attacks to a third-party software vendor compromise – underscoring the need for greater visibility into the atomised attack surface.
The events of 2021 have also made it clear how reliant we all are on the infrastructure and supply chains underpinning modern society — agriculture, food and beverage manufacturing, pharmaceutical development — particularly in times of crisis. For these very reasons, as we head into 2022, organizations must think of cybersecurity as an essential business function. A good place to start is by getting some insight into what the threat landscape is going to look like.
Here are four trends to look out for.
A cost-benefit approach to minimize ransomware attacks
Ransomware-as-a-service (RaaS) emerged as a major threat in 2021, making organizations cautious. In 2022, attackers are unlikely to target low-hanging fruits but become more selective about their targets — they are likely to be more circumspect and strike a balance between the risk of getting caught and making money. organizations will have to focus their efforts on staying one step ahead and making it more expensive for cybercriminals to perpetrate attacks. If the reward is lower than the risk, organizations can establish a level of deterrence so bad actors can be dissuaded from launching attacks.
A shift-left approach with infrastructure-as-code at the heart of it
Almost every organization now has a cloud-first strategy but the cloud security solutions have taken a traditional approach in identifying vulnerabilities at runtime. This approach fails to deliver security at the speed of the cloud. In 2022, organizations will move to a shift-left approach where security flaws are identified and addressed at the point of creation of the code itself. This is far more effective as DevOps teams are enabled with security syntax for Infrastructure as Code that assesses scripts for issues. Vulnerability detection will move from reactive to proactive in 2022, as CISOs recognise that cybersecurity can be built into the infrastructure.
Focus on the basics: Securing the Active Directory
Most Fortune 1000 companies rely on Microsoft Active Directory for identity access management. It has been and will continue to be the easiest path for cybercriminals to launch attacks. As organizations in India continue to adopt a hybrid work model, entry points will continue to vary, making it critical for organizations to secure AD as it is simply too lucrative and bad actors will leverage misconfigured AD to move laterally, escalate privileges, and deploy ransomware. In 2022, organizations must mitigate misconfigurations and continuously monitor the AD to stop bad actors from lateral movement.
5G will increase dependence on digital infrastructure, expand threat landscape
5G roll-out in India is expected to occur in 2022 and will increase the ability to interconnect intelligent devices at high speed. This is expected to increase the emergence of intelligent cities and infrastructures. While there are tangible benefits for 5G technology, it expands the threat landscape and cyberattacks can have a real impact on society when this infrastructure malfunctions. As we embrace 5G, the resilience of cybersecurity becomes critical as bad actors will leverage any flaws in this game-changing technology.
The overwhelming number of cyberattacks has surely made organizations more cautious but rather than play catch up with bad actors, organizations must look at becoming cyber resilient and be able to make it strenuous for cybercriminals to launch attacks.
