The focus on resilience is changing the role of security leaders in organizations today and will continue to do so in 2023. 2022 saw a lot of disruption in businesses, especially with rising cybercrime incidents. Cyber threats will only continue to grow and multiply due to the ongoing convergence of data, changing the discipline of cybersecurity altogether.
As the cybersecurity discipline continues to evolve, so will the roles and responsibilities of security leaders and CISOs. In fact, based on Splunk's 2022 State of Security Report, 59% of security teams surveyed had invested significant time and resources to mitigate the issues, up from 42% in 2021. CISOs will have to take on more responsibility and develop strategies to mitigate and counter the rise of cyber attacks to build business resilience eventually.
Splunk's recent Data Security Predictions Report highlighted ten different security threats, ranging from increasing cybercrime, such as ransomware, to urgency around privacy. For Singapore and Asia Pacific specifically, the three major threats that will be crucial to organizations are: the rise of ransomware, cybersecurity-as-a-service and supply chain attacks. These are also the regions where there are an increasing number of organizations that are embracing digital transformation, creating unintentional gaps in their cyber defences, luring cybercriminals.
Ransomware Works, and Is Here To Stay
According to Splunk's 2022 State of Security Report, 79% of organizations have experienced ransomware attacks. As a result, 35% of this cohort lost access to data and systems altogether. Ransomware gangs have also grown more creative, shifting their tactics from automated ransomware campaigns to extorting victims directly, skipping encryption. The digital transformation journeys of companies such as the improper adoption of multi-cloud, moving to hybrid environments and increased use of online tools, are also the key culprits in creating opportunities for security gaps, often due to poor visibility across their data and systems.
As rapid digitalization continues, there is no doubt that ransomware-as-a-service and ransomware attack numbers will continue to increase. Hence, there is an urgency for organizations to invest in tools and resources that will help improve their cybersecurity capabilities and strengthen their IT infrastructure.
The sectors that are more prone to be targets are not just government agencies and the banking, financial services and insurance (BFSI) sector, but also industries where technology may not be their strongest suit, such as the education and healthcare industries.
The good news is security is largely a data problem, these attacks can be overcome by introducing the necessary security and observability tools and data platform to keep bad actors at bay.
Black Hat Hackers for Hire a.k.a Cybercrime-as-a-Service
Some of us may be familiar with the term “white hat,” the ethical security hacker. Today we have the black hats, or hackers who are committing cybercrime as a service for hire. The Singapore Police Force identified cybercrime as a key concern, reporting 22,219 cybercrime cases in 2021, a 38% increase from 16,117 cases in 2020.
Cybercrime is now more professionalised and has grown to be an entire ecosystem. What this means is that cybercriminals and other bad actors are able to sell their cybercrime services to potential customers on the dark web, where stolen cards and personal details are also available for purchase. As such, both syndicates and individuals today pose an equal level of threat and damage. No longer will one need to rely solely on technical and coding skills to launch a cyberattack and engage in cyber extortion.
Attacks on Supply Chains Due to Policy Gaps
Like ransomware attacks, supply chain attacks are expected to persist due to the lack of proper policies. The lack of use of open-source code also prevents security teams from determining whether the compromised element could impact any of the products the organization is using or selling.
Supply chain attacks will continue, with underfunded and under-resourced open source being the key vulnerability. A SBOM, or software bill of materials, will soon be an industry standard and a mandatory remediation tool for organizations. However, there is still a lot of room for improvement — companies that are using open-source components are not contributing to the development and upkeep of their products.
Rapid digitization, paired with the faster pace of businesses, will simply bring about more rapid software release cycles resulting in an increase in supply chain attacks. As these attacks continue, it is crucial for CISOs to have a comprehensive list of the software components that make up their overall infrastructure.
The Evolution of Cybercrime Go Hand in Hand With Responsibility
As cyber threats continue to advance, the discipline of cybersecurity as a whole will evolve. From deglobalization pressures, changing data regulations in countries like Australia and Singapore, to India’s nationwide 5G rollout plan, industry players innovating in areas like blockchain and quantum computing will bolster the evolution of cybercrime, accelerating cybercrime attacks.
With data and security convergence integrating physical security and information security within organizations rather than siloing teams, CISOs can no longer just look at security as a function. Instead, as security increasingly becomes a data problem, they will need to weigh in on new decisions throughout the organization, owning more data broadly and strengthening their cybersecurity capabilities across various business units to achieve cyber resilience.
Please refer to Splunk's 2023 Data Security Predictions Report for more information.