How perilous can be cyber-attacks on your systems when you aren’t amply guarded? To gauge the damage, think how debilitating a sudden cardiac attack can be for anyone! Whether it’s our health or the health of our systems and digital assets, precaution is always better than mitigation. Still, at times, the most sophisticated systems can be vulnerable to phishing, malware and ransomware. Some major US websites despite their robust security apparatus went down in October this year, leading to distributed denial of services. When such events recur, it has a bearing on the Customer Experience (CX).
The ecosystem of bad actors - hacktivists, organized cybercriminals, and cyber terrorists is expanding. And they are posing increasing threat to critical public infrastructure like hospitals, financial institutions, schools, government organizations, etc. With the strengthening of digital economy and maturing of disruptive technologies, the cyber criminals are getting more sophisticated and ingenuous. The weaponization of emerging technologies by these rogue elements or bad actors is a huge threat the state and non-state actors face today.
The scale of threat and how prepared are we?
According to Gartner, 45 per cent of organizations will have experienced attacks on their software supply chains by 2025, up threefold from 2021. In addition to inter-state conflicts, a growing number of miscreants are holding large companies ransom through systemic attacks. The Cyber Security Hub estimates that two-thirds of companies are spending more on cyber security in 2022 than last year – this trend is likely to carry on. In 2o21, cyber-attacks were estimated to cost a whopping $6 trillion to businesses.
But how prepared are organizations to thwart the threat? A report by KPMG shows that the CEOs in 77 per cent of the organizations view information security as a strategic function and a potential competitive advantage. And three out of four Chief Executives resort to protecting their partner ecosystem and supply chain since they are as important as building their own organization’s cyber defences.
Public-private synergy to combat cyber threat
In India, the Government has set up the cyber security division under the Ministry of Electronics & Information Technology (MeiTY). It constantly evaluates the threats and corresponding regulatory framework to mitigate cyber security risks. The role of policymakers is crucial as they can help the industry in catalyzing innovation and bringing new solutions to the market at a faster pace and with enhanced agility.
A number of government and industry players have built capabilities based on Artificial Intelligence (AI) and Machine Learning (ML) to fight cyber threats on an urgent basis. These tools rely on large volumes of digital transaction data to detect and prevent fraudulent transactions. The algorithms are used to track and analyze large transactions, detect suspicious activity in user accounts, and send alerts. In order to identify good users versus bad actors, behaviour analytics and passive biometrics are crucial, such as holding the phone in a particular way, typing speed, device characteristics, etc. The use of AI & ML helps identify potential threats and new variants of malware by analyzing data from millions of cyber incidents.
Tech can be the ally to tackle emerging cyber crises
Digital Twins, the Metaverse, and other advanced technologies pose new security challenges to organizations and individuals. When avatars impersonate other people and trick users into giving away personal information, this new digital interface poses unforeseen security risks. There can be unanticipated risks from ‘deep fakes’ which can cause viewers to question whether someone or something they see is real or fake. Besides, there can be holographic-type phishing attacks and fraud scams as the Metaverse develops. To validate the legitimacy of identities and controls, AI solutions will be needed. The naked eye or human intuition isn’t enough to tackle complex security problems.
New cyber security threats can also emanate from open source code and tools which are now gaining traction among businesses of all stripes. To stave off risks, improved validation methods are needed to verify that contributors in the open-source community are really who they say they are. As open-source platforms and tools become more popular, blockchain ledgers can validate contributor integrity and help increase public trust.
Winning the war on cyber threat- difficult but doable
Due to the rapidly changing security landscape, organizations must now adopt a proactive and advanced cyber security posture in response to the changing security landscape. To achieve this, organizations must adopt capabilities that focus on risks that matter and integrate customers into a resilience management framework that emphasizes next-generation technologies and processes. Cyber talent shortages and evolving sophistication of cyber-attacks make achieving an advanced security posture a difficult task, but it is achievable when partnerships are properly leveraged.
The article has been written by Jayajit Dash