Predicting cyber breaches – the future of cyber risk management in India 2022
George Bernard Shaw, a famous writer and critic, once observed, “Progress is impossible without change, and people who cannot alter their views cannot change anything.” The phrase is especially relevant in the current state of cybersecurity when progress against attacks has been sluggish.
Samsung reported an assault by the Lapsus$ ransomware, which has also affected Microsoft, Okta, and Nvidia, on March 7th, 2022. The gang claimed to have gained access to roughly 200GB of data, including Samsung’s source code for encryption and biometric unlocking mechanisms on Galaxy smartphones.
The expansion and interconnection of devices and platforms, as well as their use in our everyday lives, has completely transformed how technology is employed – from back-office automation to a business enabler.
Technology has disrupted traditional businesses: AirBnB has disrupted the hotel sector, Uber has disrupted the transportation industry, and Tesla has disrupted the vehicle industry. This isn’t to argue that progress was not being achieved prior to the arrival of these firms.
Instead, it demonstrates our growing reliance on ‘cyber’ for advancement. However, as a result of this, the quantity and sophistication of cyber attacks we confront have increased as well. When implementing new technology, it’s critical to consider cybersecurity from the start rather than as an afterthought.
The timeline up until this point
According to the World Economic Forum’s Global Outlook Report 2022, the average cost of a security breach to a company is US$3.6 million per event.
This means that a breach affects the company’s trust, which has a direct impact on the top and bottom lines. Aside from financial losses, the reputational ramifications for brands and organizations following an incident may be severe – a clear example of fundamentals influencing opinion.
According to Gartner, the number of boards that consider cybersecurity a business risk has climbed from 58 per cent to 88 per cent in the last five years, and cybersecurity investment rose correspondingly to a record high of $152 billion dollars in 2021. Despite these advances, cybercrime is expected to cause $6 trillion in worldwide losses in 2021!
So, what’s the last piece of the puzzle to fall into place?
Companies are dealing with more data than ever before in today’s digital-first world – the World Bank estimates that annual total internet traffic will reach 4.8 zettabytes by 2022 – or, as the World Economic Forum puts it if you stored 4.8 zettabytes on DVDs, your stack of DVDs would be long enough to circle the Earth six times! Another reason to consider a ‘two-steps-ahead’ approach to cybersecurity is this significant 50 per cent rise from 2020.
Traditional cybersecurity solutions are no longer sufficient for businesses. The time has come for a systematic shift in how we think about cybersecurity, moving away from a reactive, compartmentalized, and out-of-context strategy to one that is integrated, proactive, and speaks the language of business.
How are we going to do this?
A prediction is a powerful tool.
In many areas, such as healthcare, financial services, marketing, technology, and entertainment, the use of machine learning and data science to improve and enhance user experience has become common practice. Netflix, for example, uses data science to forecast what you’re likely to watch next based on your prior choices and content viewing history.
What if we used similar techniques, underpinned by suitable data science methods, to make cybersecurity proactive and predictive?
Take care of it before it breaks.
According to a Harvard Business Review study, 52 per cent of CEOs say automation is critical to their security operations. Companies and corporations must use artificial intelligence (AI), machine learning (ML), and automation across all processes to achieve their economic potential fully, and cybersecurity is no exception. According to IBM, employing AI and automation in cybersecurity offered the most significant cost savings, with the cost of a data breach being 80 per cent greater in firms that did not use AI and automation.
Businesses must abandon old fragmented and reactive cybersecurity strategies in favour of a more proactive, predictive, and integrated approach that considers the business context.
Cybersecurity must be conveyed in a language that every stakeholder understands — financial value at risk.
Leaders in security and risk management don’t need more dashboards; they need decisions, and by using Cyber Risk Quantification systems based on sound data science concepts, business leaders can finally eliminate the guesswork from cybersecurity.
There are five advantages of using infrastructure as code to improve cybersecurity measures.
Bad actors now have new attack paths because of the fast adoption of cloud-native technologies and the speed with which they are delivered. Infrastructure-related vulnerabilities, like as policy violations and cloud resource misconfigurations, are often found after cloud-native apps are launched, according to CISOs.
These flaws should be addressed as early as possible in the cloud-native application development lifecycle. Enterprises, on the other hand, are unable to do so since 82 per cent of CISOs in India admit to having duplicate security tools and technologies in their organizations.
With 73 per cent of Indian companies prioritizing automated technologies that handle security problems during code development, it’s time to examine why Infrastructure-as-Code (IaC) is so important for detecting errors before they reach runtime.
The importance of IaC in boosting cybersecurity
IaC is an IT methodology that codifies and controls the infrastructure that supports it. It’s a strategic strategy for DevOps teams who don’t want to deal with the headaches of manual provisioning.
IT infrastructure management is a time-consuming procedure that necessitates IT personnel physically installing servers, configuring them, and then deploying the application. This frequently leads to inconsistencies, slows agility, and is also costly.
IaC automates particular procedures utilizing software tools and a version control system to eliminate this time-consuming process. This indicates that IT infrastructure may be written and defined in code and that this code can be used to modify the infrastructure. IaC provides the speed and scalability needed to quickly and seamlessly satisfy the demands of consumers. However, there is a deeper issue at hand. DevOps teams are constantly releasing new products and services at a rate that is exceeding security.
As a result, CISOs must adopt security solutions that allow DevOps teams to maintain production while implementing security principles at the time of code authoring – a left shift approach.
Using IaC to achieve security goals
- Speed: CISOs are charged with the monumental task of safeguarding the company while also promoting growth. IaC aids CISOs in accomplishing both of these objectives since automated IaC technologies that spot vulnerabilities and misconfigurations during software development increase efficiency. Quick turnarounds are possible as a result, allowing enterprises to satisfy client expectations. IaC security speeds up the whole software development lifecycle while decreasing security concerns, as opposed to manual provisioning, which increases the probability of misconfigurations owing to human error.
- Scalability: Businesses that cannot grow fast and efficiently will be left behind in the digital era. This is also true in terms of security. Security practices must change at the same rate as firms grow and use new technologies to scale. The CISO is in charge of analyzing and combining the most proper security tools for a business. IaC technologies will boost scalability since DevOps teams will be able to swiftly roll out new apps while maintaining security throughout the process.
- Consistency: CISOs are in charge of ensuring that security policies are up to date, which is a time-consuming task. Because every infrastructure is described as code, IaC removes the documentation process. The act of incorporating security into the infrastructure decreases mistakes that are frequently caused by human error. It lessens the danger of cyberattacks caused by manual provisioning by minimizing the chance for configuration drift.
- Accountability: IaC allows CISOs to keep track of any modifications made to any source code file. This eliminates the need for CISOs to assume who made a modification and when they did it throughout the software development lifecycle.
- Reduced costs: Infrastructure as a Service (IaC) dramatically lowers the cost of infrastructure management. Businesses can save money on hardware and equipment as well as the costs of paying people to run it and developing or renting physical space to keep it. It also cuts down on “recovery expenditures” after a data breach or other cyberattack.
Security teams in India are continually confronted with understanding and efficiently managing risk and security for cloud environments at DevOps speeds, which is one of the most significant challenges they face today—integrating security into the DevOps process and employing IaC procedures to analyze and avoid problems before deployment will protect cloud operations at speed and scale, ushering in a new era of security and risk management.
Another reminder is that India must increase its investment in the fight against cyber threats.
In recent months, alleged state-sponsored Chinese hackers have targeted India’s electrical infrastructure, according to Recorded Future Inc., a threat intelligence business. It appears to be an instance of cyber espionage, according to the industry.
During the epidemic, the digitalization of commercial and social activities has accelerated. It not only creates new possibilities, but it also creates new risks. One of the risks that have been developing infrequently is the crippling of infrastructure or the theft of information from remote sites.
The Indian Computer Emergency Response Team (CERT-In) keeps track of and monitors cyber security occurrences in India. In 2021, 14.02 lakh cyber security events were documented, according to CERT-In. 2.12 lakh cyber security incidents were documented in the first two months of 2022.
CERT-In also contributes to the response by releasing alerts and keeping track of dangers that have developed in other countries. A recognized institute, such as the National Power Training Institute, provides training to power infrastructure corporations to protect their assets from cyber-attacks. This method of assault is becoming more popular throughout the world, as it is used by both state-sponsored organizations and criminal gangs.
Justice is also more difficult to implement because many attacks occur outside of national borders. There is a compelling need for both governments and commercial organizations to devote more money and attention to building cyber security protections. Because digitalization is connected with increasing networks, cyber-attacks may sometimes be more deadly than traditional types.
edited and proofread by nikita sharma