In the recent years, information and communication technology has been at the core of operational efficiency and success across enterprises around the world. However, as organisations are becoming open to the adoption of mobility, cloud and IoT, they are putting their networks and company information data under serious security threat.
In India, too, as we move towards fulfilling the country’s digital dream, the instances of cybersecurity threats are not uncommon. The SophosLabs geo-malware report states that with a threat exposure rate of 16.9 per cent, India is one of the countries that are most vulnerable to malware attacks.
In October 2016, the country witnessed the biggest ever breach of financial data security, as over 3 million debit cards were under cyber risk. Of these, around 2.6 million cards were on the Visa and MasterCard platform. The State Bank of India was worst hit and had to block and re-issue around 600,000 debit cards to customers.
As per industry estimates, India repor-ted a total of 50,362 incidents of cybersecurity threats during 2016, up from 49,455 in 2015. The various types of cybersecurity threats include phishing, scanning/ probing, website intrusions and defacements, virus/malicious code and denial-of-service (DoS) attacks.
The cybersecurity breaches are expected to further go up as the country embarks on a digital transformation journey. While the government’s demonetisation move has encouraged people to switch to mobile wallets, it has also increased the scope of cyber crime.
The growing threat of potential cybersecurity breaches has resulted in a major transformation of the global as well as the Indian cybersecurity market. The adoption of traditional security solutions has increased as even smaller enterprises are now keen on securing their networks. Meanwhile, large enterprises have moved a step ahead and are exploring new and advanced solutions, and new security models such as managed services and automation. Key security initiatives across the majority of organisations include security operations, incident response network and data centre security, identity governance and administration, mobile and cloud security governance, advanced threat defence, application security, security policy, programme development and governance, and risk and compliance.
The growth of the Indian cybersecurity market is partly driven by the government, which has undertaken several initiatives to strengthen the country’s cyber defences. Under the Digital India initiative, the National Critical Information Infrastructure Protection Center recently released 40 tenets to improve cybersecurity in organisations essential to the economy, health and defence of India. Besides, there already exist several regulations laid down by the Reserve Bank of India, the Securities and Exchange Board of India, and the Institute for Development and Research in Banking Technology for ensuring data security. In December 2016, NASSCOM and the Data Security Council of India launched a detailed roadmap for the Indian cybersecurity industry. NASSCOM expects the Indian cybersecurity product and services industry to reach a size of $35 billion by 2025, and build a strong skilled workforce in the security sector.
A look at the key emerging trends in the cybersecurity space…
Key trends
Ransomware attacks become common
In the past one year, the instances of ransomware attacks have grown significantly. In these attacks, enterprises’ key data or sensitive information is illegally encrypted through cryptovirology and then a ransom to decrypt it is demanded. It blocks users’ access to information until they pay a certain sum of money.
In 2016, India was ranked fourth globally among the countries most affected by ransomware and unfortunately, experts believe that it is just the beginning. They expect ransomware attacks to take more variations and strength in 2017. According to Trend Micro’s projections, there will be a 25 per cent growth in the number of ransomware families globally in 2017. Cybercriminals are likely to use automation to further strengthen such attacks.
To prevent such attacks, enterprises must focus on end-user awareness and training. They also need maintain adequate data-backup, so that information can be restored in an event of a ransomware attack.
Detection and response emerging as security priority for enterprises
In recent years, enterprises have been increasingly investing in the strengthening of detection and response mechanisms. As per estimates, the industry has significantly reduced the average number of days taken to detect breaches from over 220 days to around 150 days. The extensive use of big data analytics will further reduce this duration in the coming years.
The enterprises are moving away from prevention-only approaches. As per a recent report by Gartner, investments in enhancing detection and response capabilities are expected to be a key priority for security solutions buyers through 2020.
The report also states that the need to better detect and respond to security incidents has created new security product segments, such as deception, endpoint detection and response, software-defined segmentation, cloud access security brokers, and user and entity behavior analytics.
Cyberattacks to grow more complex
Cybercriminals are now exploring new ways to evade detection. Phishing and social engineering are emerging as dominant attack methods. In future, attackers are also expected to rely on artificial intelligence within server environments to figure out the best mode of attack. Custom-designed malware and cross platform malware designed to operate on and between multiple devices will become common. Drone jacking is also expected to become prevalent.
In response to the growing complexity of cyberattacks, preventive security controls such as firewalls, application security and intrusion prevention systems are now being tweaked to add more intelligence to security operations, analytics and reporting platforms.
IoT to make networks threat prone
While IoT promises to revolutionise the way enterprises operate, it also poses a great threat to data security given the myriad connected devices involved in the ecosystem. Gartner predicts that by 2020, over a quarter of identified attacks on enterprises will involve IoT. Industry reports suggest that a large number of IoT devices still lack basic security features. As a result, distributed DoS (DDoS) attacks have risen from the 400 Gbps bandwidth to more than 1 Tbps.
In fact, 2016 saw a large scale DDoS attack using insecure IoT devices. This year new attacks related to IoT are expected to spring up. Further, the intersection of artificial intelligence and voice-enabled systems through apps such as Cortana, Google Now and Siri will increase the scope for potential cyberattacks. Meanwhile, industry experts are predicting the rise of shadownets, also referred to as IoT botnets, which cannot be seen or measured using conventional tools.
Enterprises turn to managed security solutions
Most of the enterprises today lack the experience and skills required to develop a security policy, protect critical assets and identify or respond to growing and complex cyberattacks. Most of the companies still rely on traditional security tools, such as a firewall and intrusion prevention system devices, which are not as effective in securing highly dynamic and widely distributed networks currently being used by the companies. As a result, enterprises are turning to security consulting services and managed security services providers for turnkey solutions. They have also started transferring the bulk of infrastructure to the cloud where they can simply add security services through software upgradation.
Focus on automation
Due to a shortage of skilled cybersecurity professionals, enterprises are also focusing on automation as a solution. Automation will ease the task of security personnels as they will receive fewer and more relevant notifications. This will save them the task of manually looking through several hundreds of alerts to find the serious and malicious ones.
Rising costs and growing security budgets
Collaborating with managed security service providers and integrating automation solutions in the systems, will increase the cost burden of enterprises. In the next few years, large enterprises are expected to increase their security budgets to seek external help from security consultants, managed security service providers and outsourcers. Meanwhile, the small and medium enterprises will include security spending as a part of their technology budget.
Outlook
Given the growing digitisation and smartphone penetration, it has become crucial for India to build a robust cybersecurity ecosystem in the country. Several large organisations have already started adopting advanced cybersecurity operations and incident response systems, while many other are undertaking detection and response approaches. Going forward, data security will be a key priority for chief information officers across organisations as the frequency and intensity of cyberattacks is expected to grow manyfold.
Akanksha Mahajan Marwah
