While remote working is the post-COVID champion encouraging new technology for smooth WFH in India, its rapid deployment has elevated cybersecurity risk by several levels. Increased cyber awareness will bring more investments in cybersecurity to achieve cyber maturity amongst Indian organisations.
Along with global rise in cybersecurity, post-COVID, India is witnessing a sharp spike in cybersecurity threats.
Read more: Securing the data pores of an organization with dynamic approaches
Recently, cybersecurity company Trend Micro blocked 40.9 billion email threats, malicious files, and malicious URLs for its customers worldwide in the first half of 2021, a 47% year-on-year increase. A good chunk of this, a total number of 1,11,028 email spam, malicious URLs and malware, were blocked in India.
According to the Trend Micro report, in India, the total ransomware threats for the first half of 2021 stands at 12.98%, the second highest in Asia after China.
In September, Tenable Inc., a cyber exposure company, published a global study that found a stark contrast between Indian organizations’ plans for a hybrid work model and the reality of securing it.
A Microsoft survey in July found that seven out of 10 consumers in India encountered tech support scams in the past year, with 31% of those who continued with scam interactions lost money in 2021, a 17-point increase from 2018.
Hybrid work models and a digital-first economy have put cybersecurity in the spotlight as a critical investment that can impact business strategies, both short and long term
However, the existing cybersecurity technology is also advancing, either in the form of innovation or in the form of raking in business. This increase indicates more cyber maturity amongst organisations and more investments in the future.
Hybrid work models and a digital-first economy have put cybersecurity in the spotlight as a critical investment that can impact business strategies, both short and long term.
The Current State of Cyber Threats
Every time we check the current situation of cyber threats, the news is bad. According to the Trend Micro report, worldwide, ransomware threat stuck out like a thumb in 2021 as cyber criminals continued to target big-name victims.
More business disruption is leading to higher threats, as the impact on the banking industry shows
Cyber criminals’ usage of Advanced Persistent Threat tools and techniques to steal and encrypt victims’ data is increasing, while they work in tandem with third parties to access targeted networks.
More business disruption is leading to higher threats, as the impact on the banking industry shows. The industry saw a 1,318% year-on-year spike in ransomware attacks in the first half of 2021, worldwide.
Of this, Trend Micro detected 4,497 online banking malware in India alone.
COVID-19, the Culprit
COVID-19 has not only brought a physical virus, but it has also caused cyber threats to go up in unprecedented areas.
Trend Micro’s report reveals that business email compromise (BEC) attacks went up by 4%, owing to new COVID-19 opportunities for threat actors. Also, 164 malicious apps related to COVID-19 scams were identified, 54% of which were impersonating TikTok.
Rapid deployment of new tech for remote work increased risk for Indian businesses
Cryptocurrency, a sector that has risen in the post-pandemic digital finance era, also witnessed cyber threats. Crypto miners became the most detected malware, having increased more than WannaCry and web shells in recent months.
Indian WFH Tech Set Up During Pandemic Caused Business Impacting Cyberattacks
The Tenable study revealed that 71% of organisations in India attribute recent business-impacting cyberattacks to vulnerabilities in technology put in place in response to the pandemic.
While remote working is the post-COVID champion encouraging new technology for smooth WFH, it has elevated cybersecurity risk by several levels.
80% organisations are planning WFH for employees at least once a week in the next 12-24 months, while 63% are looking at a permanent move to remote work in the next two years. However, 53% of security and business leaders are worried that they are only somewhat or not prepared at all to secure their workforce strategy.
While remote working is the post-COVID champion encouraging new technology for smooth WFH, it has elevated cybersecurity risk by several levels
Employee awareness to secure home networks and personal devices (53%) and visibility into employee security practices (56%) remain a challenge in remote working. Insufficient staff is an added issue.
The study also found that rapid deployment of new tech for remote work increased risk for Indian businesses. In the past year, of the 88% Indian organisations that experienced a business-impacting cyberattack, 56% attacks targeted remote workers.
Cyber Progress: Innovation & Business
Despite all the bad news, progress in cybersecurity goes hand in hand. The existing cybersecurity technology is advancing, either in the form of innovation or in the form of raking in business.
Trend Micro launched its first Cloud One data centre in India and also unveiled the WeDiscover Partner Program across AMEA to accelerate new business opportunities.
In September, AppViewX, a company in secure machine identity management and application delivery automation, launched its next-gen Machine Identity Automation Platform™ as a service to simplify Public Key Infrastructure (PKI).
Strobes, a risk-centered vulnerability management platform raised funds from SucSEED Indovation, while IDfy raised INR 86 crore from TransUnion and Blume Ventures.
Expect Robust Cyber Investments
Efforts to increase cyber awareness are on the rise, which leads to organisations thriving to attain cyber maturity.
This month, the FIDO Alliance, an open industry association focused on providing open and free authentication standards to help reduce the world’s reliance on passwords, announced the launch of its Online Authentication Barometer to track the uptake of secure authentication technologies among the general public, providing baseline insights into the state of online authentication in 10 countries across the globe.
Biometrics are gaining traction in security perception and usage
Reiterating that consumers need to be educated on the risks and implications of poor account security and the solutions available, their key findings revealed that 56% of people used passwords to log into financial services accounts in the last 60 days.
19% people believe that taking action to strengthen a password is the best way to secure their account. FIDO says that belief is wrong.
However, biometrics are gaining traction in security perception and usage. 32% of people think it is the most secure authentication method, and it is the preferred method for 28%.
Additionally, FIDO also launched its Certified Professional Program designed to formally recognise the knowledge of online security and authentication professionals, the program aims to grow the number of experts available to support businesses implementing stronger FIDO authentication solutions.
WFH Puts Cybersecurity in the Spotlight
Remote work is not going away, and it will take time for the world to be COVID-free. Thus, organisations must be prepared to secure their new reality, as experts have been saying.
It’s more important than ever for business and security leaders to lock arms and weave cybersecurity into the fabric of their organisations’ digital infrastructure. Organisations must rethink their approach to understanding and managing cyber risk in the new world of work
As Kartik Shahani, country manager at Tenable India said, “It’s more important than ever for business and security leaders to lock arms and weave cybersecurity into the fabric of their organisations’ digital infrastructure. Organisations must rethink their approach to understanding and managing cyber risk in the new world of work.”
As hybrid work models and a digital-first economy put cybersecurity in the spotlight, demand for cybersecurity solutions will increase. As a result of this demand, Indian cybersecurity investments in vulnerability management, cloud infrastructure and platforms, and identity access management will likely see a spike as security leaders take stock.