Cybercriminals taking advantage of geopolitical tensions likely to escalate: Akshat Jain, Cyware

Companies of the current times have realized the benefits of digital transformation. The ongoing pandemic has further accelerated the digital journey of all enterprises. That said, this accelerated digital transformation has also led to various issues out of which securing companies from cyber attacks in one. With the advent of new age technologies, cyber criminals have also become sophisticated. In regard to the same, Akshat Jain, CTO and co-founder, Cyware recently spoke to Dataquest about how the cybersecurity landscape has transformed two years into the pandemic.

DQ: How has the cybersecurity landscape evolved in the past two years, post-pandemic?

Akshat Jain: The cybersecurity landscape has been rocked by many large data breaches, ransomware attacks, supply-chain hacks, and other evolving threats over the past two years. Organizations across the spectrum, ranging from multinational corporations to small and medium-sized enterprises, as well as governments, have faced the wrath of growing cyber threats. Costs incurred due to cyber incidents continue to grow every year, whereas the number and scale of breaches also escalate. Cybersecurity has become a key concern affecting the bottom line for all organizations. All of these changes point toward the need for greater investments into cybersecurity and fostering collaboration in security operations among various stakeholders. 

DQ: Various studies indicate that there have been a rise in cyber-attacks over the past two years. What is the reason for this?

Akshat Jain: The pandemic forced organizations across the world to digitize crucial services and business processes at an unprecedented speed. With this, came new challenges and risks in securing the distributed technology infrastructure that organizations began adopting to thrive in the hybrid work environment. Organizations were also forced to run their cybersecurity operations in a decentralized manner as security professionals continued to serve in their roles remotely. On the other hand, this digital transformation brought new attack vectors that opened the door to disruptive cyber intrusions. All of these factors together have put more pressure on security teams to keep up with the barrage of threats.

DQ: How have enterprises dealt with the issue of security considering the fact that a large number of employees have been working from home?

Akshat Jain: In order to overcome the aforementioned issues, organizations are taking important steps to transform their security operations. Today, a growing number of organizations are establishing dedicated teams to leverage cyber threat intelligence. Insights gained from threat intel can help organizations take a proactive stance against all potential threats. Moreover, by operationalizing threat intel through last-mile connectivity in terms of intel sharing and actioning capabilities, organizations can bring all stakeholders together on the same page to counter threats effectively. Another major area of change is the adoption of Virtual Cyber Fusion Centers as integrated operational units for cybersecurity. Virtual cyber fusion helps integrate threat intel, security orchestration, and automation technologies within existing security processes, while eliminating silos in security functions, for streamlined end-to-end threat management. Furthermore, the adoption of centralized security orchestration and automation (SOAR) gateways has opened the doors to smarter, faster, and fully automated security actioning and response across cloud, on-premises, and hybrid infrastructures. This has helped organizations declutter the legacy security operations center (SOC) and make the most out of the people, processes, and technologies involved in cybersecurity. 

DQ: Cybersecurity trends that we can watch out for in 2022

Akshat Jain: The proliferation of cybercrime-as-a-service operations has helped threat actors expand their footprint in cyberspace at a rapid pace. Underground marketplaces and hacking forums continue to act as the facilitators for various cybercrime activities. These illicit activities are likely to grow in 2022 as some notorious actors like ransomware groups are raking in hundreds of millions of dollars in profits for themselves and their affiliates. The growing number of vulnerability disclosures will only add to the problem as it opens more doors for attackers to exploit unpatched systems. As cybercriminals continue to update their tool sets, techniques, and targets, it is paramount for organizations to automate their security operations processes to ensure self-healing of vulnerable assets and systems to mitigate risks through real-time threat intelligence operationalization. 

Another noteworthy trend that is likely to escalate in 2022 is cybercriminals taking advantage of geopolitical tensions and other global events to craft their customized attack campaigns. This can range from fairly run-of-the-mill phishing campaigns to highly targeted espionage, denial of service, or data-wiping attacks aimed at crucial institutions, often with geopolitical motivations.