Critical infrastructure will continue to face significant security challenges next year, including everything from energy and financial services to education and healthcare, according to a new report.
The pandemic has shown that cybercriminals are willing to exploit the crisis to attack critical infrastructures like healthcare and the vaccine supply chain.
According to researchers from Barracuda Networks, a cloud-enabled security solutions provider, it will be necessary for hospitals and healthcare organisations to understand the three steps of ransomware protection: avoiding credential leaks, securing access to their applications and infrastructure, and backing up their data.
According to James Forbes-May, Vice President, Barracuda Networks APAC, with security now starting to be prioritised, the reporting structure will depend on the organisation’s maturity and the leadership they have in place, such as if there is a CISO involved.
“Organisations will need to proactively shift to putting the measures and stopping those attacks from ever happening or stopping it earlier in the attack chain, so there’s less damage,” said Forbes-May.
There have been numerous reports about how ransomware attacks that hit hospitals affect patient treatment and even lead to deaths.
“Attacks on critical infrastructure have the most direct impact on people’s lives, so security will be a challenge as cybercriminals continue to focus on these vulnerable areas,” the researchers noted.
In 2022, privacy will dominate the security conversation because data can no longer be leveraged without accountability.
Almost 75 per cent of countries have some type of privacy regulation.
“Companies are adopting many SaaS technologies, downloading apps and software, but they should be aware of the privacy implications of all of the technologies that are being used,” the report noted.
In 2022, companies will be making decisions about which products to use, based on whether or not the data compliance is sufficient for their customers.
Ransomware would continue to dominate the news for being the most lucrative way of making money for the bad guys.
These attacks range from extortion on valuable data to penetrating the software supply chain. It has gone beyond disrupting business operations and goes as far as revealing information to discredit a corporation and destroy the trust chain.
“Figuring out how to slow that down by encouraging collaboration between governments and developing alliances with vendors will be critical in the year ahead,” the researchers said.
IT security executives would need to develop the ability to understand forensics and incident response.
Right now, most enterprises are investing in tools to protect multiple attack surfaces.
“It will be essential to capture the signals from each tool and correlate the data for actionable insights.A From prevention, detection to response, it will require forensics and security analytics skills to defend against todaya¿s cyberattacks,” said the report.