CM – Cybersecurity risk mitigation roadmap 2022 for CISO and CIO as business drivers

0

2021 and the previous year were marked by cybersecurity breaches and data leaks, albeit with greater intensity and frequency. From corporate data leaks to critical personal information of Indian citizens, the scenario was further exacerbated as more and more companies activated their online operating mode.

By June 2021, the Indian Computer Emergency Response Team (CERT-In) had already had over 600,000 cybersecurity incidents in India observed, of which approximately 12,000 incidents were related to government organizations. According to Sophos’ The State of Ransomware 2021 report, 82% of Indian companies suffered a ransomware attack in 2020. Terrifyingly, the cost of recovery from the effects of a ransomware attack in India tripled in 12 months from $ 1.1 million in 2020 to $ 3.38 million in 2021. The report shows that India is one of the hardest hit countries hit by ransomware attacks.

Unfortunately, cybersecurity threats will be no different in 2022, with frequent data breaches that continue to affect business operations, coupled with the advent of the Omicron variant of the Coronavirus. With that in mind, there are some key strategic steps the CIO and CISO communities in India should consider to address security blockades over the next year.

Let’s start by understanding the expected implications of key government regulations likely to be on India Inc. next year. India’s new national cybersecurity strategy, expected to be released in the first half of 2022, will set out a basic cybersecurity framework that every company must implement.

In the past, prominent emerging companies in India have been victims of cyber hacking and have the Data of their users disclosed. Ironically, even though the government has issued warnings and notices about the incidents of data breaches, there is still no law protecting consumer data and privacy. The Personal Data Protection Act, which was introduced to Parliament in December 2019, was approved by the Joint Parliamentary Committee (JPC). The draft law is due to be submitted to parliament soon. In its implementation, every industrial organization that collects customer data must comply with the provisions of the law, in particular on the misuse of data and the examination of the data security infrastructure. Additional guidelines such as guidelines for cybersecurity in the energy sector created by the Central Electricity Authority are due to be issued by the Indian government in 2022. After implementation, relevant companies must ensure implementation in order to protect critical information infrastructure on a national level.

In order to take action against important cybercrime and cybersecurity formats in 2022, the CIO and CISO must face the challenges and ensure that cybersecurity systems can prevent attacks, before they become serious incidents.

Ransomware attacks will continue to target both businesses and home users of the Internet. CIOs or CISOs cannot make the mistake of treating ransomware attacks like any other cyber attack. To prevent a ransomware attack from encrypting data, a CISO must use AI / ML-based anomaly detection and malware scanning techniques. Multi-factor authentication and AI-based authentication tools will be the order of the day in 2022. Cloud Access Security Broker (CASB) is a great defense against ransomware for companies that use cloud services to store data.

More and more companies will adopt a zero trust architecture for their cybersecurity requirements in 2022. Organizations will adopt features based on the “never trust, always verify” principle, which means treating every user, device, application, workload and data flow as untrustworthy. They must be validated before access to a company resource is granted, even for a legitimate operation like encryption. Increased automation of corporate data can eliminate points of risk and better support a zero trust strategy.

As companies become aware of the need for data protection, their executives will likely increase the adoption of encryption. which will find its way into the basic cybersecurity architecture of companies in 2022. This will have an impact and we can expect newer and updated applications with data encryption solutions for business to arrive in the coming year. Blockchain technology, one of the most disruptive technologies in decades, will be at the center of the shift from a centralized server-based Internet system to transparent cryptographic networks.

AI has matured from an experimental subject to mainstream technology. As a result, in 2022, artificial intelligence (AI) -based tools for creating robust cybersecurity logs will become more accessible within an organization. In addition, we expect the new range of technology tools to be more cost-effective and yet more effective than ever before.

Last but not least, 2022 will be a mixture of remote work and physical presence on site, which will help the cybersecurity trends adapted in 2021 Security decisions will be continued. This is more pronounced in modern bring your own device (BYOD) arrangements with many asymmetrical devices and networks. Tech executives must ensure the configuration of endpoint management so that infosec teams can prevent access to company data from anywhere (internal or external). In addition, newer techniques such as digital distancing will find their way to better cybersecurity in the hybrid working model.

Technology leaders should pay close attention to the upcoming trends and challenges in the cybersecurity landscape in order not only to survive, but also to be successful in the future . 2022 is expected to usher in another wave of complexities in the security sector. India-based companies need to be prepared to develop their business to stay one step ahead of new risks. Industry needs to build new adaptability and flexibility into its security processes in order to improve its general requirements for risk reduction.

Analytics Insight is an influential platform dedicated to insights, trends and opinions from the world of data-driven technologies. It monitors developments, recognitions, and achievements of artificial intelligence, big data, and analytics companies around the world.

Keywords:

Computer security,Computers and information technology,Computer security, Computers and information technology,,,,,dr-tech,tech-talks,,,,,

Donnez votre avis et abonnez-vous pour plus d’infos

[gs-fb-comments]

[comment]

[supsystic-newsletter-form id=4]

Vidéo du jour: