https://www.engineeringnews.co.za
Africa|Automation|Business|Container|Defence|Health|Manufacturing|SECURITY|Service|Services|supply-chain|Systems|Technology|Operations
Africa|Automation|Business|Container|Defence|Health|Manufacturing|SECURITY|Service|Services|supply-chain|Systems|Technology|Operations
africa|automation|business|container|defence|health|manufacturing|security|service|services|supply chain|systems|technology|operations

Bottom-line technology to provide business opportunities that cybercriminals will target in 2022

13th December 2021

By: Schalk Burger

Creamer Media Senior Deputy Editor

     

Font size: - +

Next year is likely to hold many possibilities for companies and cybercriminals alike, says cybersecurity company Trend Micro Cloud and Alliances.

Business development manager Willem Barnard and Trend Micro sub-Saharan Africa senior cybersecurity sales engineer Yash Pillay, therefore, advise organisations to build out and implement strategies to proactively mitigate emerging cybersecurity risks.

"As technological advances continue to affect bottom lines and leadership agendas, senior leaders are grappling with the significant challenge of prioritising a hybrid work model that is continuously being tested by cybercriminals."

The pandemic accelerated the adoption of digital technology for customer interactions, supply chain interactions and internal operations by three to four years. Cybercrime also became exponentially more sophisticated. Trend Micro blocked 47% more threats during the first half of this year than during the first half of 2020.

Malicious actors are expected to continue to use low-effort but high-impact strategies in gaining access to cloud applications and services. It is predicted that phishing emails to steal credentials, for example, will still be a method that persists.

They will also continue to compromise software-as-a-service (SaaS) applications and services, through unsecured secrets, unrotated access keys, unsecure container images obtained from untrusted sources, and immature or poorly implemented identity access control management policies, said Barnard and Pillay.

The Covid-19 pandemic highlighted the fragility of supply chains globally and, as the value of supply chains is becoming more evident, cybercriminals are becoming more sophisticated in their attacks against supply chains.

"It is predicated that malicious actors will exacerbate supply chain disruptions, causing a surge in extortion models. Targeted attacks will take advantage of new partnerships that may not have robust security strategies in place yet, and vulnerabilities caused by globalisation strategies."

To keep supply chains more robust and secure as organisations evolve their strategies, organisations should apply the zero-trust approach in their security practices. The zero-trust model helps secure the way in which organisations interact with other companies and exchange data via continuous verification throughout a connection’s lifetime.

Through this model, the health of the users, devices, applications and services that organisations interact with is constantly monitored and assessed.

BUSINESS ATTACKS
Malicious actors who want to gain access to target organisations are focusing on exposed services and service-side compromises. Hybrid work models present increased attack surfaces from less secure home-working environments and servers.

It is predicted that ransomware attacks will become more targeted and highly prominent, making it more difficult for enterprises to defend their networks and systems against these types of attacks. Ransomware operators are also expected to use more modern and sophisticated methods of extortion to infiltrate their victims’ environments.

To remain protected against evolving ransomware threats, organisations must set their sights on protecting their servers with stringent server-hardening and application control policies. Ensuring that servers are properly configured will help defend organisations against ransomware attacks and other threats.

"Cloud adopters will need to shore up their defenses if they are to weather attacks from actors intent on using tried-and-true methodologies and innovating by following new technology trends."

Ransomware attacks on data centre workloads and exposed services are also predicted to take advantage of the large number of employees continuing to work from home. In this regard, research, foresight and automation are critical for organisations to manage risk and secure their workforce, they highlight.

"Historic vulnerabilities will continue to be exploited because many environments are simply not patched up. Different iterations of previously seen attacks are expected, which means that the first line of defence must include a revisit of cloud security basics.

"If cloud environments are to be defended, these basics must be assessed, retested and reemployed. This includes understanding and applying the shared responsibility model, using a well-architected framework, encrypting, patching and bringing in the right level of expertise, among others."

IOT RISKS
Smart devices have long been tempting marks in the eyes of malicious actors banking on the fact that the limited computational capacity of most Internet of Things (IoT) devices leaves little room for built-in security. Compromised IoT devices have been used in different kinds of attacks.

"It is predicted that companies, particularly those in smart manufacturing, will be exposed to more cyberthreats as they transition to the hybrid work model and continue to use remote connection services."

For organisations whose workforces rely on IoT devices, improved network monitoring and visibility to safeguard their information technology environments against threats arising from IoT adoption are critical. Intrusion prevention and detection systems, network forensics tools, network behaviour anomaly detection tools, and network detection and response tools can help them keep close watch over the goings-on in their networks in the coming year, Barnard and Pillay said.

"The past two years have proven to be the most critical in terms of cybersecurity, as every organisation was forced to adopt and change its operating model. Many businesses expedited their digital transformation, although key missed steps in the transformation journey can leave them vulnerable and open to cyber-attacks, and must be addressed," Barnard and Pillay note.

Edited by Chanel de Bruyn
Creamer Media Senior Deputy Editor Online

Comments

Showroom

WearCheck
WearCheck

Leading condition monitoring specialists, WearCheck, help boost machinery lifespan and reduce catastrophic component failure through the scientific...

VISIT SHOWROOM 
Showroom image
Alcohol Breathalysers

Supplier & Distributor of the Widest Range of Accurate & Easy-to-Use Alcohol Breathalysers

VISIT SHOWROOM 

Latest Multimedia

sponsored by

Option 1 (equivalent of R125 a month):

Receive a weekly copy of Creamer Media's Engineering News & Mining Weekly magazine
(print copy for those in South Africa and e-magazine for those outside of South Africa)
Receive daily email newsletters
Access to full search results
Access archive of magazine back copies
Access to Projects in Progress
Access to ONE Research Report of your choice in PDF format

Option 2 (equivalent of R375 a month):

All benefits from Option 1
PLUS
Access to Creamer Media's Research Channel Africa for ALL Research Reports, in PDF format, on various industrial and mining sectors including Electricity; Water; Energy Transition; Hydrogen; Roads, Rail and Ports; Coal; Gold; Platinum; Battery Metals; etc.

Already a subscriber?

Forgotten your password?

MAGAZINE & ONLINE

SUBSCRIBE

RESEARCH CHANNEL AFRICA

SUBSCRIBE

CORPORATE PACKAGES

CLICK FOR A QUOTATION







sq:0.21 0.264s - 139pq - 2rq
Subscribe Now