The Wipro State of Cybersecurity Report 2020, the fourth edition of the annual report, was released recently. It offers insights about the emergence of new cyberthreats and security concerns that organizations faced in the last one year. The ripple effects of COVID-19, global trade wars, the social and economic crises, and increasingly stringent data privacy regulations were felt in the cybersecurity arena as well. This article discusses some of the key findings of the report and the reasons why security leaders are adopting zero trust security to keep their organizations secure in these challenging times.
The report has found that only 23% organizations feel highly confident about preventing cyberattacks and a mere 18% are highly confident about their ability to detect and respond to them. The risks that keep most CIOs and CISOs up at night are email phishing (86%), lack of awareness among employees (57%), and third-party risks (54%). Given these risks and the key digital trends observed in 2020, it is not surprising that adoption of zero trust architecture features in the top 3 investment priorities of security leaders. The other two priorities are security automation and cloud security.
Key Cybersecurity Trends in 2020: Wipro State of Cybersecurity Report
The banking, financial services, and insurance (BFSI) sector remained a prime target for social engineering attacks. The abundance of data in this sector and tempting rewards that come from compromising it make the BFSI sector a lucrative target. The report found that 41% of data sold on the black market this sector had come from this sector.
Phishing attacks plagued the manufacturing sector as malicious actors attempted to cause monetary and reputational damage. The sector finds itself frequently under attack because of the strong brands that it has, the value that it provides to economies and the intellectual property (IP) that the players own. 34% of threats from suspicious email targeted manufacturers.
Priorities of Security Leaders
Technology challenges spiked in 2020 as the COVID-19 pandemic led to an upheaval in how people work and where they work from. Among the most concerning cyber threats that organizations faced were threats related to remote access, ransomware, endpoint cyber hygiene, cloud security, and COVID-related phishing.
Faced with these challenges, security leaders prioritized secure remote access and collaboration enablement, increased device security, multifactor authentication, and zero trust architecture implementation.
Wipro SOCR 2020’s Predictions about the Future of Cybers Threats
Noteworthy in the SOCR are predictions regarding an increase in attacks on operational technology (OT) and on the private sector. State-sponsored cyberattacks are expected to continue badgering national and critical infrastructure. The report predicts that utilities, telecom, power, healthcare, and other emergency services will bear the brunt of this new frontier of international tensions.
Similarly, the battlefield of global trade wars might extend beyond policies and tariffs, and cause direct damage to the private sector. Nation-states involved in trade wars are expected to launch punitive cyberattacks through their proxies on private businesses.
Cybersecurity 2021 and beyond
The pandemic outbreak has radically shifted the traditional cybersecurity approach that organizations previously adopted. Cloud adoption accelerated and digital transformation initiatives scaled up. Rising geopolitical tensions have given business leaders more cause for worry. This has led to a more pressing need for a cybersecurity architecture that can ensure business resilience even during similarly disruptive events.
87% of the respondents in the Wipro SOCR 2020 are keen on implementing zero trust architecture in the aftermath of the COVID-19 pandemic. With zero trust, an organization can manage threats better and secure its assets, irrespective of whether data or devices are within its perimeter or outside it.
Why Organizations Are Adopting Zero Trust Security
Traditional security solutions monitor external traffic and trust every activity within the network by default. This leaves the organization vulnerable to internal security risks and advanced persistent threats (APTs), which can exfiltrate data and inflict major damage.
By adopting zero trust security, organizations are eliminating these loopholes. The zero trust approach works with the assumption that a threat actor might already be present. Micro-segmentation divides the network into granular segments which are isolated and can be easily monitored and controlled. In this framework, every network communication needs to be evaluated and authorized, effectively countering APTs and internal threats.
ColorTokens offers a zero trust security platform that secures critical assets, endpoints, and workloads from both internal and external threats. The cloud-delivered and software-defined ColorTokens Xtended ZeroTrustTM Platform is easy to deploy and makes cloud adoption more secure. To know more, click here.
Get access to your copy of the Wipro State of Cybersecurity Report 2020 here.