Based on findings from its 2021 Cyber Resilient Organization Study, IBM security experts share some best practices and 5 key predictions for 2022.
How much did you pay threat actors in a ransomware attack? Which investments most significantly improved cyber resiliency for your organization? Do you have a cybersecurity incident response plan that’s applied consistently across your enterprise?
The answers to these and other key questions produced several notable findings in the latest 2021 Cyber Resilient Organization Study. This study is based on an annual global survey of more than 3,600 IT and security professionals in over 15 industries, and was published by IBM Security with independent research by the Ponemon Institute.
The results indicated that while incremental cybersecurity investments are only stalling ever-evolving attackers, your organization can incrementally add some best practices to strengthen its cyber resiliency.
Best practices to improve cyber resiliency
Here are IBM’s top recommendations to help your organization become more cyber resilient. The findings from respondents in the study explain why they’re worth your consideration.
- Create incident response plans — and test them: Regular updating and review of incident response plans was a reason why cyber resiliency improved for 47% of high performers. Improve incident response preparedness by developing both enterprise-wide CSIRPs and threat-specific incident response plans. Practice them regularly.
- Protect your critical databases: Leakage of high-value information assets was a measure of severity for 52% of respondents. A comprehensive data security strategy can help organizations reduce data risk and respond to threats.
- Keep systems running with advanced protection from cyberthreats: Data center downtime was a measure of severity for 47% of respondents. Proactively manage threats and avoid system downtime with a zero trust approach.
- Speed up analysis with AI and threat intelligence so that you can give time back to analysts: Diminished productivity of employees was a measure of severity for 47% of respondents. XDR solutions can provide more advanced analytics and automated workflows that give teams time back to investigate and hunt for threats.
- Break down silos and increase visibility: Inability to reduce silos (87%) and lack of visibility into applications and data assets (74%) were the top two impediments to improving high performers’ cyber resiliency. An open platform that fosters integrations between technology can help unite disjointed processes and data and provide broad visibility.
- Implement a patch management strategy: Delay in patching vulnerabilities (59%) was a reason cited by average respondents as to why their organization’s cyber resilience didn’t improve. A vulnerability management program can help cybersecurity teams proactively identify, prioritize and remediate the vulnerabilities that threaten to expose critical assets.
5 predictions for cybersecurity in 2022
As we head on to a new year, IBM also recently issued its predictions for the future of cybersecurity in 2022 from IBM X-Force and security experts:
- At the start of 2022, many businesses will be breached
As organizations worldwide slow down for the holidays and find themselves in work environment transitions, distractions will create opportunities for cybercriminals to infiltrate networks without raising suspicions. As a result, well into 2022, IBM sees breach disclosures and cyberattacks, with initial compromise tracking back to early in the year.
- One business’s ransomware attack will become another business’s extortion
Ransomware attacks will become more relentless in their quest to scale up revenue and do so fast. In 2022 there may likely be more and more triple extortion ransomware, whereby a ransomware attack experienced by one business becomes an extortion threat for its business partner. Ransomware attackers won’t stop extorting the victim organization for ransom; they will extort its business partners whose data it holds or business partners who cannot afford the supply chain disruption.
- Supply chain attacks will become a top boardroom concern
In 2021 the world felt the brunt of supply chain bottlenecks due to COVID-19 restrictions. Recognizing this, cybercriminals will seek to capitalize on people’s heavy reliance on supply chains — both on a consumer and enterprise level. Supply chains have many blind spots or cracks that attackers can take advantage of. Ransomware attacks will be a threat not only to companies as individual entities but to their supply chains as a whole, making these types of attacks a top concern for the Board.
- Blockchain will become a cybercrime hideout
With enterprises and consumers increasingly relying on blockchain for their supply chain management and digital transactions, attackers too turn to its legitimate use to stay under the radar for longer. In 2022, blockchain will become a more common “tool” used by cybercriminals to obfuscate their malicious traffic, avoid detection and extend attackers’ stealth. This will make it increasingly harder for defenders to discern malicious activity on the network.
- Zero tolerance for trust will redefine the state of security
More and more businesses realize that they must establish zero tolerance for trust in their security strategy to build customer trust. In 2022 government and private industry will scrutinize their trusted relationships more, and re-evaluate the “who, what, why” regarding access to their data. Not only will there be more ‘auditing’ of user access, but application access to data as well.