Virtualization Technology News and Information
Cybersecurity Learnings to Prepare for 2020
By Raja Ukil, Global Head for Cybersecurity & Risk Services, Wipro Limited

Cyberattacks continue to be one of the largest existential threats facing businesses today. In fact, the World Economic Forum's (WEF) Global Risk Report 2019 has rated cyberattacks among the top four global risks, only behind climate change, extreme weather events and natural disasters.

As more enterprises place an unprecedented amount of attention on security, it is perhaps not surprising that cybersecurity leaders have also risen in prominence: Wipro's 2019 State of Cybersecurity Report, which is based on primary and secondary research, including surveys of security leadership in 211 global organizations across 27 countries, found that one in five Chief Information Security Officers (CISOs) are now reporting directly to the CEO. It is also perhaps no surprise then that in the USA, 44% of the organizations surveyed have said that data privacy governance also falls under the charter of the CISO.

At the same time, security budgets are also on the rise, with almost one-third of organizations surveyed having a security budget that is greater than 8% of their overall IT budget. As CISOs look ahead to 2020 and plan out their priorities, here are five cybersecurity trends identified in Wipro's report for leaders to keep top of mind.

  1. More data exposed. Although the number of significant publicly reported security breaches decreased by 25%, the number of records exposed during attacks actually increased by 164%. That means in 2018, 232 records were exposed per second. Attackers are also targeting more specific information perceived to have higher monetary value. For example, 38% of the data records breached or targeted in 2018 were either personally identifiable information or security credentials such as passwords. To stay ahead, enterprises must heighten their level of preparedness and strive to achieve proactive resilience against cyberattacks.
  2. Rise in cryptominer threats. While ransomware attacks saw a decline this past year, cryptominer malware has surged to become a top emerging threat. Specifically, the top three cryptominer malwares-Coinhive, Cryptoloot and JSEcoin - contributed to 80% of all cryptomining attacks. The survey also found that one in four global organizations were targeted by Coinhive malware alone in 2018. Enterprises must be sure their defenses have adapted accordingly to these new threats. 
  3. Prioritize security during digital transformations. As organizations continue on their digital transformation journeys by embracing the cloud and IoT devices, security strategies must be enhanced, too. More than a quarter (28%) of organizations globally perceive cloud account hijacking as one of the top security threats to their cloud environments and 29% of global organizations view attacks through IoT and other connected devices as a top cyber risk. However, only 26% of organizations are prioritizing security assessments of IoT devices to mitigate new risks. Given that the success of an enterprise's digital transformation efforts is underpinned by effective cybersecurity and data privacy, organizations must ensure security professionals are a part of all transformation efforts.
  4. An embrace of comprehensive risk mitigation strategies. Like it or not, the question for organizations has become not if a breach will happen, but when. In preparation, 39% of organizations now have a dedicated cyber insurance policy, which is up 12% from 2017. Additionally, 28% of organizations participate in cyberattack simulation exercises coordinated by industry regulators, and 1 in 4 now carry out security assessments in every build cycle. More organizations must embrace these moves, so they are prepared for the worst. Most enterprises recognize that their employees are their weakest link in security. In fact, nearly three in four (72%) organizations say employee negligence and lack of awareness is a top cyber risk. To educate employees on security best practices, many organizations (87%) are using eLearning and other computer-based trainings.
  5. Greater security collaboration and knowledge sharing. The business community is more secure when security findings are shared and not collected in isolation. Sixty-seven percent of organizations are now willing to share indicators of compromise, such as malicious IPs, URLs and domains, and 33% of organizations are willing to share attacker tactics, techniques and procedures with industry peers. Such information sharing and timely threat intelligence are critical enablers in anticipating and mitigating new and developing attacks, and this must continue in 2020.

Although cyber attacks and threats are greater in number and more complex than ever, there are many promising signs that defensive capabilities are improving. For instance, the number of patents related to cybersecurity has increased 27% since 2016. Additionally, investors continue to put money behind cybersecurity start-ups addressing areas like threat detection.

In the meantime, CISOs need to improve their risk mitigation strategies by focusing on moving the needle on cyber hygiene, keeping an eye on new threats looming in the horizon and collaborating with peers and national agencies to be better prepared to take on the security challenges in 2020.


About the Author

Raja Ukil 

Strategic leader and global head for Wipro's Cybersecurity and Risk Services, Raja Ukil, is the senior vice president of Wipro's largest and fastest moving service line. In his previous role, since 2014, as Chief Information Officer (CIO), he was instrumental in driving the key initiatives leading the business transformation program to simplify processes, make them touch-free & persona-centric, and empower the right levels within an organization. He is a strategist, with wide-ranging experience of 16 years in various crucial roles. He has specialization in managing & remodeling IT infrastructure and enterprise security as well.

Today, with threat surfaces becoming wider every day, attackers around the world evolving to be smarter and armed with newer goal sets, organizations essentially need to implement proactive resilience. Known as a leader who could span a breadth of technologies and businesses to transform, Raja Ukil brings with him a unique value proposition to transform and re-position cybersecurity as a brand differentiator in the market, which would offer solutions for end-to-end cyber security requirements making organization cyber resilient.

He aims to drive various strategic developments, run global operations and shape growth initiatives in developed and emerging markets thereby maintaining competitive edge. As, he has experienced great success in strengthening the CIO function to meet diverse and complex needs in his previous role, he currently aims in achieving the same, by helping customers in their digital transformation journey to be the cybersecurity partner brand they can trust.

Some of his recent major accolades being:

  • Winner of multiple CIO 100 Hall of Fame (three consecutive times) and winner of the global CIO 100 in 2016.
  • Part of the global customer advisory boards of several product companies and startups, Cisco, SAP (APJ), Symantec and startups like Drona HQ, NextThink and ParaBlu.
  • Independently managed profit & loss for more than US$300 million and extensive experience in cost management for large global operations.
  • Keynote speaker in several industry and technology forums.
Published Tuesday, November 26, 2019 9:50 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<November 2019>