nasscom Community

Lessons To Learn from Security Breaches in 2021

4 Mins read

The need for cyber security has been more important than ever as the increasing cost of data breaches and cyber attacks is raising alarms. In addition to disrupting business operations, cyber attacks now cause damage to that extent where it is almost difficult for organizations to recover from. In a recent study, it was found that the average total cost of a data breach has increased to $4.24 million in 2021.

If we dig deep into the roots of the growing costs, we will find that there are various factors that have impacted it, including the sudden shift to the remote working model. This transition brought a major change in the speed of incident detection and response, as well as expanded the time frame to determine and curb security breaches. Since this new working model is expected to stay for some more time, we can probably witness the spike of cybercrimes’ costs reaching heights.  According to an estimate, by the end of the year 2025, cybercrimes will cost organizations across the globe nearly $10.5 trillion per year, up from $3 trillion in 2015. Irrespective of the type of cyber attack, each security incident results in some kind of damage, whether reputational or financial.

Most Common Cyber Attacks in 2021

Throughout the year 2021, we have seen businesses working remotely or in a hybrid manner and even in complete offline mode. This rapid shift has given cybercriminals a multitude of opportunities to amplify their intrusion attempts with new attack vectors. But, in most of the methods, human error remains the topmost vulnerability exploited by threat actors to breach the security perimeter of an enterprise. Your best employees can also become victims to cybercriminals if they click on any malicious link or download an infected document without proper security checks.

Now, let’s glance through some of the most common cyber attacks, which a majority of organizations faced in 2021:

  • Ransomware Attacks

Nearly 37% of global organizations revealed that they were targeted with some form of a ransomware attack in 2021. (Source: IDC 2021 Ransomware Study)

  • Phishing Attacks

In Q1 2021, the volume of phishing attacks increased by 22% as compared to Q1 2020. (Source: PhishLabs)

  • Distributed Denial of Service (DDoS)

In a recent study, it was found that DDoS attacks increased by 233% in the first half of 2021. (Source: Nexusguard Threat Report)

Apart from the above-mentioned threats, there were some other types of attacks as well that impacted the global organizations, including session hijacking, spoofing attacks, credential stuffing, mobile device attacks, etc.

Key Takeaways From Cyber Attacks

Over the course of the years, one thing we have learnt is that staying on top of every new threat, especially in the cybersecurity domain, is extremely difficult. Adversaries come up with new tactics and techniques every time they penetrate any security infrastructure. Since the pandemic has begun, we have seen CISOs, CIOs and other C-level executives facing a stream of security breaches, large-scale supply chain attacks and social engineering attacks to compromise critical IT resources.

Let’s go through some of the key lessons learned from cybersecurity incidents in 2021 so far.

1.       Each organization must implement endpoint protection

As a majority of the global workforce is operating in a virtual manner, the need for enhanced endpoint security cannot be ignored. Companies should consider advanced endpoint security solutions that must be capable of securely configuring, patching, managing operating systems and applications, as well as updating the security protocols.

2.       Supply chains are not immune against cyber attacks

SolarWinds attack showcased that software supply chains are also vulnerable to cyber attacks. This incident taught us that every enterprise, be it small or large, need to implement strong and multiple security controls containing different elements, including (but not limited to) strong password policy, multi-factor authentication, privileged access controls, etc. In addition, attacks against the COVID-19 supply chains showed that cybercriminals leveraged social engineering and masqueraded as trusted entities to get access to privileged access credentials.

3.       Cloud security misconfigurations are becoming a major cause of data breaches

Misconfigurations in cloud systems/software open up the doors for threat actors to commit data breaches. As per a survey by Ermetic, the top three cloud security threats are security configuration errors (67%), lack of adequate visibility into access settings and activities (64%) and improperly configured identity access management (IAM) and permissions (61%). Organizations can avoid data loss with the help of backup and archive solutions that make similar copies of data on different storage systems. They can create backups in different cloud accounts or even on-premises to stop intruders from deleting/encrypting them.

4.       Cyber-security awareness is very crucial

Since humans are the first line of defence for any business, they are extremely prone to cyber attacks. Cybersecurity awareness training must be designed in a way that encourages employees to recognize different cyber threats, understand the potential impact of a cyber attack on the organization, learn about the ways to minimize the risk and prevent adversaries from penetrating their workstations.

5.       Zero Trust solutions can be a good option

The traditional, perimeter-based security approach is gradually fading away as the workplaces are increasingly becoming highly dynamic and data is uninterruptedly moving across corporate boundaries. Organizations need to adopt a modern methodology where they should follow the principle of – Never Trust, Always Verify. A Zero Trust Security Solution provides in-depth visibility, safeguards user access and prevents data loss, despite users’ geographical location and devices being used. Such solutions help in continuous monitoring and validation, along with protection against advanced attacks like supply-chain, DDoS and ransomware.

Towards The End

The state of cyber security and growth of cybercrimes will keep evolving over time. The last two years have taught us a lesson that we should always be prepared to transition to a new normal. Unfortunately, cyber attacks will keep targeting more workforce unless organizations take proper precautions to prevent threat actors from exploiting vulnerabilities. Business leaders must keep investing in cybersecurity to keep processes running and remain alive in the competitive world.