IoT Thought Leadership Blog

KORE | Cybersecurity Concerns and Actions in 2022

Written by KORE | Mar 1, 2022 5:38:45 PM

Conflict in Ukraine has accelerated the conservation surrounding cybersecurity, a topic that was already top of mind in 2022.

Cybersecurity risk has naturally increased as more processes adopt digital strategies. According to the Identify Theft Resource Center’s 2021 Data Breach Report, there were 1,862 occurrences of data compromises in 2021 – a 68 percent increase over 2020.

Data compromises in 2021 were at an all-time high, 23 percent more than the top-ranking year of 2017. Data breaches in 2021 compromised the personal information of millions, such as the instance at Robinhood, where 7 million customers’ personal information was exposed.

Ransomware attacks also saw a significant increase, the report continued, doubling in each of the last two years. The report estimates that at the current rate of increase, ransomware attacks will overtake phishing as the primary cause of data breaches in 2022.

Cybersecurity attacks against business operations have the potential to impact not just the organization but have a ripple effect that can be felt for months. Just like the supply chain was impacted by major events in 2020, the effects are still trickling down in 2022.

The manufacturing and utilities sectors saw the largest increase in data compromises in 2021 at a 217 percent increase year over year, according to the 2021 Data Breach Report.

The IBM X-Force Intelligence Index 2022 found that manufacturing accounts for 23 percent of ransomware reports and that 47 percent of those attacks exploited existing vulnerabilities within organizations.

Cybersecurity in 2021 showed a devastating landscape if significant measures aren’t taken to secure organizations and enterprises. According to the 2022 Global Digital Trust Insights report, 69 percent of responding organizations predicted higher spending for cybersecurity in 2022. And global cybersecurity spending is anticipated to exceed $1.75 trillion in the five-year period between 2021 and 2025.

Trends and regulations in cybersecurity are constantly evolving but trending in the right direction. For example, laws and regulations passed in 2021 include

  • The Colorado Privacy Act
  • Virginia Consumer Data Protection Act
  • China’s Personal Information Protection Law
  • South Africa’s privacy law
  • The California Privacy Rights Act

Meanwhile, the General Data Protection Regulation continues to become an emerging global standard.

Trends such as zero-trust will take a significant foothold, with Gartner predicting spending on zero-trust network access solutions will grow to $1.674 billion in 2024.

For IoT, creating security from the ground up has been supported by the GSMA-developed IoT SAFE (SIM Applet for Secure End-to-End Communication) establishes the SIM card as the device-level root of trust for chip-to-cloud security. This initiative helps remove the onus of building security in a fragmented ecosystem of devices but rather places the ability to secure at the OEM level.

Creating Security with Agility

Gartner, in its Rethink the Security and Risk Strategy report, offers six key principles of cybersecurity:

  • Move away from merely checking the boxes in compliance, but rather create decisions based on risk considerations
  • Instead of simply protecting infrastructure, support holistic business outcomes
  • Be more proactive instead of reactive by becoming a facilitator rather than a defender
  • Instead of controlling information flow, have more concern with how information flows
  • Give more consideration to human behavior rather than trying to control just the technology aspect
  • Forget trying to flawlessly protect your organization and rather invest time in identifying and tracking down threats

To learn more about IoT security strategies, check out this eBook