McAfee Enterprise and FireEye today released Cybercrime in a Pandemic World: The Impact of COVID-19 findings, revealing the imminent need for organizations to prioritize and strengthen their cybersecurity architecture. The findings brought to light that during the past 18 months, 81% of global organizations experienced increased cyber threats, with 77% of the organizations in India experiencing downtime due to a cyber incident during a peak festive season. Further, while the top three most threatening cyber risks that were detected are malware attacks (47%), data breaches (43%), ransomware and cloud jacking (33% each), over thirty percent of the IT professionals also experienced vulnerabilities in their ‘Internet of Things’ devices.
According to IT professionals in India, holidays have been the most challenging peak periods for cybercrimes – while 52% of them indicated festive holidays such Diwali, Ramadan, Christmas as the peak period; 32% of them pointed at bank holidays, and 12% of them at summer vacations in schools and colleges. During these peak periods, 91% of them find maintaining a fully staffed security team/SOC even more challenging as with the adoption of a hybrid work model, 59% of them expect half or more of their organizations’ workforce to be remote in some capacity.
“It is imperative that all business of scale evaluate and prioritize security technology to keep them protected, especially during peak seasons like the holidays,” said Bryan Palma, CEO of the newly combined company. “Traditional approaches are no longer enough – 94% want their organization to improve its overall cyber readiness – and businesses need an integrated security architecture and an always on approach to prevent, protect and react to the threats of today.”
As the holiday and festive season in India has already commenced, 91% of the IT professionals anticipate a moderate or even substantial impact by increased demand for their products and services. Most organizations have invested in cloud security (82%), advanced threat protection (66%), the security operations center (54%), mobile security (48%) and endpoint security (48%). Further, to take additional security precautions, 69% of the organizations are implementing new software solutions, 68% are strengthening internal IT related communications, 62% are increasing their software updates and 61% of them are shooting up their employee trainings.
“Cyberattacks tend to skyrocket in India during the holiday season as we tend to spend more time online and often let our guard down. Taking advantage of this, bad actors adopt newer techniques and sophisticated means to target businesses when they’re most vulnerable,” said Venkat Krishnapur, vice-president of engineering and managing director, McAfee Enterprise, India. “The problem is further exacerbated with employees using the same devices for personal and office work exposing critical networks and thus, with an eye to stay ahead of criminals, organizations need to ramp up their cybersecurity readiness and undertake adequate security measures.”
Looking ahead to 2022 and addressing emerging threats
As per the findings, the top three cyber risks of 2022 that are the most threatening to businesses/industries in India will continue to be malware attacks (54%), data breaches (50%) and cloud jacking (35%). However, there are ways for organizations to be proactive against cybercrime, such as implementing security measures, providing cybersecurity awareness training for employees, and developing prevention and response plans. The findings also suggest that it’s mainly the IT Director(s) (58%) and the IT Manager(s) (56%) who are involved in making the decisions when implementing changes to business/organization cyber security solutions/practice.
The Cyber technology that businesses/organizations from India plan to invest most in are Cloud security (57%), the Security operations centre (57%), Advanced threat protection (55%) and Endpoint security (47%)
99% of the IT professionals indicated that their organization could place more emphasis on its overall cyber readiness and strategy to prevent, protect and react to potential threats
53% on employee trainings and awareness when it comes to cybersecurity issues,
53% to prevent cybersecurity issues and,
51% to respond to cybersecurity issues
27% of the organizations plan to invest more than $500.000 in 2022
Addressing Emerging Threats
There are ways for organizations to be proactive and actionable against cybercrime, such as implementing security measures and industry-wide cybersecurity requirements, providing cybersecurity awareness training for employees, and developing prevention and response plans. In addition, enterprises and commercial business can implement cloud-delivered security with MVISION Unified Cloud Edge (UCE) and FireEye Extended Detection and Response (XDR).