• About
  • Subscribe
  • Contact
Saturday, May 10, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home Technology Security

PodChats for FutureCIO: Bracing for ransomware in 2022

Allan Tan by Allan Tan
December 24, 2021
PodChats for FutureCIO: Bracing for ransomware in 2022

PodChats for FutureCIO: Bracing for ransomware in 2022

Gartner predicts that by 2025, at least 75% of IT organizations will face one or more attacks, as free-rein researchers document a dramatic increase in ransomware attacks during 2020, pointing to sevenfold or higher rates of growth.

Gartner’s Emerging Risk Monitor Report for the third quarter of 2021 noted that concerns about ransomware topped pandemic-related concerns.

In the report, the risk of new ransomware models debuted in the top five emerging risks in the third quarter as the previous quarter’s top risk, “cybersecurity control failures,” has matured into an established risk.

One security specialist noted that ransomware attacks are often misunderstood, thought of as a single, isolated attack like the 2016 Wannacry event. The reality, however, is that ransomware is deployed as part of a larger attack that may involve penetration of a network, stealing of credentials for critical systems accounts, attack on the backup administration console or data theft.

Changing characteristics

Jonathan Jackson, director of engineering for APAC at BlackBerry, acknowledged that ransomware attacks have become a lot more sophisticated as ransomware actors recognise them as an incredibly lucrative business.

“We are now seeing the rise of Ransomware-as-a-Service, with affiliations coming into play, making it easy for anybody to deploy ransom on a target and a system using stolen credentials or phishing campaigns. The attacks have become bolder, fuelling a bigger market and challenge for organisations in APAC.,” he went on.

Catalyst in APAC

In reflecting on the drivers of the ransomware spread in the region, Jackson attributed this to the massive shift to work from home in early 2020 and the challenges faced by security teams to adapt to the new work model.

“The switch to allowing everyone to access the same but from unsecured home networks or Wi-Fi networks led to organisations having to build in loopholes by allowing VPN access from anywhere and introducing RDP (remote desktop protocols),” he added.

The result is a substantially expanded attack surface in the past 24 months that has allowed cybercriminals to gain access to information, creating a big challenge for security organisations trying to patch their systems while trying to maintain control of the corporate parameters which are now distributed.

Failure to detect and respond

While acknowledging security solutions and practices are have been around for years, Jackson commented that traditional anti-virus processes with signature-based solutions can no longer keep up with the sheer number of malware variants that are created.

“We see an average of about 400,000 malware variants created globally every day. If you’re trying to create a signature for every single one of those zero-day attacks, you are way behind the curve and can never keep up,” he added.

With new capabilities like sandboxing, heuristics, early math models, and artificial intelligence surfacing in the last five years, the cyber war has shifted from prevention to endpoint detection and response (EDR) — a tool to mitigate the attack once it has happened, threat hunt, find it and stop the breach after it has occurred.

“The challenge here is finding a balance between the two because just relying on EDR is not going to meet the needs of organisations going forward as we are effectively allowing someone to initiate attacks against you. There are ways to proactively prevent attacks from happening pre-execution and that is going to be the key moving forward,” he explained.

The profile of prediction and prevention approach

According to Jackson, very powerful and huge mathematical models of known good and known bad files are being built.

“We have math models that learn and grow, and they fight with next generations of math models to ensure that the efficacy and effectiveness of that math model supersede the next one. BlackBerry is now in the seventh year of iterating its math model and we see about a 98% effective rate — prevention is possible using machine learning and artificial intelligence,” he elaborated.

Why zero-trust make sense

Jackson believes that zero-trust is a healthy approach for organizations striving to adopt more rigour in their cyber resilience strategy.

“Without technicalities, zero-trust means that I need authenticate myself, the app that I am using, the files I am accessing, the cloud-based system I am trying to deposit files in, the laptop I am on, and the way I am using my keyboard. With zero-trust, nothing is trusted and that everything is bad. Everything needs to earn that trust to gain access to the system. Organisations need to find a model that will help them achieve this,” he opined.

XDR alongside zero-trust

Extended detection responses (XDR) look at multiple pieces of constructs or feeds that come into a data lake where you can then correlate information and make informed decisions on. These work by bringing together data from your antivirus solutions, SIEM (security information and event management) solutions, IPS (intrusion prevention systems), IDS (intrusion detection systems), email systems, identity systems, and firewalls.

Jackson suggests that for security organisations that are time-poor, faced with a massive skills gap, and have alert fatigue, XDRs can help to reduce the noise and complexity, allowing math models or machines to make decisions for us in terms of the threats that exist out there in the world.

What to do in preparation for 2022

He noted that ‘at the moment’ people remain the weakest link. Thus, continuing education, awareness, training through things like gamification, will be important in making sure the organization stays cyber-fit.

He suggests acquiring managed detection services from security vendors who can operate security operations centres (SOCs) and act as the company’s 24/7 response and attack prevention mechanism to help security teams and business leaders sleep better at night.

“One trend that we are seeing is with Friday afternoons and Saturday mornings — cybercriminals know that people log off for the weekend and thus ramp up attacks over the period. As organisations are not ready for that, having somebody who can deal with cybersecurity 24/7, 365 days a year will help businesses get their weekends back as well,” he concluded.

Click on the PodChats player to listen to Jackson’s predictions about ransomware in 2022 and how to enhance the organization’s readiness against cyberattacks in the coming year.

  1. What are the characteristics of ransomware? Has it changed from before the pandemic?
  2. What is catalysing the growth in ransomware attacks in Asia Pacific?
  3. Why are the current detect and respond approach to cybersecurity inadequate against ransomware actors and their evolving tactics?
  4. What does a prediction and prevention approach look like and how can it fend off more complex and organised threats of tomorrow?
  5. Would the adoption of zero-trust framework strengthen an organization against ransomware attacks?
  6. Beyond zero trust, what else is needed?
  7. What can we expect in 2022 and what should we do in anticipation of that?
  8. Beyond the tools, what else should enterprises do to stay cyber fit?
Related:  PodChats for FutureCIO: Securing the enterprise from the Internet of Threats
Tags: BlackBerryendpoint detection and responseextended detection responsesGartnerintrusion detection systemsintrusion prevention systemsPodchatsransomwareRansomware-as-a-Serviceremote desktop protocolssecurity information and event managementvpnWannaCryZero Trust
Allan Tan

Allan Tan

Allan is Group Editor-in-Chief for CXOCIETY writing for FutureIoT, FutureCIO and FutureCFO. He supports content marketing engagements for CXOCIETY clients, as well as moderates senior-level discussions and speaks at events. Previous Roles He served as Group Editor-in-Chief for Questex Asia concurrent to the Regional Content and Strategy Director role. He was the Director of Technology Practice at Hill+Knowlton in Hong Kong and Director of Client Services at EBA Communications. He also served as Marketing Director for Asia at Hitachi Data Systems and served as Country Sales Manager for HDS’ Philippines. Other sales roles include Encore Computer and First International Computer. He was a Senior Industry Analyst at Dataquest (Gartner Group) covering IT Professional Services for Asia-Pacific. He moved to Hong Kong as a Network Specialist and later MIS Manager at Imagineering/Tech Pacific. He holds a Bachelor of Science in Electronics and Communications Engineering degree and is a certified PICK programmer.

No Result
View All Result

Recent Posts

  • APAC CIOs rethink cybersecurity investments amid expanding threat landscape
  • Study finds almost half of businesses bank on AI-enabled cybersecurity for EDR and XDR
  • AI drives cloud market growth in Q1
  • ARTHALAND chooses OutSystems to advance real estate sustainability
  • Experts warn against AI-powered deepfake impersonation scams

Live Poll

Categories

  • Big Data, Analytics & Intelligence
  • Business Applications & Databases
  • Business-IT Alignment
  • Careers
  • Case Studies
  • CISO
  • CISO strategies
  • Cloud, Virtualization, Operating Environments and Middleware
  • Computer, Storage, Networks, Connectivity
  • Corporate Social Responsibility
  • Customer Experience / Engagement
  • Cyber risk management
  • Cyberattacks and data breaches
  • Cybersecurity careers
  • Cybersecurity operations
  • Education
  • Education
  • Finance
  • Finance & Insurance
  • FutureCISO
  • General
  • Governance, Risk and Compliance
  • Government and Public Services
  • Growth Strategies
  • Hospitality & Tourism
  • HR, education and Training
  • Industry Verticals
  • Infrastructure & Platforms
  • Insider threats
  • Latest Stories
  • Logistics & Transportation
  • Management Leadership
  • Manufacturing
  • Media and Telecommunications
  • News Stories
  • Operations
  • Opinion
  • Opinions
  • People
  • Process
  • Remote work
  • Retail & Wholesale
  • Sales & Marketing
  • Security
  • Tactics and Strategies
  • Technology
  • Utilities
  • Videos
  • Vulnerabilities and threats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
Login

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Subscribe