37.5 C
Bangkok
Friday, March 29, 2024

Bluebik Reveals In-depth Views on 3 Cybersecurity Trends in 2023 • Thumbsup

Bluebik Group Public Company Limited or BBIK, a leading consulting service provider in digital transformation. Revealing trends and in-depth perspectives on cybersecurity in 2023, indicating that businesses are facing challenges from 3 of the most popular cyber threats: Ransomware-as-a-service. will spread rapidly

Attacks on supply chains are more prone than ever. And data theft will affect the trust that customers have in the organization. hence the sector

Businesses should speed up to mitigate such risks by adopting the concept. ‘Cyber ​​Resilience’ It consists of 5 approaches that will enable organizations to defend and respond well to cyber attacks. Including preparing to recover the business to return to normal operations.

Mr. Pachara Arayakarnkul, Chief Executive Officer of Bluebik Group Public Company Limited, said that digital transformation has been an important issue for the business sector in recent years. Leveraging technologies such as cloud computing, blockchain, artificial intelligence (AI), and the Internet of Things (IoT) can create advantages and opportunities for business growth.

But at the same time, it adds complexity to the business ecosystem to the point that vulnerabilities or weaknesses can be exploited by cybercriminals. The greater the demand for technology The greater the risk of cyber threats. As a result, cybersecurity has become a top concern. of corporate leaders around the world

The trend of damage from cyber threats is increasing steadily. In 2023 World Economic Forum Estimated damage value fromGlobal cyber attacks will reach $8 trillion. or an increase of 15% (YoY) going in the same directionCybersecurity spending to grow 12% (YoY) to $194 billion This worrying trend of increasing risk is a wake-up call for organizations to urgently improve their cybersecurity.

Bluebic revealed that The most vulnerable industries targeted for attacks are professional service providers. Finance, Healthcare, Hospital, Retail and Hotel respectively, which the top 3 cyber threats are

  1. Ransomware is spreading faster and more because Ransomware-as-a-service : Malware will be released into the system to break into critical systems. and demand a ransomCurrently, hackers are evolving. Ransomware-as-a-service that will change the traditional ransom demand By selling malware embedded in the target’s system on the black market and agreed to trade under the terms of mutual benefit if the buyer can successfully claim the ransom. This makes it easier and faster to use ransomware. Because it no longer requires high expertise. All you need is access to black markets or online communities used by hackers, the agency reports. Cybersecurity The average cyber ransom amount was $250,000 in the third quarter of this year, and found that 58% of organizations fell victim to ransomware, while 14% of These organizations had to pay ransoms more than once, with more than half of the victimized organizations taking more than a month to recover from the damage.
  2. Supply Chain / 3rd Parties Attacks will be more prone than ever : attacking the targeted organization’s systems may be more difficult nowadays. One reason is that organizations There is an enhanced level of protection. Hence, hackers modify their attack patterns.By aiming to penetrate the systems of external service providers (vendors) that provide services to many organizations and already have a way to access the back-end systems of various customer organizations, so hackers penetrate the systems of external service providers. To be used as a way to penetrate the target organization’s system, Bluebik Titans sees that attacks through supply chain systems will increase significantly, according to a survey by the Ponemon Institute. Over 54% of organizations have been hit by a cyberattack through their supply chain or external service provider, with only 34% confident they will be notified by their service provider. However, 60% of organizations are concerned about the increase in cyberattacks through their supply chain.
  3. Data theft (Data Breach) important lessons that can lead to loss of reputation. confidence and assets beyond expectationsIdentity theft is a common occurrence in cyberspace. The main goal is financial benefits. and focusing on important information trade secret intellectual property or personal information of customers to be held for ransom or sold on the black market The damage from the data theft event is about 6,000 baht per data item on average and causes damage to the organization in many ways, such as the cost of troubleshooting as well as the impact of business interruption. And worst of all is the loss of customer trust in the organization. IBM reports that by 2022, corporate data theft losses in ASEAN will average $2.87 million per incident. And more than 83% of organizations are victims more than once, with 45% of them being data theft in the cloud, which organizations are increasingly using. but may still lack proper protective measures

Mr. Phon Sutee Thanesniratsai, Director of Blue Bik Titans Co., Ltd., said that being prepared to prevent and deal with potential situations is something every organization needs to do urgently. Because cyber-attacks can happen at any time and cause enormous damage to both the financial and trustworthiness of an organization. The creation of immunity to cyber threats for organizations can be done by applying the concept of ‘Cyber ​​Resilience’ that consists of 5 approaches as follows:

  1. Consider cybersecurity with an enterprise risk management framework (Manage Cybersecurity as an Enterprise Risk).
    Cybersecurity should be part of the risk management process at the organizational level, i.e. cybersecurity considerations are reflected in the form of risks. This includes impacts from various perspectives such as financial losses. breaking the law Confidence from customers and partners, etc. This approach gives corporate executives a framework for decision-making. and better select control measures that are appropriate for the level of risk The organization can apply the standards of trustworthy agencies or compare with the current operations of the organization. to plan further elevation
  2. Senior management should encourage cyber risk oversight. and promoting an organizational culture in which everyone participates in vigilance (Executive Play a Key Role in Governance and Fostering a Culture of Cybersecurity Vigilance).
    Cyber ​​risk management should be supported by senior management of the organization. in supervising policies, strategic plans, risk management to be at an acceptable level for the organization Including emphasizing the importance and encouraging everyone to participate in surveillance and prevention of cyber threats. The operation should contain important programs.– Business Continuity Plan – Information Technology Recovery Plan – Cyber ​​Attack Crisis Management Planwhich covers how to communicate with stakeholders and how to select experts; and 4) raising awareness of cyber threats and operating safely. Including rehearsing the incident response process. for all parties to better understand their roles and responsibilities
  3. Senior management should closely oversee cybersecurity posture (Executive Oversee Cybersecurity Posture) Senior management should closely oversee cybersecurity. by reviewing performance reports This may cover topics such as significant risks and management approaches. An overview of the state of cybersecurity and strategic plans to raise standards, etc.
  4. Maintain Compliance with Cybersecurity Laws and Regulations related to cybersecurity and protection of personal data Including closely following new child legislation, organizations can apply these laws and regulations as a preliminary criterion to improve their own cybersecurity standards.
  5. Emphasize on Implement Essential Cybersecurity Hygiene. Upgrading an organization to have the ability to prevent and respond well to cyber threats requires resources and cooperation from relevant parties. all parties This is challenging and time-consuming for some organizations. While cyber risks can arise at any moment and damage the business. Organizations should, at a minimum, focus on fundamental matters such as managing accurate and complete registers of information assets. Multi-Factor Authentication data security Updating the system to close vulnerabilities System Log Management Violation response plan managing risks arising from service providers, etc.

“Managing cybersecurity is not an easy task. But it’s not difficult if you have expertise and management experience. And can weave risks into the organization’s plans and strategies. Make the upgrade of the cyber security system appropriate. As a result, departments within the organization can carry out activities as planned with confidence. And build confidence among all stakeholders both inside and outside the organization, ”said Polsuthree in the end.

Source

Latest Articles