SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Intellectual property, automobile hacking, and economic challenges amongst 2023 cybersecurity challenges
Thu, 5th Jan 2023

Intellectual property, automobile hacking, and economic challenges are amongst the areas facing cybersecurity challenges in 2023,
according to new 2023 predictions from Apricorn.

Intellectual property

"Driven by nation-state threats, market competition and internal threats, many companies will face an increased risk of losing valuable intellectual property (IP) or having research and development (R&D) efforts thwarted by data leaks,' says Jon Fielding, managing director EMEA of Apricorn. 

"There needs to be a push for data encryption across all levels of business," he says.

According to Apricorn's 2022 UK IT Security Survey, 32% of IT leaders have introduced a policy to encrypt all corporate information as standard in the last year. In total, almost half (47%) of organisations now require the encryption of all data. 

"Encryption can protect data when its both at rest and in transit and the stakes for not encrypting data are only getting higher 16% of the IT leaders surveyed admitted that a lack of encryption had been the main cause of a data breach within their company, up from 12% in 2021," says Fielding.

Automobile hacking

"Our cars do more than ever before and keep track of more data than probably any of us have thought about," says Fielding. 

"And while we have seen simulations of vehicles being overtaken by hackers intent on crashing them or causing terror, the real issue is how to protect the data they collect. 

 "This coming year, automobile manufacturers should consider how they can protect driver data such as dashcam footage to credit card information stored on phones connected to the vehicle via Bluetooth technology," he says. 

"Let's not forget driver GPS location, which presents a serious security issue if accessed by the wrong person. The adoption of a 3-2-1 storage strategy and encryption of all data should be a manufacturing industry best practice with automotive manufacturers leading stepping up as innovators that recognise the need to protect this data."

Economic challenges

Fielding says organisations will likely be challenged by resource constraints brought on by economic challenges, staff shortages, and tech layoffs. 

"This scarcity of resources may put additional strain on IT teams leading to increased cybersecurity risks," he says. 

"I predict that an increase in cybersecurity breaches and data loss events may occur as a result of IT teams being stretched too thin." 

In order to avoid data loss and cyber attacks, organisations should focus on employee education, says Fielding.

Employees are the front line when it comes to preventing cyber attacks yet according to Apricorn's 2022 Global IT Security Survey, 72% say employees do not consider themselves to be a target that attackers would exploit to access company data, driven by perceptions that they are either too small a target and/or adequately protected. 

"By investing in employee education, organisations can fortify their data security with foundational prevention measures such as regular data backup with encryption, using strong passwords, and enabling multi-factor authentication," Fielding says. 

"Combined, these efforts can help ensure data resiliency even for organisations with limited resources." 

Cryptocurrency and ransomware

"I predict in the coming year its likely there will be an increase in ransomware attacks driven by instability in the global cryptocurrency market," Fielding says. 

"Ransomware attackers have often demanded payments in bitcoin and other cryptocurrencies for their data ransom schemes and the weakening of the crypto market will likely push fraudsters to try and make up their losses with additional attacks," he says.

"When it comes to ransomware and cyber attacks, organisations need to have a formal and well-practiced plan to back up and recover their data. 

"The 3-2-1 method is an industry best practice that comprises making at least three copies of data, stored on at least two different media, with a least one copy encrypted and held off-site and offline. Effective data backup protocols are essential in the event of a ransomware attack which may compromise more than one data source and there is a proven need for increased data resiliency."

In Apricorn's 2022 Global IT Security Survey, only one in five professionals reported following best practices such as backing up in real-time or using the 3-2-1 method which can streamline data restoration in the event of a ransomware attack.  

 "With regards DeFi (decentralised finance), one of two things will start to emerge in 2023. Financial institutions will start to embrace cryptocurrency and attempt to apply their controls on top, such as KYC (know your customer protocols), and/or governments will leverage the turmoil in cryptocurrency as a trojan horse to introduce their own digital currency whilst phasing out physical currency," Fielding says. 

"The latter provides a path for government to exert even more control over their citizens and intent should be challenged should we start to see moves in that direction." 

Data hygiene

Fielding says the necessity for data restoration is a likely scenario in the coming year.

"With a variety of threats and risks both internal and external that could lead to data loss, IT professionals need to focus on making sure that they not only backup their data, but that the data backup is usable," he says.

"Data backups are only effective for restoration when the data is recent, accurate, and accessible. And with a reliance on cloud storage, increased risk of cyber attacks, and potential employee errors, IT professionals need to put their data backups to the test. 

"Backup and recovery strategies need to be intentional, practiced, and effective as corrupted, compromised or out-of-date data will only hinder recovery efforts. Apricorn's survey highlighted that, although 99% of respondents had a back-up strategy, 26% of those who had cause to recover data from a backup were unable to fully restore all their data."