The global cyber security market is set to reach US$334 billion in revenue by 2026, with the Asia Pacific (APAC) region predicted to lead the way for growth.

On a global scale, cyber security revenue is expected to rise by a five-year compound annual growth rate (CAGR) of 8.7 per cent, up from 2021s US$220 billion, according to data and analytics firm Global Data.

Meanwhile, Asia Pacific. was framed by GlobalData as being more vulnerable to cyber threats than other regions due to critical infrastructure and the growing financial sector in the region, as well as being expected to lead cyber security growth around the world.

Indeed, an increase in digital transformation initiatives, penetration of internet connectivity and susceptibility stemming from internet of things (IoT) connectivity is expected to increase the adoption of cyber security solutions.

Madhumita Chaudhary, practice head at GlobalData, said Australia, Singapore, the Philippines, Thailand, Japan, India and Taiwan are particularly facing an increase in ransomware, phishing and network attacks.

As such, these countries are anticipated to see strong demand for cyber security products and services.

The global enterprise cyber security market in particular is expected to thrive following a surge in the volume and sophistication of cyber attacks across organisations.

Despite the continued investments and growth in the cyber security space, the frequency of attacks and breaches have shown no signs of abatement, said Chaudhary.

More than billions of records containing critical information were compromised since the pandemic. As such, enterprise cyber security will continue to dominate the overall cyber security demand in terms of market share, capturing a sizeable revenue share exceeding 90 per cent in 2021.

Additionally, the consumer cyber security markets CAGR is expected to reach 10 per cent over the period.

The rapid emergence of connected devices and associated security risks with no baseline security upgrades will favour the segment growth over the forecast period, Chaudhary said. Cyber security should be at the forefront of all digital transformation strategies. A lapse in focus could mean hefty repercussions in form of accelerated ransomware attacks, she added.

The growth in the cyber security market from now to 2026 comes as fellow research firm Forrester claimed that customers are set to increase their reliance on managed security service providers (MSSP) in 2023.

Error: Please check your email address.

Tags GlobalData

Read more:
Global cyber security revenue to hit $334B by 2026 - ARNnet

Image: Getty/gilaxia

Cyberattacks targeting vulnerabilities in internet browsers are on the rise with Google Chrome increasingly in the hackers' sights.

According to analysis by cybersecurity researchers at WatchGuard, the second quarter of this year saw an overall 23% increase in malware attacks against browsers Chrome, Firefox, and Internet Explorer compared with the previous quarter.

Much of that increase has been driven by a rise in cyberattacks on Chrome: according to the WatchGuard Threat Lab Internet Security Report, attacks targeting Google's browser have increased by 50%.

Browsers are of interest to hackers because they're key to how we use the internet entering and storing information including passwords, cookies, and even credit card details. This makes them a target for information-stealing malware.

Also:The scary future of the internet: How the tech of tomorrow will pose even bigger cybersecurity threats

All of this information is useful for cyber criminals, either to exploit themselves or sell on dark web forums for others to use. For example, stolen passwords for corporate cloud services could be used to help launch significant cyberattacks, including ransomware campaigns, while stolen card details could be used to drain people's bank accounts.

Researchers suggest that one reason for the increase in attacks targeting Chrome could be the persistence of various zero-day exploits.

There have been several instances of these high-severity Chrome vulnerabilities this year, including CVE-2022-1364,CVE-2022-2294 and CVE-2022-307. Google warned that the latter was actively being used to conduct cyberattacks, and Chrome browser users on Windows, Mac and Linux were told to apply the relevant security update immediately.

However, researchers suggest that the rise on Chrome attacks might partly be due to the fact that many browsers aren't receiving the updates, particularly if security patches aren't automatically being applied by administrators. Without these updates, browsers arehighly vulnerable to attacks.

Ensuring that critical security updates are applied as soon as possible is one of the best strategies when it comes to protecting against cyberattacks targeting browsers or any other software.

"All it takes is one unpatched vulnerability for an attack to squeeze through a crack in your defenses. Keeping your software updated with the latest security patches is one of the single best actions you can take in terms of bang for your buck in cyber defense," said the WatchGuard report.

Read more:
There's been a big rise in hackers targeting Google Chrome - doing this one thing can help protect you - ZDNet

The discovery of theLog4j vulnerabilityin December 2021 is one of the more recent and prominent reminders of why cybersecurity teams need to implement a zero-trust security architecture.

Not that they should need reminders. Incidents are happening every day, and some of themsuch as ransomware attacks that impact entire supply chainsmake the headlines. In the case of Log4j, a Java-based logging utility thats part of the Apache Logging Services, security researchers found a zero-day securityvulnerability involving arbitrary code execution.

This was no garden variety vulnerability. Security experts described the flaw as being one of the biggest and most critical discovered in recent years. And it provides a glaring example of how at-risk organizations can be. New software vulnerabilities are being uncovered all the time, some of them leading to serious security breaches and lost data.

As cybersecurity and IT leaders know all too well, the complexities of security have increased significantly in recent years. Not only are attacks getting increasingly sophisticated, but cybercriminals are more organized than before, in some cases well-financed by nation-states.

In addition, the attack vector has broadened considerably in recent years. Hybrid and remote work models mean more people are working remotely and, in many cases, are using their own devices and networks to access critical business data.

Furthermore, the use of cloud services and multi-cloud strategies continues to increase. Sometimes cloud deployments are not even on the radar of central IT and therefore not managed as other IT assets might be. Given the rise of cloud services, remote work, and mobile environments, the concept of perimeter defense has been obliterated. There really is no such thing as a perimeter, or perimeter defense, anymore.

All of these developments provide good reasons for organizations to shift to a zero-trust model of cybersecurity. The idea of zero trust is fairly simple: trust no user or device, and always verify. A successful zero-trust approach considers three things: a users credentials, the data the user is trying to access, and the device the individual is using.

By combining the principle of least privilege with a modern approach of contextual access, multi-factor authentication (MFA), and network access, organizations can maintain a more agile security model that is well suited for a cloud-heavy and mobile-centric environment.

The result of the zero-trust approach is that organizations can reduce their attack surface and ensure that sensitive data can only be accessed by those users that need it under approved and validated context. This serves to greatly reduce risk.

Traditional zero-trust practices have typically focused on network access and identity and access management (IAM) through single sign-on (SSO). With remote work now encompassing such a large portion of end-user access, however, device posture is increasingly important as devices act as the new perimeter in a perimeter-less world.

By adding device validation to their security protocol, enterprises can defend against criminals who steal credentials or devices and use them along with MFA to gain access to networks and data.

If a network environment is monitored for non-compliance or critical vulnerabilities, then securing the device is the last defense against having compromised sensitive data. This is why its so important to adopt aconverged endpoint management solutionas part of the zero-trust approach.

Here are some of the key components of a zero trust practice organizations should consider:

Along with deploying the zero-trust approach, organizations should be sure to pay heed to security fundamentals. For example, they need to patch vulnerabilities as soon as they are identified. The Log4j development showed why that is important.

Patches should be installed and updated, but not in a haphazard way. Comprehensivepatch-management programsshould encompass all devices used in the organization connected to the internet and corporate networks.

Another good practice is to reassess all endpoints where systems are vulnerable to attacks. This includes conducting an audit of all those systems and devices that have administrative access to network systems, and an evaluation of the security protections on any sensors or other internet of things (IoT) devices tied to networks.

On a longer-term basis, companies need to reassess how they gather, store, and categorize the growing volumes of data they are managing. That might mean segmenting data so that more stringent security controls are placed on access to the most sensitive data such as personal information or intellectual property.

In addition, organizations need to be vigilant about using MFA and strong passwords. Networks have been compromised because hackers guessed users passwords, which suggests a need for policies that require more complex passwords or the use of MFA.

Users can be careless when it comes to cybersecurity practices, so providing good training programs and running awareness campaigns are also good ideas to educate everyone in the organization. These programs should cover signs to look for that indicate phishing and other attacks as well as social engineering techniques frequently used by bad actors to gain sensitive information or network access.

By deploying azero-trust modeland taking care of the cybersecurity basics, organizations can put themselves in a position to defend against the latest threats, including ransomware.

Security today requires more than simply managing identities and authenticating users. It needs to assume that anyone or anything trying to get into the network is an intruder until proven otherwise.

Its a perfect confluence of events forzero trust to take center stagein the world of cyber security: the rise of hybrid and remote work, the ongoing shift to cloud services, the continuing growth of mobile devices in the workplace, and an onslaught of sophisticated attacks that can impact entire supply chains.

Never have organizations faced so many challenges in protecting their data resources and never have they needed to be more suspicious of users and devices trying to access their networks. The zero-trust model, with its principal concept that users, devices, applications, and even networks should not be trusted by default, even if they are connected to a verified network and even if they were previously verified, is well suited to todays typical IT environment.

There is simply too much risk that an outside entity trying to gain access actually has nefarious intent. There is too much at stake to trust anyone or anything. One of the more notable effects of the shift to zero trust is the realization that traditional virtual private networks (VPNs) are no longer fully capable of securing remote access to corporate networks.

The distributed workforce at an organization might have access to highly regulated customer data through on-premises or cloud-based customer relationship management and enterprise resource planning systems. They might also need to access commercially sensitive intellectual propertyall of this from personal devices.

Organizations need an effective way to secure and authenticate these users, and unfortunately, traditional VPNs have struggled to keep up with the traffic workloads that work-from-home generates.

Research by Tanium has found that overtaxed VPNswere the second biggest security challenge for organizations transitioning to a distributed workforce. The problems with legacy VPNs have not only imperiled the security of traffic flows, they are also contributing to a growing risk of security threats related to endpoints.

When the pandemic hit and organizations were forced to allow many employees to work from home, they relied on VPNs to support their distributed workforces, but with less than stellar results. While VPNs are familiar to many users and already in use for remote access, they are not the ideal tools to provide secure access for so many users relying on devices that in many cases are not as secure as they should be.

VPNs will not provide adequate defense against threats aimed at the home networks many users rely on when working remotely. In addition, the sheer number of VPNs a company might need to support an enormous mobile or hybrid workforce means the management and maintenance burdens could be overwhelming.

To truly provide secure access for a large number of remote workers, organizations need to think beyond VPNs and fully adopt the zero-trust model of cybersecurity.

With a zero-trust strategy and tools, its easier for security teams to provide secure access to applications, because they have more granular access controls and users do not get blanket permissions. Access rights are very specific and require continuous verification.

Device validation also makes up a key tenet of a successful zero trust strategy, and with remote work making up a large portion of end-user access today device posture is extremely important. Devices in many cases are the new perimeter within organizations, and device validation enables organizations to protect against stolen credentials or even stolen devices that cybercriminals can use to gain access to networks.

This is why practicing strong endpoint management is such an important part of a zero-trust approach. Without real-time and accurate endpoint management, organizations cant enforce compliance or validate device posture as a prerequisite for access. Authentication alone cant ensure that a device is secured.

The right tools can allow security teams to continuously check device posture against policies, to ensure that the zero-trust approach really does trust no one, even after identity and access policies are in place. Ideally, organizations should be able to integrate new zero-trust solutions with the tools they already use, so they dont have to start from scratch.

The concept of zero trust might come across as negativeeven paranoid: Dont trust anything, whether its devices and other endpoints, applications, networks or individuals. But what the model really indicates is that organizations are operating in uniquely challenging times, and much is at stake when a data breach or ransomware attack occurs.

More people are working remotely, in many cases using their own devices and networks. Companies are relying on cloud services more than ever. Attacks have become more sophisticated and canimpact entire supply chains.

Organizations need to take the initiative to ensure that valuable data resources are always protected and to be certain that the users and devices trying to access their networks will not do harm. Implementing azero-trust strategyis a truly effective way to achieve this level of security.

Learn how to migrate to a zero-trust architecture with real-time visibility and control of your endpointshere.

Visit link:
The New Cybersecurity Motto: Trust is Not an Option - CIO

Industrial control systems refer to a broad class of automation systems that include programmable logic controllers, safety instrumented systems, distributed control systems, human-machine interfaces and SCADA systems. These systems are vital to critical infrastructure because they control and monitor manufacturing and industrial processes -- without which societies, countries and economies would fail.

Historically, ICSes had a high degree of physical separation from IT infrastructure. Changes in business requirements and innovations in technology, however, are causing an organic convergence.

Although ICS environments were previously left isolated intentionally, they are now increasingly connecting to other networks. Seventy percent of ICS environments had an external connection in 2021, almost double from the previous year, according to research from cybersecurity company Dragos.

This convergence did not happen on purpose, but rather is due to a number of organic changes that came largely from the digitization of ICS environments.

Some common drivers leading to ICS and IT convergence are the following:

The convergence of IT and ICS environments offers benefits for the entire ICS ecosystem. It also introduces new security risks, however, many previously unknown to manufacturers and industrial processes. Gartner predicted that, by 2025, threat actors will weaponize ICS to harm or kill humans.

To better understand the situation, let's explore the top security concerns.

The connectivity of ICS and IT is giving rise to increasingly internet-facing systems, making them vulnerable to cyber attacks and breaches. Most ICS assets are now cloud-managed for logging, monitoring and dashboarding, which adds a layer of complexity.

Disruptions in ICS environments can have major downstream impact, including risk of fines and censure, which is another reason why these industries have a low tolerance for downtime -- and why ICS infrastructure is an attractive target for cybercriminals.

Interruptions can have major implications on the security, reliability and performance of ICSes. A cyber attack or data breach could halt production, which can have significant cost implications. In the worst case, it could also contravene safety and trigger catastrophic consequences, such as power grid blackouts, environmental damage, paralysis of economic activity and loss of life.

ICS devices use bespoke versions of OSes that limit the scope of patching, updating and installing protection mechanisms, such as antimalware controls. Patching and updating these devices sometimes require intervention from the manufacturer of the device, which can take time or require a remote connection. This can expose the device to unexpected and uncontrolled network traffic.

ICSes also operate around the clock and, therefore, cannot risk applying untested patches.

Some organizations even go to the extent of switching off their security due to the lack of compatibility with automation systems. Managing and monitoring ICS security is also a full-time job, and many organizations don't have enough staff to manage ICS cybersecurity.

ICS teams and security teams have different priorities; one is focused on performance and availability, while the other is focused on security. ICS assets were traditionally sealed systems with localized, analog methods used to manage, monitor and control their behaviors. Engineers could manage the ICS without the intervention of IT or the security team. This is no longer the case and can often create friction between teams.

A quick fix for securing ICS environments doesn't exist, but there are steps to take to control it.

Start with a detailed understanding of what assets and devices make up the environment, and prioritize them based on the associated risks. Both IT and ICS teams must join to ensure a safe, secure and converged environment. IT teams can benefit from ICS engineers' years of experience in designing, building and maintaining such environments, while ICS engineers can benefit from the IT team's cybersecurity expertise.

Collectively, teams must articulate threats in a language the business understands so stakeholders comprehend the gravity of the situation and perpetuate a change in security attitudes and processes.

This is not a one-off collaboration or a one-off exercise. ICS engineers and IT professionals must continue to collaborate to keep a watchful eye on evolving risks and stay ahead of threat actors.

About the authorSteve Durbin is chief executive of the Information Security Forum (ISF), a not-for-profit association dedicated to investigating, clarifying and resolving key issues in information security and risk management by developing best practice methodologies, processes and solutions that meet the business needs of its members. ISF membership comprises the Fortune 500 and Forbes 2000.

Continue reading here:
Solve ICS security issues with ICS and IT team convergence - TechTarget