DigiCert, Inc., a leading global provider of digital trust, today released its annual forecast of cybersecurity trends emerging for the new year and beyond. These projections — authored by DigiCert experts Dr. Avesta Hojjati, Dean Coclin, Mike Nelson, Srinivas Kumar, Stephen Davidson, Steve Job and Tim Hollebeek — are based on shifts in technology, threat actor habits, culture and decades of combined experience.
“Without a secure supply chain and proper security infrastructure, mission-critical data lies vulnerable. India has faced more than 18 million cyber attacks in just the first quarter of 2022. This must raise alarm for all of us especially as the country is pushing for increased digitization in the coming year,” said Sarabjeet Khurana, Country Manager, India & SAARC, DigiCert. “These predictions should allow individuals and businesses of all scales and sizes, to prepare for their upcoming technology needs. To ensure success in the era of digital trust, a planned approach to resiliency is of essence.”
“These predictions come on the heels of our 2022 State of Digital Trust Survey that found that almost half of consumers in APAC (42 percent) have stopped doing business with a company after losing trust in that company’s digital security,” said Hojjati, VP of Research and Development at DigiCert. “The more CISOs and other IT staff understand the security implications of evolving technologies and threats, the better prepared they are to make the right investments for their business to ensure digital trust.”
Prediction #1: Quantum Computing will force crypto-agility — Cracking a 2048-bit encryption would take an unfathomable amount of time with current technology. But a capable quantum computer could conceivably do it in months. We predict an increased focus on the need to be crypto-agile as quantum computers pose a signifcant future threat for secure online interactions. Crytographic-agility will be a competitive advantage in the very near future.
Prediction #2: Matter will become a household standard — Matter is a smart home standard and common language for smart home devices which are secure and trusted to communicate and connect seamlessly. With IoT driving growth in Industry 4.0 and the advent of 5G technology in the country, the India IoT market is projected to reach a value of USD 1,527 Million by 2027. DigiCert predicts the Matter logo will become the symbol that consumers look for in smart home technology. With increased connectivity with the Internet-of-Things (IoT), Matter will become key to achieving secure, reliable, and seamless use of smart home devices.
Prediction #3: Code signing will prompt a race to the cloud — OV code signing certificates are changing. They will soon be issued on physical security hardware in a similar way to how EV code signing certificates are issued. We predict that these changes will mean customers move to cloud signing in large numbers, instead of dealing with replacing their hardware token. We also expect all code signing will be cloud-based in the future, as customers will prefer cloud over having to keep track of a hardware key.
Prediction #4: Software supply chain attacks will make 2023 the Year of the SBOM — 66 percent of Indian businesses fell prey to supply chain attacks in 2022. As threats become increasingly sophisticated, we predict the SBOM will be widely adopted in 2023. An SBOM is a list of every software component that comprises an application and includes every library in the application’s code, as well as services, dependencies, compositions and extensions.While most of the requirements are taking place at the federal level now, expect the SBOM to spread to commercial markets soon to secure software. All of this means software producers will be required to get more involved in the process of ensuring their products are secure — and visibility will be key to that.
Prediction #5: Physical SIMs will be replaced by eSIM and iSIM Technology — While eSIMs are available in India, iSIM technology will also revolutionise how we use our smartphones and similar devices. We predict the next generation of smartphones will remove traditional SIM hardware functionality and move to eSIM and iSIM as the root of trust. The introduction of the integrated SIM (iSIM), which does not require a separate processor, is smaller, and does not take up much room on hardware such as mobile phones.
Prediction #6: DNS will continue to grow in importance — Infrastructure as code will continue its growth as being a best practice for organizations of all sizes. DNS services that have high uptime, fast speeds and fast DNS propagation will be crucial for organisations to have as a toolset. With over 55% of the population having access to broadband networks, well-defined APIs, SDKs and integrations will be highly vital to the success of Indian organizations’ efforts to be productive and reliable.
Prediction #7: Criminals will exploit Zero Trust — Adversaries will deploy new technologies as well to increase their success rate in future attacks. Technologies such as Artificial Intelligence and Adversarial Machine Learning could potentially be deployed by a properly versed attacker to find weaknesses in an improperly deployed zero trust framework. There is a clear shift towards the adoption of Zero Trust in India, where close to 30 percent of organisations have implemented or are considering implementation of zero-trust strategies at the workplace . With growing concern of data security due to the new normal of hybrid-work mode, it has become a priority for organizations globally to have Zero Trust. As zero trust becomes the standard security approach for IT systems, we predict adversaries will change their attack approach to be able to overcome zero trust frameworks.
Prediction #8: Ransomware threat will continue to rise in Asia – The threat of Ransomware continues to rise globally, with Asia-Pacific countries being the most vulnerable due to the region’s rapid digitalization and increasing connectivity as seen from its adoption of 5G network. 70% of Indian organisations have been hit by ransomware attacks in last three years.Recent high-profile attacks on Indian entities, especially that of All India Institute Of Medical Science (AIIMS) which left the premier medical hospital crippled due to lack of datahighlight how hackers continue to exploit upcoming technologies As we predict for ransomware attacks to become more sophisticated, it is crucial to remain vigilant and well-equipped to counter them.