Cybercrime is unique in that it’s one of the few problems faced by the world that can’t hope to be solved by technology. In fact, the more we rely on digital solutions as a society, the worse cybercrime is likely to get. The more applications and software we make use of and the more devices we connect to the internet, the larger the attack surface, i.e., potentially vulnerable access points, for cybercriminals to exploit.
Taking the rapid, global rate of digital transformation into account, experts predict that cybercrime will cause $8 trillion worth of damage in 2023. To put that in an even more alarming perspective, if that were measured like a country, it would be the third biggest economy in the world – only behind the US and China!
Subsequently, cybercrime is no longer something that only the largest enterprises have to protect themselves against. Every company, regardless of its size, needs to consistently look to re-evaluate and reinforce its cybersecurity measures.
With that goal in mind, let’s examine some of the most important cybersecurity trends that companies need to be aware of heading into 2023 and beyond.
Remote and Hybrid Working
An ongoing cybersecurity priority for many organisations has been better securing the devices used in remote and hybrid working conditions. The modern workforce’s ability to work from anywhere has both expanded the attack surface and moved it outside the organisation’s conventional cybersecurity defences, like firewalls and intrusion detection systems. As a result, remote working conditions during the COVID-19 pandemic caused a 238% increase in cyber attacks.
One of the main reasons for this is employees connecting to their company’s network with non-secured devices and falling victim to phishing attacks, where they divulge information that can compromise data security. Plus, with a growing number of people more likely to work in distributed teams, in which they don’t know their colleagues as well, they’re at greater risk of falling for impersonation scams.
Another threat to companies’ cybersecurity is the tendency for remote workers to use technology without their IT department’s knowledge or permission, i.e., “shadow IT”. This can also inadvertently expand an organisation’s attack surface, and increase the risk of a data breach — by introducing unsecured applications with easily exploitable vulnerabilities.
When confidential information has to be accessed remotely, security teams need to update their organisation’s access controls, security policies, processes and technologies to reflect their more complex IT ecosystems.
Automation and AI
With the number of cyberthreats growing each year, it’s increasingly difficult for human cybersecurity teams to keep their IT infrastructure secure. To keep up with the evolving efforts of cybercriminals, and better anticipate where they’ll strike next, organisations need to increase their reliance on automated security tools.
In particular, automated security technologies that utilise artificial intelligence (AI) and can analyse vast amounts of real-time data in real-time far better than humans. More impressively, such automated tools make use of machine learning (ML) algorithms to learn to recognise subtle patterns of malicious activity to ensure potential cyberthreats are quickly mitigated. This is evidenced by reports that reveal that organisations using AI and automation had a 74-day shorter breach lifecycle and saved an average of $3 million more than those that don’t such tools.
Unfortunately, however, the use of AI isn’t just restricted to security teams –as cybercriminals are rapidly learning to employ AI with malicious intent. Hackers can use AI algorithms to identify IT systems with lax security controls or are most likely to store valuable data. AI algorithms can also be used to generate large numbers of phishing emails – that are getting consistently better at evading advanced email filters.
With companies worldwide quickly realising the potential of AI to improve their cybersecurity posture, and the potential for cybercriminals to use it against them, the global market for artificial intelligence in cybersecurity is predicted to reach $93.75 billion by 2030.
The Internet of Things (IoT)
The more an organisation’s devices are interconnected, the larger the potential attack surface for cybercriminals to exploit. The IoT, in which physical objects feature embedded sensors that enable them to communicate with other such devices through the web, increases the interconnectivity between devices exponentially.
So much so, that by 2025, there are expected to be over 30 billion IoT devices active worldwide – with trillions of sensors transferring data.
Applications of IoT devices include, but aren’t limited to:
- Wearables
- Smart Home Appliances
- Vehicles
- Security Alarm Systems
- Industrial Machinery
- Facilities And Infrastructure Management
- Industrial Applications
- Energy (Smart Grids)
- Medical And Healthcare Services
- Transportation
- Building And Construction (Smart Buildings)
- Waste Management
- Water Resources
- Retail And Supply Chain
- Communications
- Education (Learning Analytics)
The fact that each IoT device potentially represents another target for cybercriminals, as access points to an organisation’s IT networks, will be an ongoing challenge for cybersecurity teams heading into the future.
State-sponsored Cyberattacks
As the world increasingly relies on digital infrastructure, cyber warfare is sure to undoubtedly remain a key element in conflicts between nation-states. Governments can carry out cyberattacks against rival nations using their own security agencies, e.g., the CIA or NSA in the US. Alternatively, nation-states can implement cyberwarfare through affiliated cyberterrorism groups, e.g., North Korea and the Lazarus group, who are responsible for the WannaCry ransomware attack that infected close to 200,000 devices in 150 countries.
For a prominent example of this, we need only look to the ongoing war between Ukraine and Russia. In an effort to undermine Ukraine’s defence efforts, the Russians have used Sandworm, a cyber military unit, to target key critical infrastructure.
Cyberattacks carried out by Sandworm include disabling powerplants across Ukraine in 2015 and, more recently, in September 2022, deploying ransomware called Prestige, which targeted Ukraine’s transportation and logistics industries. Additionally, it’s widely believed that Sandstorm was responsible for the infamous NotPetya global malware outbreak, which is estimated to have caused $10 billion worth of damage worldwide.
Zero Trust Architecture
Growing numbers of organisations are recognising how a zero trust security model can better protect their infrastructure and data from cyberthreats, and this trend is set to continue in 2023 and beyond. Consequently, the market for zero trust security is poised to reach over $60 billion by 2027, growing at an annual rate of more than 17%.
The main principle behind zero trust security models is simple: never trust, always verify. This means that a company’s network should verify the trustworthiness of each entity, i.e., a device, user, service, etc., before giving it access. Additionally, the network is required to frequently reverify the entity’s trustworthiness during access to make sure it hasn’t been compromised. Zero trust architecture also entails that each entity is only granted access to the resources it needs, to minimise the impact of a breach, should it occur.
Implementing zero trust architecture is complex: taking a significant amount of time, typically split into phases, and requires prolonged cooperation between different teams and departments within an organisation. Consequently, organisations are feeling the increased pressure to adopt a zero trust security model sooner rather than later – with 90% of organisations listing zero trust as one of their top three IT priorities.
Increasing Supply Chain Security
The SolarWinds hack in 2020, which exposed 33,000 of the software developer’s customers to potential data breaches, was a stern warning for organisations of how much they’re a risk of supply chain attacks. In 2023, companies will continue to improve their ability to recognise where they’re most vulnerable to supply chain cyberattacks and work to significantly increase the cybersecurity policies and controls within their supply chain network.
Most importantly, this requires companies to get more adept at determining the full extent of their supply chain. This not only includes vendors with direct access to their data and digital assets but any sub-contractors those vendors employ, i.e., fourth-party suppliers. Companies also need to gain further transparency into their suppliers’ security practices, holding them accountable for lax controls, and requiring updated policies as a condition for contract renewal.
Polymorphic Malware
Polymorphism is defined as something having the ability to occur in several different forms. Emerging, advanced forms of malware utilise the concept of polymorphism to evade detection by antivirus software and other cybersecurity measures. The principle behind polymorphic malware is that if a certain strain of malware is known to have particular properties, new versions can avoid security scans if they’re slightly altered. This allows for countless versions of the same malware, which all perform the same malicious function, to appear different enough that it’s not recognised as malware.
—–
Conclusion
The above trends show that cybersecurity is more of a concern than ever for organisations in every industry across the globe. But the good news is that more and more companies are becoming more aware of the growing number and variety of cyberthreats – and are taking appropriate action.
Encouragingly, research has shown that 88% of organisations now view cybersecurity as an overarching business risk – instead of just a technical problem for their IT department to handle.
As this mindset spreads, it will educate more key stakeholders within organisations on the importance of staying up to date on cybersecurity trends. This will help engender more security-conscious environments and help organisations better decide where to focus their attention and resources to mitigate the cyberthreats they’re most susceptible to.