The World AI Cannes Festival is back Feb 8-10 and we're there! See live updates on what's new in AI this year
%402x.svg){kind=icon}
.svg)
There was a 38% increase in cyberattacks in 2022. 422 million lives were impacted.
Cybercrime is a nightmare for everyone - in fact, more Americans are afraid of a cyberattack than a nuclear attack - but for businesses that are entrusted with highly sensitive data and personal identifiable information (PII), the pressure is on. There were over 4,000 successful data compromises in 2022, including household names and entire countries.
In September of 2022, Uber's company defenses were hacked by an 18-year-old in a social engineering attack. He sent an Uber contractor a two-factor authentication notification urging the user to click a link for verification. Once the user’s account was compromised, the hacker used the company’s virtual private network to access network resources, gaining access to several of Uber’s systems, including AWS, GSuite, and Slack.
While no customer information was leaked, 77,000 Uber employees had their email addresses and Active Directory information exposed. The hacker also exposed source code, data destruction reports, IT asset management reports, logins, and other company information.
In 2022, Costa Rica declared a national emergency due to a series of ransomware attacks against critical institutions. The first attacks occurred from mid-April to early May and affected 27 government bodies, including the digital tax service and customs control system, as well as the finance ministry. The attacks impacted an estimated 800 servers and resulted in trade losses of $38 million to $125 million per day.
The second attack targeted the Costa Rican Social Security Fund, with an estimated 10,400 computers and more than half of the servers impacted, causing important healthcare systems to go offline and forcing doctors to cancel appointments.
In November 2022, the global communication app was compromised when a hacker uploaded a dataset to a public black hat hacking crime forum containing what they claimed to be up to-date personal information of 487 million WhatsApp users from 84 different countries. In the forum post, the alleged hacker said that the dataset included “very recent mobile numbers” of WhatsApp users and that among the records were details of 32 million U.S. users, 11 million UK users, and six million German users.
These phone number datasets were listed for sale for a mere few thousand dollars, opening nearly 500 million people up to future phishing and smishing attacks.
Organizations of all sizes felt the squeeze at the end of last year and in the beginning of 2023. High-profile layoffs have been in the news, and 85% of respondents in a new study indicated that they believe layoffs will continue to be necessary as the economy slows. Nonetheless, it's clear that U.S. businesses are investing in cybersecurity: Cybersecurity teams will be the least affected by staff reductions, as organizations anticipate an increase in cyber threats in 2023.
As we navigate the ever-evolving world of cybersecurity, it can be daunting to keep up with the latest risks and trends. With new threats emerging daily, the difficult search for experienced cyber talent, and rapidly advancing technologies, staying ahead of the curve is crucial for businesses.
From growth in open source software to the increasing prevalence of AI, this document will explore key trends that are expected to define the cybersecurity landscape for the rest of 2023 and beyond.
2022 was a busy year in cybersecurity, from Russia’s invasion of Ukraine to landmark elections around the world to the worldwide release of ChatGPT, Midjourney, and other generative AI tools. The remainder of 2023 and the beginning of 2024 will be marked by the convergence of social, economic, and technological aspects of security, which means that companies must cooperate with governments and private citizens to create a more secure ecosystem for all.
With such diverse risks, public and private organizations must prioritize their approach to cybersecurity to immunize their systems as broadly as possible within given budgets and tight timelines. That’s especially challenging given the economic atmosphere in the U.S. this year, marked by fears of recession and the resulting tug-of-war between industry layoffs and a tight talent market.
As a mission-critical function, cybersecurity is somewhat inured from economic downturn, especially because we know that when the economy goes down, cybercrime goes up.
A higher percentage of companies is investing in cybersecurity consulting and internal employees than ever before. In a global economy marked by disparate, overlapping, and proliferating cyber regulations, U.S.-based companies face increasing pressures and requirements to up their security game.
The cybersecurity talent gap adds to that pressure. Despite last year seeing the highest-ever levels of cybersecurity workers—4.7 million—there is still a need for more than 3.4 million security professionals. But a dearth of cyber-trained workers isn’t the only challenge to closing the gap.
As a bourgeoning field, 62% of cyber professionals in the U.S. have less than four years of experience. Companies naturally seek out industry veterans to lead mission-critical functions, but realistically, some of the most relevant talent in cybersecurity may well be early in their careers.
As a result, companies must consider creative ways to close the gap while the market waits for a new and larger crop of dedicated and trained cybersecurity workers to certify, graduate, and build experience.
cybersecurity professionals worldwide
cybersecurity jobs still vacant
cybersecurity professionals have <4 years of experience
For resilience against economic uncertainty, companies should spend this year focused on cyber hygiene—making decisions that bolster their cyber immune system and cover the fundamentals without over investing in technology.
While tools are a vital component of any cybersecurity strategy, they are not a panacea and can even detract from security if not managed with best practices.
Focusing on the fundamentals and on tailored solutions, as opposed to leaping to the top of the line, is especially relevant as we look into the next year and the rise of AI in cybersecurity. Machine learning and AI are the very near future in security efforts, but using AI to enhance cybersecurity requires a high degree of maturity within an organization. Before a company can train machines to recognize threat patterns, it must train its people to do the same.
The following pages cover upcoming trends that should drive decision-making in an efficient and effective way that addresses all three pillars of cybersecurity: social, economic, and technological.
Open-source software (OSS) can be quickly defined as computer software whose source code is made available to the public for anyone to view, use, modify, and distribute without restrictions.
The idea behind open source is that by allowing users to freely access and modify the code, the software can be continually improved and developed by a community of developers and users. It's obvious how this availability could pose threats and concerns in the cybersecurity landscape.
Simply put, the inherent problem of popular open-source code is it’s open. The transparency of open source allows anyone, good or bad, to examine the code for holes or gaps without requiring any fixes.
This chart demonstrates the potential risks and rewards for companies debating staying in, or moving into, OSS coding.
Open-source software is often created by a decentralized community of developers who may not have a direct relationship with users. This can make it difficult to hold anyone accountable if there are security breaches or issues.
Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.
Open-source software may have a slower update cycle, as the community of developers may take longer to identify and fix security vulnerabilities
Many open-source software projects rely on other open-source software components, and vulnerabilities in those components could affect the security of the overall system.
Open-source software may expose sensitive information if it’s not configured correctly or if default settings are left in place.
The source code is freely available, allowing users to examine the code for security issues or bugs and to verify that the software does what it claims to do.
Open-source projects encourage collaboration and contribution from a global community of developers, resulting in improved software quality and faster development cycles.
Open-source software can run on a variety of platforms and systems, making it more flexible than proprietary software.
Open-source software encourages innovation by allowing developers to build upon existing code and create new applications and tools - a necessary endeavor to keep up with emerging risks.
The open nature of the code allows for a larger pool of developers to identify and fix security vulnerabilities quickly.
In recent years, manufacturing has been the most targeted sector for cyberattacks. Though healthcare and government are commonly thought of as the highest-risk sectors, because of the potential large-scale consequences of breaches in these organizations, they tend to have the highest investment in cybersecurity.
Manufacturing has lagged behind in digital transformation efforts and therefore become a target-rich sector for cybercriminals. Because this threat exists, and will continue to grow, the classic manufacturing industry must make big moves over the next 12-18 months to predict and safeguard against cyber threats. The industry has already made great strides to improve cybersecurity maturity:
The manufacturing ecosystem plays a vital role in creating and distributing goods across industries. Factory lines and logistical networks have evolved into digital and intelligent IoT systems, opening manufacturing businesses up to increased cyber risk. Disruption of service attacks could not only affect people who have data leaked, but have real economical consequences.
The manufacturing sector is one of the most sophisticated global systems. The USA relies on China for goods, which in turn relies on Greece, and then ships to Australia. All these systems are interconnected and communicate with each other on a minute-by-minute basis. If one system goes down or if a country’s mainframe is hacked, the ripple effect could cause significant harm and financial repercussions, potentially on a global scale.
No company is completely insular. In the complex, interconnected ecosystem all organizations now operate in, managing those connections is critical to ensure the safety and security of an organization’s data and systems.
With an increasing number of businesses relying on third-party vendors for critical services, it’s more important than ever to look beyond the perimeter of your own organization and assess the risks and controls in place at these vendors.
Third-party vendors can be a weak link in your organization’s cybersecurity defenses, potentially exposing sensitive data to cybercriminals in the event of a data breach.
Hackers may target third-party vendors to gain access to your organization’s systems or data.
Third-party vendors may not have the same level of cybersecurity controls and oversight as your organization, creating potential vulnerabilities in your supply chain.
The 2013 Target breach highlights the potential risks that can arise through third-party vendors. Cybercriminals accessed Target's systems by stealing an HVAC subcontractor's login credentials and exploiting trusted access to infiltrate Target's network. Using sophisticated malware, the attackers stole payment card data from around 40 million customers during the holiday season, including names, credit card numbers, expiration dates, and CVV codes.
The control a company has over third-party vendors has historically been limited. However, in the era of open-source and AI-enhanced cybersecurity, expect vendors to partner with buyers to put up a united front against cyberattacks. Partnering with vendors and effectively managing third-party vendor risks can greatly enhance an organization’s cybersecurity posture, ensuring a more robust and resilient defense against potential cyber threats for all companies involved.
Leaders in this area will do the following to promote healthy and secure third-party vendor relationships:
We’re seeing a growing trend towards using economic controls as a tool to enhance cybersecurity, with the aim of promoting national security and protecting critical infrastructure from cyberattacks. In a global economy with growing dependence on technology and the IoT, it makes sense that governments are getting involved.
In 2023, increased economic controls signal a shift towards a more proactive approach to cybersecurity, in which governments are taking steps to mitigate cyber threats before attacks occur and limit the potential impact of cyberattacks on the economy and society at large.
However, economic controls are not without their drawbacks. Critics argue that they can stifle innovation and competition, limit access to essential technologies, and lead to the development of fragmented and protectionist markets. It will be critical for governments to strike a balance between promoting cybersecurity and maintaining an open economy.
Aims to establish a common framework for cybersecurity certification across member states and promote a more secure digital single market.
Restricts American companies from doing business with certain Chinese tech firms due to concerns over national security and cybersecurity risks.
Companies in critical infrastructure sectors like finance, energy, and transportation are subject to additional and increasing cybersecurity requirements and regulations imposed by government.
Organizations operating in a global supply chain must ensure that partners and suppliers also comply with government cybersecurity regulations and standards.
If a government imposes restrictions on the use of certain types of technology or services due to cybersecurity concerns, companies relying on those may need to find alternative solutions or risk losing access to critical resources.
Social influence has a major impact on policy, and balancing security with freedom of expression creates a difficult dynamic. In today’s interconnected world, social media can be a powerful tool for activism and organizing, but it can also pose significant risks to cybersecurity.
Social media has played an enormous part in Ukraine’s defense since Russia’s invasion in 2022—not only in rallying policy changes, fundraising efforts, and refugee support, but also by using user-generated content (UGC) in a grassroots cyber campaign to pinpoint Russian positions and equipment.
Since September 2022, social media has played a critical role in organizing and mobilizing Iranian protesters, allowing them to quickly respond to developments on the ground and bypass government censorship. On the other hand, it has also enabled the Iranian government to monitor and suppress dissent.
TikTok has been accused of sharing user data with the Chinese government, which has led to bipartisan calls for bans and restrictions on the app. The proposed ban, and the March 2023 Congressional hearing on the app’s data privacy and protections, caused an uproar from influencers and TikTok users despite security concerns.
These five trends shaping the future of cybersecurity demonstrate clearly how society, economy, and technology converge with security. Moving forward, widespread cooperation is key to answering individual concerns about transparency and free use while maintaining data integrity, national security, and a thriving global economy -especially as we reckon with an AI revolution that could change how all aspects of society work and interact.
The impending changes AI brings reinforce the importance of getting the fundamentals right. A solid understanding of risk, a fully-fledged risk management plan, and an updated people strategy that creates a cybersecurity movement within an organization are foundational to preparing for new challenges - and new opportunities - that lie ahead.
You can’t build up your defenses if you don’t know where they’re weak. Start by undergoing a cyber assessment to understand where your company stands.
MFA adds an extra layer of security by requiring users to provide multiple forms of identification before gaining access to a system. This can help prevent unauthorized access to sensitive data, even if a password is compromised.
Consistently backing up data can help mitigate the damage caused by a cyberattack. If data is lost or compromised, having a recent backup can help restore systems and minimize downtime.
Cybercriminals often exploit vulnerabilities in outdated software to gain access to systems. Keeping software up to date with the latest patches and security updates can help prevent these types of attacks.
Employees are often the weakest link in a company’s cybersecurity defenses. Providing regular training on cybersecurity best practices, such as identifying phishing emails and creating strong passwords, can help prevent cyberattacks.
A SIEM solution can help detect and respond to security incidents in real-time. This can help prevent attacks from escalating and minimize the impact of a breach.
Regular security audits can help identify vulnerabilities in a company’s cybersecurity defenses. This can help prioritize efforts to improve security and prevent future cyberattacks.
.jpg)
