It might feel that 2022 is barely half over, but InfoSec leaders should already be thinking about next year’s cybersecurity strategies — and to do that, they need to be aware of the latest cybersecurity threats.
To some extent, cyber threats have remained more or less the same for decades; rather than developing new methods of attack, cybercriminals have merely honed their existing methods to make them more effective and more devastating. Still, the threat landscape continues to evolve, and going into 2023, CISOs and security executives need to develop plans to combat the following growing concerns:
Social engineering is far from a new threat. In fact, in many ways, social engineering is one of the oldest methods for perpetrating fraud, as it leverages typical human behavior to create vulnerabilities that allow for successful criminal attacks. In the Digital Age, social engineering has proved a much easier path to cyberattack as it is much simpler to trick a person into making a mistake — like divulging login credentials or dismantling a firewall — than it is to fight through a vast array of security systems. According to Verizon’s Data Breach Investigations Report, over 85 percent of data breaches involve some human interaction between attacker and victim.
In the past, social engineering attacks were relatively easy to avoid by anyone with a basic degree of cyber hygiene. However, into 2023 and beyond, cybersecurity experts predict social engineering to become more and more advanced. Utilizing artificial intelligence, criminals can better disguise their attacks, confusing even the savviest of users and convincing them to lower their security in a critical way. CISOs will need to invest in more rigorous training not just for InfoSec staff but for the entire organization, to ensure that no worker is susceptible to this form of attack.
Businesses are complex, and many business leaders do not have the wide-ranging expertise to oversee strategy, budget and more for every essential department. As a result, more and more organizations are engaging in outsourcing, migrating even critical business functions to specialized third-party partners who are better equipped to handle such responsibilities.
Unfortunately, this means that a number of third parties have privileged access to an organization’s data and systems, and often, those third parties maintain much lower standards for cybersecurity. As a result, cybercriminals are turning their attention to third parties, who are much easier to breach. Security executives need to consider the coverage of their security systems, extending them to third parties, contingent workers and more as necessary to keep data safe.
Digital systems are exceedingly complex, and even the most attentive and dedicated IT professionals make mistakes that result in vulnerabilities. Misconfigurations happen; one report suggests that 80 percent of external penetration tests identify at least one exploitable misconfiguration, and internal system access raises that figure to 96 percent. Unfortunately, misconfigurations happen more frequently when IT staff is stressed — as occurs during periods of economic instability, socio-political upheaval and career uncertainty, like a years-long pandemic.
Ponemon Institute reports that half of IT experts have admitted that they are not certain about the effectiveness of their current cybersecurity tools and strategies. CISOs and IT executives need to crack down on misconfigurations to eliminate exploitable vulnerabilities with regular testing and maintenance from certified security staff.
Undeveloped Attack Response
Cybersecurity is an arms race, with the bad guys struggling to develop better weapons and the good guys working to shore up their defenses. The result is that even the most robust cybersecurity programs will likely eventually succumb to attack, as evidenced by some of the biggest names in tech suffering from massive data breaches in recent years.
Just as important as the systems and strategies for protecting a business’s data and network is the business’s plan for responding to an attack that is already in progress. Security executives need to invest time into developing post-attack procedures, which will guide their cybersecurity teams to the right behavior for mitigating damage and recovering from an attack as quickly and efficiently as possible. Leaders need to consider the correct response to many different types of attack, so no worker is ever left guessing about what to do when an attack occurs.
Thinking ahead is what a cybersecurity executive is paid to do. Experts anticipate these to be among the most significant threats of the coming years, so CISOs and their security leadership team should focus on finding solutions that fit their effective cybersecurity strategy.