Of course, there's AI and ML that would make a major impact on cybersecurity, but there is every likelihood that ransomware too will become creative
Circa 2022 was indeed a monumental year when it comes to cybercrime and its impact. On top of new and increasing remote-work threats, the world witnessed continued nation-state threats and attacks on big-name companies.
In this article, we are attempting cover the top trends to watch for 2023 — including the rise in cloud application use, ransomware-as-a-service, and the use of automation in security programs. Here are some trends we expect to witness over the next twelve months:
Artificial intelligence and machine learning will continue to be increasingly integrated into cybersecurity systems, allowing for more efficient detection and prevention of cyber threats:
All cyberattacks are now AI/ML enabled. In 2022, particularly we saw a rise in Russian nation-state cyber attacks and it was found out that all the bad actors are taking advantage of AI/ML techniques. It’s very important now for entities to use AI/ML backed tools to at least thwart 99% of such kinds of attacks. It has to be an essential part of every cybersecurity strategy because the scale at which cyberattackers are using these advanced technologies against entities is unprecedented.
Technology that identifies set behavior patterns and reports anomalies immediately for quick response and detection is the need of the hour. Cybersecurity vendors are looking at customized solutions for customers who work in multi-cloud environments to suit their different on-prem and cloud needs. Customers mostly prefer a single platform which can be just plugged into the system and gets up and running. We have seen use cases of companies using automation for threat detection and response actually getting good ROI against the cost of a potential data breach.
As more data is processed by applications and services in Amazon, Microsoft and Google cloud environments, security professionals will spend more time scrutinizing security processes and controls in these environments:
As the journey to cloud has accelerated in the last couple of years, data security has become complex. Earlier enterprises didn’t have to think much about data classification, sensitive data discovery, governance, structured and unstructured data, access controls, etc. With the rise in cloud adoption, they are facing a lot of challenges in working through all these complexities in hybrid environments.
The new work culture where anyone can work from anywhere from their own devices leaves a lot of data vulnerable with multiple endpoints being generated. This also calls for the need of skilled employees who have experience in areas like legal, policy, risk, who can navigate all this to protect the data and keep it in line with the country’s laws.
Ransomware groups will be more creative and continue to threaten organizations:
Ransomware attacks will be on the rise this year as well. The more enterprises are willing to pay attackers to release their data, the more these will keep coming at us. It is a lucrative business and no amount of slowdown in the cryptocurrency market will stop the attackers. They are going to find new ways of ransomware payments which cannot be tracked by law enforcement agencies.
Cyber insurance policy is not going to be a panacea for everything:
Enterprises should not think that getting a cyber insurance policy might solve all their problems related to ransomware, data protection or regulation. Cyber insurance is an important part of your overall cybersecurity strategy but it is not a one stop solution. You have to invest in key controls which are spelled out in those policies, otherwise the insurance companies might choose to just walk away because of the scale and enormity of threats that are out there.
API risks have increased:
Understanding how many connections are made in a hybrid environment and what are the monitoring and access controls required is critical to stop API based attacks. API security is by far the hottest trends on new security products. Visibility and inventory are two most primary aspects that enterprises need to look at in API security.
In conclusion, this year might be challenging when it comes to data security, but there are a lot of measures that companies can put in place to become resilient. One thing we need to make sure is that security teams are supported by the top management leaders in terms of providing technology, funds, vendor support and other resources.
Research released by privileged access management (PAM) provider Delinea surveyed 2,100 IT decision makers, and found that 75% of IT and security professionals believe they’ll fall short of protecting privileged identities because they don’t get the support they need. Therefore, it is critical that business leaders treat security as a priority and a potential business risk.
(About the author: Maheswaran S is the Country Manager, India at Varonis Systems. He has extensive experience in developing security policies and processes for enterprises across business domains. The views expressed here are his own.)