Cybersecurity capabilities and awareness is improving, however the threat and sophistication of cyber - attacks is negatively progressing .
For 2023 onwards, the focus should be on cyber - attack surfaces, and vectors to determine what can be done to mitigate threats and enhance resiliency and recovery.
Deep fakes are already being deployed and bots which is a automated software application that performs repetitive tasks over networks is out of control, added layer is the geopolitics of Russian invasion of Ukraine
Digital Ecosystem - The emerging digital ecosystem is unsafe. In the current digital environment, every business entity is a target for reputation damage, and financial loss. Therefore, is at risk of security breach and or compromise.
Consider these Digital Ecosystem Statistics
According to Deloitte Center for Controllerhship poll, executives in 2022 reported cyber adversaries have attacked or planned on attacking the accounting or financial data and expect an advent rise in cyber attacks.
In my opinion, Artificial Intelligence (AI) and Machine Learning (ML) are valuable tools to navigate the cybersecurity landscape and synthesize data and predict threats. For example, they use predictive analytics to draw statistical inferences to mitigate threats with less resources. Both AI and ML provide faster means to identify new attacks, draw statistical inferences and push that information to endpoint security platforms.
AI and ML for Cyber - Defense
While AI and ML is instrumental in cyber defense it can also be a double edged sword. Beneficial if used to identify anomalies and enhance cyber defense capabilities. A Con to this is when used by threat actors to search and exploit vulnerabilities in threat detection models. Those most vulnerable are small businesses, organizations and healthcare institutions as these entity may not employ ML and AI. Open Source refers to any software with accessible source code that anyone can modify and share freely. Many known number of vulnerabilities have been reported by organizations penetration testing and patching that can be used to detect the issue. Unfortunately, patching as a method is not being applied as such.
One of the ways hackers take advantage of code vulnerabilities and open source flaws is through zero - day exploits. In my opinion, a remedy to avoid vulnerability exploit and keep open source code updated.
Phishing Preferred Method for Hackers
Phishing is still the preferential method of choice for many hackers. Phishing is commonly defined as a technique used by hackers to exfiltrate valuable data, or spread malware. It's easy to be fooled by a targeted phish. Many of times it will come from personal email for someone in high authority, bank, organization, or website one is frequenting. Mis-spelled words and poor grammar is no longer present, fraudsters have grown more sophisticated, and employees need to keep up with the paradigm. Its a good idea to monitor social media accounts and credit accounts to see if there are any anomalies.
Business Email Compromise
Business Email Compromise (BEC),attacks are no longer limited to traditional email accounts, attackers are now leveraging a new scheme called Business Communication Compromise to take advantage of large global corporations, government agencies and individuals. They are leveraging colloboration tools beyond email that include chat and mobile messaging, including popular cloud - based applications such as Slack, Whats Apps, Linkedln, Facebook, Twitter. In my opinion, a good remedy is to have in place a strong risk management approach, includes knowing your inventory gaps, and orchestrating an appropriate cyber - tool stack.
Increases in Identity Theft
Clearly, there has been an advent rise in identity theft due to greater visibility and application. Use of strong passwords and monitoring your bank accounts and credit scores will aid in eliminating present and future headaches.
Macro Risks to Watch out for in 2023
Excellent instrumental report prepared by Bipartisian Policy Research Center on top eight macro risks to watch out for in 2023.
Click Here to read the report: https://bipartisanpolicy.org/report/top-risks-cybersecurity-2023.
Hope you benefit from this article.