2023: The year geopolitical and economic clouds collide
Richard Walters, CTO of Censornet, looks at the 2023 cyber security trends that will be driving the market.
Ransomware: two sides of the rubble
One thing is clear as we enter 2023: criminal and state actors operate outside of regulatory frameworks. Over the course of 2022, we saw an unstable geopolitical situation drive a rise in state actors. Russia and its neighbouring countries are seen as the worst and most aggressive offenders, according to the National Cyber Security Centre. At the same time, a blind-eye is often turned to cyber activity in these countries, where policing structures lack focus on tackling cybercrime.
To slow down the spread of ransomware, there needs to be a move away from data protection and privacy discussions. Instead, we need a renewed focus on global partnerships and cooperation. Progress has been made but international agencies still need to interact, share, and cooperate faster and better.
The mid-market emerges as the soft underbelly for opportunistic cyber-criminals
The top targets for ransomware remain larger organisations in the education and healthcare sector. However, the mid-market is also coming under growing levels of attack. For too long, many have failed to recognise their supply chain vulnerabilities. Or, operated in the belief that they’ve got nothing worth stealing. However, cyber – in particular, ransomware – has become a systemic risk for companies of all sizes.
In 2023, the threats that the mid-market face will be the same threats that enterprises face. The difference is the reduced availability of internal resources, budgets, and expertise to manage these risks. To protect themselves effectively, mid-market companies will increasingly need to recognise their security challenges and look for security platforms that simplify protection. In particular, platforms that make complex technologies more affordable, accessible, and easy to implement and maintain.
Authorities need to urgently step-up and control artificial intelligence (AI), machine learning (ML), Operational Technology (OT) and Internet of Things (IoT)
We now live in an age where we can’t trust anything we see or hear. Algorithms can mimic tone of voice and create highly targeted phishing or social-engineered attacks that have much higher success rates. New image generation technology has led to the rise of deep fakes. Governments need to recognise the problem and regulate the release of powerful algorithms into the public domain. While some AI and ML technology is beneficial to the public, it is also incredibly dangerous in the wrong hands. Control over AI and ML technology is escaping, and the law needs to catch-up quickly before the problem gets out of control.
It’s also becoming clear that businesses are failing to learn the lessons of the past. At the turn of the century, insecure wireless routers were plugged into office networks because it was convenient. Yet it compromised security and gave unauthorised users access to computer networks. Now businesses are introducing insecure IoT and OT devices into the IT environment without enough consideration. The reality is that security is often an afterthought for the organisations producing these powerful connected devices. In 2023, we urgently need to see international standards that regulate and govern OT and IoT.
Economic concerns mean security investment risks trailing behind the threat landscape
Economic concerns will remain top of mind, while inflation is creating an environment where prices are getting out of control. In response, many businesses will be tempted to put new cyber projects on hold and compromise on levels of protection. For example, businesses tend to rely on ubiquitous solutions for email and phishing protection. With the high volume of emails sent today, there is recognition that no system can stop absolutely everything. Businesses have accepted a certain loss of efficacy due to concerns about the cost of change and the disruption it can cause. However, cybercriminals also recognise this. Malicious actors are writing phishing attacks and ransomware-as-a-service that has been deliberately designed to get past the most prevalent defences.
Over the next year, the threat landscape will continue to accelerate and become more dangerous due to the turbulent geopolitical landscape. This will drive businesses to question whether they should continue relying on existing large-scale providers to avoid the cost of change. Or, whether they should switch to specialist providers who can deliver a better level of protection.
Businesses will re-evaluate the value of cyber insurance policies
With the increasing volume of successful cyber-attacks has come an exponential increase in the cost of cyber insurance policies – with increasingly limited cover. Part of the challenge is that cybercrime remains the wild west. Threats are evolving rapidly, and businesses have varying levels of cyber maturity, with digital supply chains introducing new risk factors. All of which make it difficult to price risk and build a line of business that is effective and profitable for insurers.
As businesses battle inflation and a global downturn, many will start to weigh-up whether to invest less in cyber insurance. Instead, they may seek to reduce their risk exposure by introducing preventive controls that identify, protect and adapt to new threats in real-time.