It’s the year of the water rabbit. It’s also the year of the nation-state ransomware…
It’s that time of year again when cybersecurity professionals consult our tea leaves and are obliged to play augury for the year to come. This year, however, it feels like the writing is already on the wall, and several glaring areas offer easy insight into the coming months.
Nation-state bad actors step up activities even further
According to the 2022 Microsoft Digital Defense Report (MDDR), released in November ’22, the number of cyber-attacks targeting critical infrastructure conducted by nation-states rose 20% to an uncomfortable 40%. This is primarily due to organizations being more in the firing line as a by-product of current geopolitical tensions and world conflict. Nation-state threat actors are just getting started, and this will make nation-state cybercrime everyone’s problem.
While bitcoin will still be a popular blackmail request, don’t be surprised if we see new demands through ransomware. It may be that the likes of agencies and government departments begin to see demands of a more political nature – such as the release of prisoners, withdrawal of international support, or the easing of sanctions.
Microsegmentation is the new black
Microsegmentation is rapidly becoming the industry standard for Zero Trust best practices.
A massive step up from traditional network and application segmentation, microsegmentation is far more nuanced and granular down to the individual workload level. Dividing data stores into individual sectors, with individual permissions based on automated benchmarking, it is the number one tactic for preventing lateral movement by bad actors should a breach occur.
By 2025, microsegmentation will be the standard practice to protect local and cloud data centers. It is reported that 91% of organizations that haven’t already adopted microsegmentation plan to do so in the next 12-24 months.
Cybercrime-as-a-service is open for all
Between two and a half and three million people visit the Dark Web every day [Tor Metrics], and more people – including notably more savvy digital natives – are becoming aware of how easy it is to access and the benefits of a cryptocurrency wallet. While these people are all looking for different things, from hidden services to research data, one of the most extensive growing services available to anyone with the right browser is cybercrime-as-a-service (CaaS).
In 2023, any unsatisfied shopper, unscrupulous journalist, malevolent competitor, slighted ex-partner, embittered former employee, or victim seeking retribution, has access to the services of a professional cybercriminal willing to commit fraud, conduct a social account takeover, or spy on someone’s mobile phone activity.
Anyone looking to spread the seeds of chaos can hire a dark web bad actor – invariably for less than the price and effort of seeking justice through the court system. Across all threat vectors, including malware and ransomware, this makes cybercrime everyone’s problem.
Cybersecurity staff are still going to be in short supply
With the demand for cybersecurity skills constantly increasing, teammates moving sideways into consultancy or leaving the profession altogether, the cybersecurity talent pool still woefully lacking diversity, the ongoing challenge of keeping employee skill levels up-to-date, and employers having unrealistic skill-level expectations, experienced cybersecurity professionals will continue to be as rare as hen’s teeth.
Organizations will have to lean more on cost-effective, automated, and time-saving solutions. CISOs will have to prioritize budgets for training and internal comms (let’s stop colleagues from falling prey to those phishing emails) and take advantage of an automated behavior-based approach to discover, clearly show, and map application dependencies on the journey to cloud migration. Tools will need to support security teams with frictionless DevOps processes. If a breach occurs, teams need clear alerts to act immediately, with minimum fuss.
Staff retention will remain important, with respect, appropriate remuneration, and trust still being cited as the major factors behind keeping the right people.
More cybersecurity insurance, but harder to get
Organizations will want to be seen as prepared, which means following demanding industry standards, including organizational cybersecurity practices in ESG reporting. It also means cybersecurity compliance, but the requirements of that compliance will undoubtedly become more stringent. As cybersecurity attacks continue to rise, so will premiums and stricter requirements to obtain insurance. The likes of microsegmentation for Zero Trust practices will be standard, not just nice to have, in the cybersecurity insurance policy requirements of the year to come.
Nothing is written in stone
No one gets to ignore their cybersecurity preparation in 2023. Every year something seems to happen that disrupts our industry, be it Covid or world conflict, but prior planning will save many headaches in the coming months if organizations are adequately prepared.
It doesn’t take a fortune teller to see that 2023 will be a challenge for security teams and organizations, where doing more with less will be an even more significant part of the job description.