As technology continues to evolve at an exponential rate, it’s not uncommon to feel overwhelmed or exhausted by the current rate of change. While new technologies are often introduced with the promise of benefits, they also introduce new challenges and risks.
In 2023, there will continue to be plenty of focus on big data, edge computing, quantum computing, DevOps, and containerization among other new and emerging technologies. From a threat perspective, we’ll continue to hear about botnets, zero-day attacks, cryptojacking, and other persistent threats that just won’t seem to go away.
What Are the Most Common Cybersecurity Trends or Threats to Be Aware Of?
For the purpose of this article, we’ve chosen to focus on four prevalent cybersecurity trends that deserve continued time and attention in 2023:
- Artificial Intelligence (AI)
- Cloud Security
- Internet of Things (IoT)
- Mobile Security
Artificial intelligence (AI)
It’s tough to browse the web these days, scroll through social media, watch TV, or listen to the radio without seeing or hearing something related to AI or machine learning (ML). Just today I read an article about Paul McCartney using AI to create what he referred to as “the last Beatles record”. There’s a heavy element of irony in that statement as AI was apparently used to extricate John Lennon’s voice to produce music. It raises the question – if AI helped to extricate or recreate a voice, is it really the last Beatles record?
Outside of the Entertainment industry, a quick search of the internet demonstrates AI’s welcomed or unwelcomed influence in practically every facet of our lives (e.g., Finance, Business, Regulatory, Medicine, and Technology, etc.). The Security industry is no different and has also been both positively and negatively affected by the rapid adoption and availability of AI technologies and toolsets.
With the ever-increasing sophistication and number of cyberattacks and techniques used by bad actors, it’s difficult to imagine how individuals and organizations can continue to protect themselves and their data from a growing list of known and unknown adversaries.
Today, organizations are adopting AI or AI-powered cybersecurity solutions to strengthen their cybersecurity posture and defenses. AI is capable of scanning and analyzing substantial amounts of data and identifying potential security threats much quicker than a human security team. According to IBM, in 2022, “breaches at organizations with fully deployed cybersecurity AI and automation cost $3.05 million less than breaches at organizations with no cybersecurity AI and automation deployed.”
The perceived benefits and growing demand for AI-powered cybersecurity solutions will continue to drive exponential growth in the AI cybersecurity market. According to Acumen Research, the AI cybersecurity market will grow from 14.9 billion in 2021 to 133.8 billion by 2020. As with the procurement of any vendor-provided solution, organizations will need to understand their cyber risk profile before making an investment in AI-powered cybersecurity solutions.
As with any new and emerging technology, there are those that will use AI with the intent of doing good and those who will find a way to use it for malicious purposes (e.g., hackers, cyberterrorists, etc.). Just as AI was used to help extricate John Lennon’s voice for a Beatles record, it’s also been reported to have been used in identity theft and social engineering cyberattacks. Specifically, the voice of a company executive or personal acquaintance has been recreated using AI to authorize fictitious transactions, commit fraud, or engage in the extortion of targeted victims. Other reported uses of AI for malicious purposes include utilizing AI to bypass or elude current security systems, automating the distribution of spyware, phishing emails, and distributed denial-of-service attacks (DDoS).
As bad actors continue to look for ways to utilize AI for malicious purposes, organizations will need to evaluate their own cybersecurity defenses to determine if AI technologies are needed to address the increasing threat that AI-supported security threats present. Smaller organizations that lack budget or resources may find themselves at a significant disadvantage if they are unable to procure AI-powered cybersecurity solutions to combat increases in AI-supported cybercrime and cyberwarfare.
The adoption of cloud computing will continue to accelerate in 2023. According to Gartner, global “end-user spending on public cloud services is forecast to grow 21.7% to total of $597.3 billion in 2023, up from $491 billion in 2022.” By 2026, “75% of organizations will adopt a digital transformation model predicated on the cloud as the fundamental underlying platform.”
As cloud adoption continues to grow, so does the number of cloud-focused attacks. According to IBM, in 2022, “45% of breaches were cloud-based.” Successful cloud breaches can typically be traced back to the lack of effective cloud governance, reduced visibility, and human error. Common issues include misconfiguration, compromised credentials, unauthorized access, and insecure interfaces.
Organizations that are considering cloud adoption should ensure a thorough risk assessment is performed to ensure cloud adoption risks are understood, risk mitigation strategies are defined, and a strong cloud governance model and policies are established and adopted prior to transitioning to the cloud. Organizations that are currently in the cloud should validate their cloud governance model and ensure it adequately meets current and emerging cloud-based security threats.
Internet of Things (IoT)
I logged into my home router the other day and was surprised to see the number of devices that were connected to my home internet. After years and years of buying and installing Internet-accessible devices, I was blown away by the number of devices that were currently connected to my home Wifi network. Fortunately, I recognized all of them, and nothing suspicious was noted, but it was eye-opening to see just how connected my home seemed to be.
It seems like anything today can in some form or fashion connect to the Internet. I use the word device, but I’m not sure that word adequately represents all internet-accessible objects (e.g., a car). IoT adoption continues to grow year over year. IoT Analytics reports that in 2023, IoT adoption is expected to grow by another “16% to 16.7 billion connected devices.” While internet-connected devices create benefits, they also introduce unintended or unexpected risks.
While many IoT devices lack storage capabilities or processing power, they could be leveraged to target and access more critical devices that could lead to data breaches, unintended exposure, or system compromise. The simplicity of most IoT devices presents challenges as it reduces the ability to implement and configure defensive safeguards.
While several regulations have been established to govern IoT device manufacturers and introduce cybersecurity measures within IoT devices, organizations and individuals need to exercise caution when connecting IoT devices to their networks to avoid expanding their attack surface. Consideration should be given to the following safeguards and risk-mitigating activities (where possible):
- Establishing a robust inventory of IoT devices.
- Disable or opt out of third-party data collection and monitoring activity.
- Enable any and all encryption capabilities.
- Ensure updates and patches are regularly applied.
- Change default passwords and enable multi-factor authentication (MFA).
Several factors have increased the adoption of mobile computing, including:
- The availability and increased processing power of mobile devices (e.g., smartphones).
- The proliferation of mobile applications and code.
- A growing remote workforce.
Connectivity enhancements, such as the introduction of 5G in 2019 have also improved the end-user experience for mobile users by offering increased speeds, bandwidth, availability, coverage, and lower latency.
As with IoT, organizations and individuals need to be aware of mobile device integrations and ensure proper cybersecurity safeguards are implemented and continuously monitored and managed. The strength of cybersecurity safeguards should be dictated by the data or systems that the devices are allowed to access. An increase in BYOD practices introduces additional complexities and risks that organizations need to understand and address in order to avoid the introduction of additional attack vectors within their environment.
In addition to the IoT safeguards and risk-mitigating activities noted above, endpoint detection and response solutions should be installed and vulnerability management capabilities implemented. Biometrics should be introduced where possible to support the authentication process. Mobile Device Management (MDM), Data Loss Prevention (DLP), and Cloud Access Security Broker (CASB) solutions should also be considered when evaluating an organization’s cybersecurity posture with respect to mobile devices.
Conclusion – What is the Future of Cybersecurity?
While additional cyber trends certainly exist, the four topics discussed will most certainly be topics that we’ll hear more about in 2023, and into 2024. Organizations need to take proactive steps to address these trends early on to ensure they are prepared for the outcomes, or effects that each of them will have on their organizations, employees, and clients.
For any additional questions surrounding this article, or if you would like to learn more about the many audit services provided by Linford, please contact us. Please feel free to check out some of our other blogs on security and cybersecurity:
- What are the Roles and Responsibilities of Information Security?
- The DoD CMMC: What You Need to Know
- Understanding Blockchain: Security, Risks & Auditing Tips
- How Is Your (Cyber) Hygiene?
- How to Choose a VPN When Working from Home: Data Safety Considerations for Coronavirus
- October Is National Cybersecurity Awareness Month (NCSAM): How It Helps You
This article was originally published on 12/22/2020 and was updated on 6/21/23.
Mark Larson started working in the technology industry in 1998 where he worked in a number of different roles prior to transitioning to the public accounting world in 2004 with Ernst & Young (EY). During his 6 years at EY, Mark provided both assurance and advisory services that spanned multiple industries for both public and private companies. After leaving EY, Mark filled leadership roles within Internal Audit, Technology, and Security functions for several companies. Mark specializes in SOC examinations and enjoys helping clients establish, formalize, and report on effective control environments while strengthening their security risk profile.