1 / 8

Seceon 2023 Cybersecurity Predictions by Seceon Thought Leadership - Seceon

Seceon focus on leveraging Artificial Intelligence (AI) and Machine Learning (ML) to identify and counter sophisticated and stealthy cyberattacks, as well as using AI and ML to generate advanced cyber threats. Call Us: 1 (978)-923-0040

Companyseceon
Télécharger la présentation

Seceon 2023 Cybersecurity Predictions by Seceon Thought Leadership - Seceon

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Seceon2023CybersecurityPredictionsbySeceonThoughtLeadership-SeceonSeceon2023CybersecurityPredictionsbySeceonThoughtLeadership-Seceon +1 (978)-923-0040 info@seceon.com Seceon2023CybersecurityPredictionsby SeceonThoughtLeadership byPushpendraMishra|Feb3,2023|aiSIEM,aiXDR,CyberSecurity Company,Ransomware Detection,Service Security Providers| 0 comments

  2. Seceon2023CybersecurityPredictionsbySeceonThoughtLeadership-SeceonSeceon2023CybersecurityPredictionsbySeceonThoughtLeadership-Seceon This is Part II of our first blog of the new year, one in which we tackle 2023’s top cyber challenges and provide the information you need to make you ready.We’ll share our insights and recommendations so that you can make cybersecurity a part of your healthy business strategy and best prepare for the path ahead. In our opening segment we reviewed the events in2022we forecastedin2022 intermsof theirimpact andwhatwe learnedfromthem Nowlet’sdiscusssomecommonthemesweseeoccurringwithevenmorefrequencyor velocity in 2023 along with how to prepare for these developing trends and some proactive cyberstrategies to implement forthe coming year. 2023SeceonPredictionOne:Theemergenceofcloud-nativesecuritysolutionsto protectcloud-based systems andapplications. In 2022, outsourcing code development led to a 65+% increase in code leaks. Even with “airtight”outsourcingcontractsorSLAs,theriskofpoorprivacypractices,storageand developmentpracticeshasledtothissignificantincrease.Publicrepositoriesareclearlynot well protected. GitHub frequently leaks API and Cryptographic keys. According to a study from NorthCarolinaStateUniversity,over100,000GitHubReposleakedAPIorcryptographickeys in 2022. They also found that thousands of new API or cryptographic keys leak via GitHub projectsevery day. Lets continue down this API Security path, however. We’ve seen a 300% increase in API traffic anda600%increaseinAPIattacks.APIsecurityisakeycomponentofmodernweb application security. APIs may have vulnerabilities like broken authentication and authorization, lackof rate limiting, andcode injection. TheexposuretoinsecureAPIshassky-rocketedandonlyanaryfewarepayingattentiontothe expandingexposure. The first step is to find and catalog every API on our network. Who does this today? Almost no one. Why? Because of the intense pressure of developer convenience, John Kindervag, the Forrester analyst who coined the term “zero-trust”, claims developers have more power than Cybersecurity folks these days, rapid coding and website development, combined with the increasingdrivetowardfederatedservicesallcontributetorandomAPIspoppingup everywhere, and entirely without any sort of registration structure acting as the grown up in the room. FindingandcatalogingneedtobetakenseriouslyasevenonemissedAPIrightnow,canleave yourcompanyopentocyber-attack.

  3. Seceon2023CybersecurityPredictionsbySeceonThoughtLeadership-SeceonSeceon2023CybersecurityPredictionsbySeceonThoughtLeadership-Seceon SettingupsecurityandperformanceautomationforeveryAPIisthenextstep.That performanceautomationaccommodatesAPItesting,criticaltosecurityreadiness.Both functional and non-functional tests are essential as it is not enough to know that the API performsasadvertised,butalsothatitdoessoinasecureandreliablemanner.FailingAPIs are common, but what isn’t common is understanding the consequences of the failure. Non- functionaltesting will do that. When pen-testing and securing an API, start with behavioral analysis. Here’s where you match reality to documentation – it is a good time to discover what happens to your system as a whole whenan APIfails.Youmayalsodeterminewhetherthebuildpackageisbuggyand/or vulnerable. You will want to assure the process service levels are prioritized for the right service levels, rate limitingfortransactional APIs,min/maxrequestlatencysettings,andavailabilitywindows. Some of these details are important to identify slow memory leaks or garbage collection issues thatmight bea long-termthreat tothe integrityof the server(s)and network. Authentication issues should come right out of the Zero Trust handbook and determine the levels of trust you assign for the API’s users. Apply the standards required for specific DAAS accessand test the limitationsbefore use. When responding to an API attack, the first rule should be to kill access – an API should never failinanopenstate.WhetheryoucaughttheattemptyourselforviaAI/MLdetection,follow yournormal recoveryprocess andnever shiftdown justbecause it’s anAPI. Bytheendof2023,APIsecuritywillseparatethemediocreCISO,focusingsolelyon infrastructure from the masterful CISO who addresses actual business threats and ensures survivability. Creating a system for API security, and reusable interface testing automation that keeps your API inventory up to date will pay off big when those headlines start talking about API security andnot just our oldnemesis, ransomware. 2023SeceonPredictionTwo:AheightenedfocusonleveragingArtificial Intelligence (AI) and Machine Learning (ML) to identify and counter sophisticated and stealthy cyberattacks, as well as using AI and ML to generateadvanced cyber threats. Everyone uses AI and ML so why is this an important area to consider? Because breaches at organizationswithfullydeployedSecurityArtificialIntelligenceandMachineLearned automation spend less than half on a data breach, than those who do not have this automation inplace. Hereisasecondconsideration.Simplyput,thebadguysareusingthesetoolsagainstthe interestsandcapabilitiesofthegoodguys.Let’ stakealook.

  4. Seceon2023CybersecurityPredictionsbySeceonThoughtLeadership-SeceonSeceon2023CybersecurityPredictionsbySeceonThoughtLeadership-Seceon The arrival of the amazing AI-enabled chatbot called ChatGPT last month has been wowing the techcommunitywiththeirballcapsfacingforward,whileitisalsoallowinghackersbehind emailandtext-basedphishingattacks(alongwithmalwaregangs)tospeedupthe developmentof their schemes. Those who pooh-pooh the under-achieving Open AI chatbot have 1) never spent any time with her, 2) don’t grant slack to a product that has been released in beta during only its second month of field trials with millions of users and 3) ignore the billion + VC investment in the space in the last couple of months even under the shadow of the great conman, Samuel Bankman- Fried’s attempt at billionaire crime. Herearesomeearlyinstantiationsofhighnoteworthiness: Several serious cybersecurity researchers have been able to get the ChatGPT to write really good phishing emails and malicious code for them in the last 30 days, mirroring what the Malware mafia were getting good at – incorporating plausible humanlike and undetectable tacticsinto their recent attackportfolio. Researchers at Check Point Research verified that they got a “plausible phishing email” from ChatGPT after directly asking it to “write a phishing email” that comes from a “fictional web- hostingservice.” Abnormal Security tested ChatGPT to write an email “that has a high likelihood of getting the recipientto click on a link.” On the question of liability,OpenAI has implemented a few content moderation warnings into thechatbot,onesthatresearchersarefindingeasytoside-stepandavoidpenalties. Remember,thisis abeta release1.0 onthe marketunder intenseconditionsfor 45days. ForthosewhodonottakeChatGPTseriously, wesaythis:Organizationsarealreadystruggling to fend off the most basic of attacks — including those in which hackers use a stolen or leaked password to log in to accounts – would be hard-pressed to stave off costly breaches using simpleAI capabilities. 2023SeceonPredictionThree:TheRoleoftheCISOisHarderandMoreDangerous ThanEver Before Fouryearsago,thethreatlandscapewassuchthataCISOcouldgetthejobofasset protection done by twisting a few knobs and turning some dials. It could have been argued at thattimethatCISOsshouldreporttotheCEO,notbecausethejobwassointegralwiththerest of a company’s functions, but because there could be clear and direct communication between theonepersonabletoassessthetechnicalthreatandoperationalrisk,andtheoneperson responsibleforthebusinessoutcome.

  5. Seceon2023CybersecurityPredictionsbySeceonThoughtLeadership-SeceonSeceon2023CybersecurityPredictionsbySeceonThoughtLeadership-Seceon Today, I argue that the CISO should still report to the CEO, but for entirely different reasons. In just four years, the threat landscape has evolved into impossible complexity with amazingly smart adversaries launching continual attacks with new and hideously polymorphic vectors with multiplebusinessunitspushingdigitaltransformationprogramsregardlessofthecostof securityand protection. Today, the job of asset protection and threat defense is not only integral to the company’s businessfunctions, butmost ofthose functions couldnot existwithout it. No one at the C-suite or Board level understands this however, because even today, very few senior executives take the time to understand the issues, risks and vulnerabilities around Cybersecurity and most CISO’s and CIO’s do not explain them well and in business terms. To makemattersworse,veryfewifanyunderstandtheactualliabilitiesandfiduciarycare requirementsof their role. If you did a random poll, I think most would say today’s threats are very sophisticated and therefore difficult to prevent. The truth is that the bulk of today’s attacks cannot be categorized as sophisticated at all. The reason we are attacked so successfully and so often is we continue tomaintainpoorhygienewhichleadstounpatchedknownvulnerabilities,misconfigured containers,unsecuredDNSandAPIsexposedtotheInternet.Inaddition,ourdevelopment rigor is sloppy. We build code without knowledge of the transitive dependencies inherent in the open-sourcelibraries,APIs,andsoftware weincorporate intoour agilepushes. Today, we don’t design code with security at the beginning. We often don’t design code with securityatall.But,itseemstheBoardandC-suitewanttobelievethatweareattacked because we are being outsmarted by our adversaries. While we are occasionally, sophisticated attacksare rare. Until the CISO role is perceived as peer, the rest of the C-suite will continue to think of security folksas thederanged department ofno and continueto ignorethem. 2023SeceonPredictionFourCybersecurityprofessionalswillseeanincreased emphasisonactive, real-timesecuritymonitoring andanalytics. If you are a business with a traditional insurance carrier, there is a fair chance you’re not getting renewed. You’ll need to understand your ‘residual’ risk since you may not be able to get cyber insurance. Andthepriceiscertainlygoingup,onaveragebyupto20%whatyoupaid previously,if your program isproven to bein order and workingwell. Recent research reports that hundreds of millions of attempted cyberattacks that occurred everydaythroughout2022showthatmalwareincreasedby358%overallascomparedwith 2021withnoendtotheriseinsight.

  6. Seceon2023CybersecurityPredictionsbySeceonThoughtLeadership-SeceonSeceon2023CybersecurityPredictionsbySeceonThoughtLeadership-Seceon 76% of IT Professionals believe a successful attack against their firm is imminent, deepening pessimism, precipitated by steep rises in remote work, BYOD, 3rd party risk, insider error, and stepping into the cloud without knowing how to defend it. Cyber insurers have taken notice and are placing demands on the industry to have continuous security monitoring and the ability to mitigateor remediate threats,every minute, every day. It is no longer acceptable to have nearly 80% of senior IT leaders believing their organizations lack sufficient protection against cyberattacks as they did in 2021.With cyber incidents on the rise, here’s what to expect and what you can do to best position your organization when shoppingfor cyber policies. Doyouhaveamitigationandremediationcybercapabilityforthesetop10Risks? VendorRiskManagement AccessControl System Security Plan Contingency Planning Employee Mitigation DataClassification Logging and Monitoring IncidentResponsePlanning Configuration Management CybersecurityGovernance Doyouhavetherighttechnologiesinyourtopactionslistsuchasmulti-factorauthentication (MFA),encryption,vulnerabilitymanagement andsecurityevent management? HaveyoudevelopedaskilledSecurityOperationsfunction? HaveyoufocusedonemergingandspecialchallengeslikeIoT? Key points about incidents we’ve handled in 2022 – it isn’t just ransomware (but as we pointed out at the top, that’s the headline) – but how do we fall victim? We hear a lot about the end resultbut,unfortunately,ourexperienceiswearehearinglessaboutwhyithappened–and thisis the criticalpoint. What doyou need todo to notfall victim? Interesting point: phishing has trended down (from around 50%) to 30% – it’s becoming easier toexploit vulnerabilitiesnow, thanit was inthe past.What doesthis tell us? First thing is to not get tunnel vision – you still need a comprehensive cybersecurity program (manyorgs focus on just phishing!) VulnerabilityManagement is stilla huge problem, asare weak passwords, poorsecurity controls,andemployeetraining,andmobiledevicesecurity.HavinganIncidentResponse capabilityisamust-havebutsoarepre-determinedpoliciesandprocedurestoaccelerate

  7. Seceon2023CybersecurityPredictionsbySeceonThoughtLeadership-SeceonSeceon2023CybersecurityPredictionsbySeceonThoughtLeadership-Seceon recovery from ransomware and other attacks along with a set of playbooks to mitigate or remediate (these two terms are not the same, mitigate buys you time, remediate stops the aberrantaction). Other“smart”actions: Investinmodernmalwaredetectionandcyberthreathunting Haveanalyticsthancandeterminewhetheranydatawascompromisedorleaked Seekoutautomationandautonomousresponsecapabilitiestoworkmorecohesivelyand comprehensivelywith fewer resources. Visibility iskey.Logasmuchasyou can,andhavedatavisualizationtoolstomine key metricsand gain context. Insurers in some high-risk sectors are reducing their exposure by reducing coverage limits or reducingcoverages,andplacinglowerlimitsonransomwarepayouts.Someoftheindustries whereinsurershave reducedtheirexposures includehealthcare andeducation. Someinsurershavebeenreducingtheircyberriskexposurebyaddingmorerestrictivepolicy termsandincluding additionalexclusions totheircyber andnon-cyberpolicies. Every company will face cyber risk in 2023, no matter its size. The more diverse you are, the more areas of vulnerability you have so the ramifications are serious. You must take a digital assetapproachto cybersecurityin ourdigitalized world.Seceon ishere tohelp. As we welcome you to 2023 we want to be sure to thank everyone that is working hard to make cybersecurity effective and valuable, something that is respected. This is hard work and we certainly never expect anyone to do it alone.Cybersecurity is about people as much as it is aboutbusiness,andwevalueeachandeveryoneofyou.We’relookingforwardtoworking with many of you during 2023 and doing our very best to ensure we’re all prepared and protectedfrom all that isand what is tocome.

  8. Address - 238 Littleton Road Suite #206 Westford, MA 01886 Phone no - +1 (978)-923-0040 Email Id - sales@seceon.com Website - https://www.seceon.com/

More Related