Seceon 2023 Cybersecurity Predictions by Seceon Thought Leadership

1
Seceon 2023 Cybersecurity Predictions by Seceon
Thought Leadership - Seceon ? 1
(978)-923-0040 ? info_at_seceon.com
Seceon 2023 Cybersecurity Predictions by Seceon
Thought Leadership by Pushpendra Mishra Feb 3,
2023 aiSIEM, aiXDR, Cyber Security Company,
Ransomware Detection, Service Security Providers
0 comments
2
Seceon 2023 Cybersecurity Predictions by Seceon
Thought Leadership - Seceon
This is Part II of our first blog of the new
year, one in which we tackle 2023s top cyber
challenges and provide the information you need
to make you ready. Well share our insights and
recommendations so that you can make
cybersecurity a part of your healthy business
strategy and best prepare for the path ahead. In
our opening segment we reviewed the events in
2022 we forecasted in 2022 in terms of their
impact and what we learned from them Now lets
discuss some common themes we see occurring with
even more frequency or velocity in 2023 along
with how to prepare for these developing trends
and some proactive cyber strategies to implement
for the coming year. 2023 Seceon Prediction One
The emergence of cloud-native security solutions
to protect cloud-based systems and
applications. In 2022, outsourcing code
development led to a 65 increase in code leaks.
Even with airtight outsourcing contracts or
SLAs, the risk of poor privacy practices, storage
and development practices has led to this
significant increase. Public repositories are
clearly not well protected. GitHub frequently
leaks API and Cryptographic keys. According to a
study from North Carolina State University, over
100,000 GitHub Repos leaked API or cryptographic
keys in 2022. They also found that thousands of
new API or cryptographic keys leak via GitHub
projects every day. Lets continue down this API
Security path, however. Weve seen a 300
increase in API traffic and a 600 increase in
API attacks. API security is a key component of
modern web application security. APIs may have
vulnerabilities like broken authentication and
authorization, lack of rate limiting, and code
injection. The exposure to insecure APIs has
sky-rocketed and only a nary few are paying
attention to the expanding exposure. The first
step is to find and catalog every API on our
network. Who does this today? Almost no one.
Why? Because of the intense pressure of developer
convenience, John Kindervag, the Forrester
analyst who coined the term zero-trust, claims
developers have more power than Cybersecurity
folks these days, rapid coding and website
development, combined with the increasing drive
toward federated services all contribute to
random APIs popping up everywhere, and entirely
without any sort of registration structure acting
as the grown up in the room. Finding and
cataloging need to be taken seriously as even one
missed API right now, can leave your company
open to cyber-attack.
3
Seceon 2023 Cybersecurity Predictions by Seceon
Thought Leadership - Seceon Setting up security
and performance automation for every API is the
next step. That performance automation
accommodates API testing, critical to security
readiness. Both functional and non-functional
tests are essential as it is not enough to know
that the API performs as advertised, but also
that it does so in a secure and reliable manner.
Failing APIs are common, but what isnt common
is understanding the consequences of the failure.
Non- functional testing will do that. When
pen-testing and securing an API, start with
behavioral analysis. Heres where you match
reality to documentation it is a good time to
discover what happens to your system as a whole
when an API fails. You may also determine whether
the build package is buggy and/or
vulnerable. You will want to assure the process
service levels are prioritized for the right
service levels, rate limiting for transactional
APIs, min/max request latency settings, and
availability windows. Some of these details are
important to identify slow memory leaks or
garbage collection issues that might be a
long-term threat to the integrity of the
server(s) and network. Authentication issues
should come right out of the Zero Trust handbook
and determine the levels of trust you assign for
the APIs users. Apply the standards required for
specific DAAS access and test the limitations
before use. When responding to an API attack,
the first rule should be to kill access an API
should never fail in an open state. Whether you
caught the attempt yourself or via AI/ML
detection, follow your normal recovery process
and never shift down just because its an
API. By the end of 2023, API security will
separate the mediocre CISO, focusing solely on
infrastructure from the masterful CISO who
addresses actual business threats and ensures
survivability. Creating a system for API
security, and reusable interface testing
automation that keeps your API inventory up to
date will pay off big when those headlines start
talking about API security and not just our old
nemesis, ransomware. 2023 Seceon Prediction Two
A heightened focus on leveraging Artificial
Intelligence (AI) and Machine Learning (ML) to
identify and counter sophisticated and stealthy
cyberattacks, as well as using AI and ML to
generate advanced cyber threats. Everyone uses AI
and ML so why is this an important area to
consider? Because breaches at organizations with
fully deployed Security Artificial Intelligence
and Machine Learned automation spend less than
half on a data breach, than those who do not have
this automation in place. Here is a second
consideration. Simply put, the bad guys are using
these tools against the
interests and capabilities of the good guys. Let
s take a look.
4
Seceon 2023 Cybersecurity Predictions by Seceon
Thought Leadership - Seceon The arrival of the
amazing AI-enabled chatbot called ChatGPT last
month has been wowing the tech community with
their ball caps facing forward, while it is also
allowing hackers behind email and text-based
phishing attacks (along with malware gangs) to
speed up the development of their
schemes. Those who pooh-pooh the under-achieving
Open AI chatbot have 1) never spent any time with
her, 2) dont grant slack to a product that has
been released in beta during only its second
month of field trials with millions of users and
3) ignore the billion VC investment in the
space in the last couple of months even under
the shadow of the great conman, Samuel Bankman-
Frieds attempt at billionaire crime. Here are
some early instantiations of high
noteworthiness Several serious cybersecurity
researchers have been able to get the ChatGPT to
write really good phishing emails and malicious
code for them in the last 30 days, mirroring what
the Malware mafia were getting good at
incorporating plausible humanlike and
undetectable tactics into their recent attack
portfolio. Researchers at Check Point Research
verified that they got a plausible phishing
email from ChatGPT after directly asking it to
write a phishing email that comes from a
fictional web- hosting service. Abnormal
Security tested ChatGPT to write an email that
has a high likelihood of getting the recipient
to click on a link. On the question of
liability, OpenAI has implemented a few content
moderation warnings into the chatbot, ones that
researchers are finding easy to side-step and
avoid penalties. Remember, this is a beta
release 1.0 on the market under intense
conditions for 45 days. For those who do not
take ChatGPT seriously, we say this
Organizations are already struggling to fend off
the most basic of attacks including those in
which hackers use a stolen or leaked password to
log in to accounts would be hard-pressed to
stave off costly breaches using simple AI
capabilities. 2023 Seceon Prediction Three The
Role of the CISO is Harder and More Dangerous
Than Ever Before Four years ago, the threat
landscape was such that a CISO could get the job
of asset protection done by twisting a few knobs
and turning some dials. It could have been argued
at that time that CISOs should report to the
CEO, not because the job was so integral with the
rest of a companys functions, but because there
could be clear and direct communication between
the one person able to assess the technical
threat and operational risk, and the one
person responsible for the business outcome.
5
Seceon 2023 Cybersecurity Predictions by Seceon
Thought Leadership - Seceon Today, I argue that
the CISO should still report to the CEO, but for
entirely different reasons. In just four years,
the threat landscape has evolved into impossible
complexity with amazingly smart adversaries
launching continual attacks with new and
hideously polymorphic vectors with multiple
business units pushing digital transformation
programs regardless of the cost of security and
protection. Today, the job of asset protection
and threat defense is not only integral to the
companys business functions, but most of those
functions could not exist without it. No one at
the C-suite or Board level understands this
however, because even today, very few senior
executives take the time to understand the
issues, risks and vulnerabilities around
Cybersecurity and most CISOs and CIOs do not
explain them well and in business terms. To make
matters worse, very few if any understand the
actual liabilities and fiduciary care
requirements of their role. If you did a random
poll, I think most would say todays threats are
very sophisticated and therefore difficult to
prevent. The truth is that the bulk of todays
attacks cannot be categorized as sophisticated
at all. The reason we are attacked so
successfully and so often is we continue to
maintain poor hygiene which leads to unpatched
known vulnerabilities, misconfigured containers,
unsecured DNS and APIs exposed to the Internet.
In addition, our development rigor is sloppy. We
build code without knowledge of the transitive
dependencies inherent in the open-source
libraries, APIs, and software we incorporate into
our agile pushes. Today, we dont design code
with security at the beginning. We often dont
design code with security at all. But, it seems
the Board and C-suite want to believe that we are
attacked because we are being outsmarted by our
adversaries. While we are occasionally,
sophisticated attacks are rare. Until the CISO
role is perceived as peer, the rest of the
C-suite will continue to think of security folks
as the deranged department of no and continue to
ignore them.
2023 Seceon Prediction Four Cybersecurity
professionals will see an increased emphasis on
active, real-time security monitoring and
analytics. If you are a business with a
traditional insurance carrier, there is a fair
chance youre not getting renewed. Youll need
to understand your residual risk since you may
not be able to get cyber insurance. And the
price is certainly going up, on average by up to
20 what you paid previously, if your program is
proven to be in order and working well. Recent
research reports that hundreds of millions of
attempted cyberattacks that occurred every day
throughout 2022 show that malware increased by
358 overall as compared with 2021 with no end
to the rise in sight.
6
Seceon 2023 Cybersecurity Predictions by Seceon
Thought Leadership - Seceon 76 of IT
Professionals believe a successful attack against
their firm is imminent, deepening pessimism,
precipitated by steep rises in remote work, BYOD,
3rd party risk, insider error, and stepping into
the cloud without knowing how to defend it. Cyber
insurers have taken notice and are placing
demands on the industry to have continuous
security monitoring and the ability to mitigate
or remediate threats, every minute, every
day. It is no longer acceptable to have nearly
80 of senior IT leaders believing their
organizations lack sufficient protection against
cyberattacks as they did in 2021. With cyber
incidents on the rise, heres what to expect and
what you can do to best position your
organization when shopping for cyber
policies. Do you have a mitigation and
remediation cyber capability for these top 10
Risks? Vendor Risk Management Access
Control System Security Plan Contingency
Planning Employee Mitigation Data
Classification Logging and Monitoring Incident
Response Planning Configuration Management
Cybersecurity Governance Do you have the right
technologies in your top actions list such as
multi-factor authentication (MFA), encryption,
vulnerability management and security event
management? Have you developed a skilled Security
Operations function? Have you focused on emerging
and special challenges like IoT? Key points
about incidents weve handled in 2022 it isnt
just ransomware (but as we pointed out at the
top, thats the headline) but how do we fall
victim? We hear a lot about the end result but,
unfortunately, our experience is we are hearing
less about why it happened and this is the
critical point. What do you need to do to not
fall victim? Interesting point phishing has
trended down (from around 50) to 30 its
becoming easier to exploit vulnerabilities now,
than it was in the past. What does this tell
us? First thing is to not get tunnel vision
you still need a comprehensive cybersecurity
program (many orgs focus on just
phishing!) Vulnerability Management is still a
huge problem, as are weak passwords, poor
security controls, and employee training, and
mobile device security. Having an Incident
Response capability is a must-have but so are
pre-determined policies and procedures to
accelerate
7
Seceon 2023 Cybersecurity Predictions by Seceon
Thought Leadership - Seceon recovery from
ransomware and other attacks along with a set of
playbooks to mitigate or remediate (these two
terms are not the same, mitigate buys you time,
remediate stops the aberrant action). Other
smart actions Invest in modern malware
detection and cyberthreat hunting Have analytics
than can determine whether any data was
compromised or leaked Seek out automation and
autonomous response capabilities to work more
cohesively and comprehensively with fewer
resources. Visibility is key. Log as much as you
can, and have data visualization tools to mine
key metrics and gain context. Insurers in some
high-risk sectors are reducing their exposure by
reducing coverage limits or reducing coverages,
and placing lower limits on ransomware payouts.
Some of the industries where insurers have
reduced their exposures include health care and
education. Some insurers have been reducing their
cyber risk exposure by adding more restrictive
policy terms and including additional exclusions
to their cyber and non-cyber policies. Every
company will face cyber risk in 2023, no matter
its size. The more diverse you are, the more
areas of vulnerability you have so the
ramifications are serious. You must take a
digital asset approach to cybersecurity in our
digitalized world. Seceon is here to help. As we
welcome you to 2023 we want to be sure to thank
everyone that is working hard to make
cybersecurity effective and valuable, something
that is respected. This is hard work and we
certainly never expect anyone to do it alone.
Cybersecurity is about people as much as it is
about business, and we value each and every one
of you. Were looking forward to working with
many of you during 2023 and doing our very best
to ensure were all prepared and protected from
all that is and what is to come.
8
Address - 238 Littleton Road Suite 206 Westford,
MA 01886 Phone no - 1 (978)-923-0040 Email Id
- sales_at_seceon.com Website - https//www.seceon.c
om/