fbpx

data breaches

2023 Cybersecurity Trends: What Every Cyber Professional Needs to Know

cybersecurity trends - christian espinosaThe world of cybersecurity is dynamic. It quickly changes because cybercriminals are relentlessly persistent in their goal to breach organizations and steal valuable data. Many of the biggest threats aren’t new, but they evolve as hackers become smarter and the systems to stop them become stronger. In the year ahead, cyber professionals will have the daunting task of defending their domain. So, what cybersecurity trends are on the horizon for 2023, and what strategies will you need to avert them?

Let’s find out.

The Cybersecurity Trends: Existing and Emerging Threats Are on the Calendar

Can you confidently say your cyber team is ready for the rapid changes in cybersecurity and the threat landscape? It’s hard to be certain. In fact, 40% of chief security officers agree they are unprepared. They cite many different reasons—inadequate budgets, talent shortage, and the fast pace of innovation. These and any other barriers will always exist regardless of if you have a blank check and a room full of experts.

To achieve a higher level of confidence in your organization’s ability to defend its digital turf, you must understand what the landscape looks like and admit that you can’t stop everything. Proactive measures to address the risky trends ahead are ideal but not always possible. In the following list of trends, I’ll give you the bad news on risk along with some good news about what to do about it that looks different than what you’ll hear any other cyber experts say.

Hybrid Work Becomes the Norm, and Your Security Footprint Will Only Get Larger

Unsurprisingly, hybrid and remote work models are becoming the norm. Employees want flexibility and autonomy, and employers have to stay in tune with what they want to retain them. Cyber professionals, however, aren’t exactly thrilled with this. They, too, want to work remotely, but it’s expanded the security footprint of every organization.

It’s not the company-issued devices that are the weak link, as you still have control over those, ensuring that anti-malware and antivirus tools are running and that applications are up to date. The problem is personal device usage to check email, engage in chats, and access documents. That’s where incidents are most likely to occur, and you have no idea how protected these devices are or aren’t.

Connecting to networks with these devices could cause employees to be more susceptible to fall for phishing attacks, either by email or text message. These situations can also make a company more exposed to ransomware attacks. So, what is a cyber leader to do with the abundance of employees working from anywhere?

You can develop specific BYOD (bring your own device) rules and require that they use the Outlook App versus the email feature on smartphones. More stringent policies that exclude all personal devices are another option, but they will be met with lots of resistance.

Building a security-aware culture that your cyber employees spearhead could be a strategy that has more sustainability. It also requires your cyber staff to think like a typical user and explore what their day-to-day looks like regarding security. If your team has buy-in to this approach, it will be more authentic and resonate more than some top-down directive that most will disregard.

Persistent Phishing: Hackers Use Many Angles to Hook Users

You likely aren’t surprised that a variation of phishing is on the 2023 cybersecurity trends list. Hackers have become much more sophisticated in how they target phishing attacks. They narrowly focus on a specific organization and keep trying new approaches, hoping they eventually wear down a person’s defenses and get them to respond.

Persistent phishing is the new normal, and cyber criminals do more than just send you an email from a spoofed URL. There are elements of social engineering in these tactics, where a recipient wouldn’t think it odd to receive an email from a company they recently engaged.

These can work, but hackers are taking it to the next level by attempting to impersonate others from a company, often CEOs or other high-profile people, so the user will take notice and respond. Their common sense can out the door when they see an email that appears to be from the CEO.

Another new phishing tactic is sharing Google docs (or other public cloud storage) within emails, which can look legitimate. Many businesses use Google Drive as their file-sharing solution. Unfortunately, the security here is lax at best.

In the new era of persistent phishing, you’ll need to step up employee education to start. You can also use filtering tools to keep these emails from appearing in an inbox. AI tools can assist with this as well.

However, some things will get through your perimeter. Turn to your cyber team to manage this constant barrage of phishing scams and get their perspectives. Make this a regular discussion in team meetings. Look at your data and listen to your team. Not everyone is going to have a new idea. Many will just say to stay the course. You want your technical employees to be innovators, and you must create a space where that’s the culture. If you do, you may get some really good strategies to deploy to lessen the hook of phishing.

IoT Vulnerability Grows

No one would argue that IoT (Internet of Things) devices aren’t valuable. They are generating many quality data crucial in various sectors, from manufacturing to transportation to retail. However, these devices must connect to your network to access and aggregate that data. As a result, they’ve become a target for hackers to infiltrate an enterprise. The more devices you connect, the more potential for a backdoor to open for hackers.

The proliferation of IoT devices is now a part of many companies’ data strategies. The IoT devices consumers use have long had lax security measures in the name of convenience. In the commercial space, security has been more robust. The problem with IoT devices as a vulnerability often arises from the need for them to be interoperable with other applications. Connecting all these points can become burdensome, so there may be slips around security. Additionally, these devices aren’t always under the control of cybersecurity teams because they sit in warehouses, assets in the field, and store locations.

You need to have IoT security protocols in place, but what may be more important is confirming that the devices are continuing to abide by them. That will require your technical folks to communicate with non-technical employees in the field. They’ll need to ask questions and possibly go to the sites where they are. That’s outside the comfort zone of many, and one more reason why developing soft skills for cyber employees is critical. Without effective and consistent communication, you’ll just be counting the days until an IoT security incident occurs.

Hackers Are Still Hungry for Your Data

In most organizations, protecting assets is both digital and physical. The digital ones, being the data about customers, products, analytics, and everything else, have become much more valuable to criminals. The primary goal of hackers is to access your data and sell it. Data breaches are daily headlines now; there’s no surprise when we see the latest one.

Your organization has put all its efforts into protecting this data, but vulnerabilities still exist. It would be impossible to eliminate all of them. So, you’ve learned to live with risk, or have you? The biggest problem I’ve witnessed in my many years in cybersecurity is that those in charge of protecting your most valuable assets can’t admit that they don’t have all the answers. Many of them will do anything to hide uncertainty around this problem, and that mindset is dangerous.

If your cyber team can’t be honest that data breaches are still possible, they’ll be doing little to fortify your protections. They will be averse to applying new tools or strategies and unable to communicate and collaborate effectively. Hackers are the enemy, but the inside threat looms when you have employees that aren’t living in reality.

The best way to address this cybersecurity trend is by breaking norms and getting honest about who on your team is willing to grow and change their mindset. They may not fit the culture you want to cultivate if they can’t. They may have brilliant minds for technology, but their inability to think critically and with transparency means they are more of a risk than an asset.

Addressing Cybersecurity Trends Requires an Agile Team

The risks of modern business will only grow. Digital transformation is accelerating at light speed, and every organization wants to future-proof its technology and infrastructure. You should be on this path as well, with one major caveat. Even more important than the tools you use and the policies you set are the people behind them. You’ll be ahead of the curve if you have cyber talent on your team that’s agile and ready to pivot when needed.

You can learn how to develop this kind of team by following the Secure Methodology™, a seven-step process to help technical folks gain soft skills that can lead to an improved security posture. Learn all about it in my book, The Smartest Person in the Room.

What the Latest Cybersecurity Breaches Can Teach Us

cybersecurity breachesIn the field of cybersecurity, there are always opportunities to learn. It’s a dynamic ecosystem that’s always changing in terms of threats. There’s also no shortage of cybersecurity breaches, with fear-inducing headlines that can make any company shutter. But I’d also argue there is much to learn in these situations.

In a perfect world, breaches and attacks wouldn’t happen. Everything would be top-notch secure, and cyber criminals would be foiled at every turn. Unfortunately, that’s not the reality. In fact, breaches are rising, and hackers are getting smarter and more sophisticated. Data breaches exposed 22 billion records in 2021, and ransomware attacks increased by 92.7% from 2020 to 2021.

Even with the most robust tools and processes, you can’t guarantee your organization won’t be a victim. Aside from these components, the human element is the most important. Who you put in charge of protecting data and securing your infrastructure is most often the differentiator. And those people need more than just technical aptitude. They need to be communicators and collaborators. They need to be flexible and open to change and growth.

With that in mind, let’s consider what the latest cybersecurity breaches can teach us.

U-Haul Data Breach Exposes Customer Information

The moving and storage company U-Haul reported a data breach to customers in September 2022. The attack enabled cyber criminals to access rental contracts between November 2021 and April 2022. As a result, over 2 million customers had sensitive data exposed, including names, driver’s licenses, and state identification numbers.

The hack was successful because of the ability to compromise unique passwords that enabled access to customer contract search tools. The company didn’t disclose anything further about the password compromise.

In this scenario, a few things come to mind as learnings. First, it highlights the need for multifactor authentication across the entire enterprise. Second, it’s possible zero trust architecture could have prevented this. Third, perhaps there wasn’t visibility or transparency across the digital infrastructure, which left this database vulnerable. They could have averted such a breach not with better tools but with better communication.

OakBend Medical Center Suffers Ransomware Attack

Ransomware in healthcare has become a serious issue, with over 55 of these attacks this year alone. Due to a ransomware attack, the Oakbend hospital had communication and IT issues. They announced they were working under “electronic health downtime procedures.”

The standard response was to take everything offline and rebuild their systems. Healthcare is a key target for hackers, as they know this is a mission-critical industry that will often pay the ransom.

We can learn from this incident that the need for updated and practiced cyber incident response procedures is critical. Additionally, questions about redundancy and backups are relevant. We don’t know the details, but with healthcare, the weak link is often legacy systems. Human error and apathy are brewing in hospital IT offices.

Healthcare data is a serious business. I would advise any healthcare organization to modernize its approach to cybersecurity, which requires removing legacy systems, updating infrastructure, and driving change in the hearts and minds of the professionals responsible for it. Until these things happen, healthcare will always be an easy target.

Aon Data Breach Exposes Sensitive Customer Data

Aon first noted the breach in its Securities & Exchange Commission filing in February 2022. However, the global financial company didn’t advise customers until May. The breach’s root cause was access by an unauthorized third party. The company’s investigation reported no evidence that the stolen data was misused and that they had enacted new controls.

It makes you wonder if these controls were so robust, why weren’t they already in place? And why did third parties have the opportunity to steal customer information?

Aon, like any other financial institution, certainly has a sophisticated cybersecurity footprint with teams of professionals that are experts. Yet, there’s always a way in! Would zero-trust architecture have saved the day? Would all those smart cyber folks have noticed this access vulnerability sooner if they worked more like a team rather than individual contributors? Without more details, it’s hard to know. As someone who’s been in this industry a long time, I know that human blindsides are the worst.

Social Engineering Scam Exposes Marriott Customers’ Credit Card Information

Marriott reported that an employee was a social engineering victim, leading him to turn over credentials. The hackers then tried to extort money, contacting the company boasting of their access. The hotel chain stated that the hacker didn’t reach its core network, but customer data related to the specific location was part of the breach. Marriott refused to pay the cyber criminals and contacted law enforcement.

The obvious learning is around constant and consistent training for employees on cybersecurity. However, even if that’s in place, employees may not give it much credence if it’s not a top-down philosophy that’s part of the company culture. Other points to consider are again about access — who has it, how they get it, and who is trustworthy.

If you take away anything from these cases, the most important thing is going back to your people. How are they protecting your data? What are their misconceptions or flawed reasonings?

The most secure companies don’t get that way because they spend the most money or have all the latest and greatest tools. They don’t end up in the headlines because their people work proactively and are agile in collaborating and communicating. If you can do anything right now to strengthen your company’s defense posture, it’s about getting your technical teams aligned, motivated, and growing their mindset. Without this, everyone stays in the same place, and the hackers will keep succeeding.