Seceon focus on leveraging Artificial Intelligence (AI) and Machine Learning (ML) to identify and counter sophisticated and stealthy cyberattacks, as well as using AI and ML to generate advanced cyber threats. Call Us: +1 (978)-923-0040
Seceon 2023 Cybersecurity Predictions by Seceon Thought Leadership - Seceon.pptx
1. Seceon 2023 Cybersecurity Predictions by Seceon Thought Leadership - Seceon
+1 (978)-923-0040 info@seceon.com
Seceon 2023 Cybersecurity Predictions by
Seceon Thought Leadership
by Pushpendra Mishra | Feb 3, 2023 | aiSIEM, aiXDR, Cyber Security Company, Ransomware
Detection, Service Security Providers | 0 comments
2. Seceon 2023 Cybersecurity Predictions by Seceon Thought Leadership -
Seceon
This is Part II of our first blog of the new year, one in which we tackle 2023’s top cyber
challenges and provide the information you need to make you ready. We’ll share our insights
and recommendations so that you can make cybersecurity a part of your healthy business
strategy and best prepare for the path ahead. In our opening segment we reviewed the events
in 2022 we forecasted in 2022 in terms of their impact and what we learned from them
Now let’s discuss some common themes we see occurring with even more frequency or
velocity in 2023 along with how to prepare for these developing trends and some proactive
cyber strategies to implement for the coming year.
2023 Seceon Prediction One: The emergence of cloud-native security solutions to
protect cloud-based systems and applications.
In 2022, outsourcing code development led to a 65+% increase in code leaks. Even with
“airtight” outsourcing contracts or SLAs, the risk of poor privacy practices, storage and
development practices has led to this significant increase. Public repositories are clearly not
well protected. GitHub frequently leaks API and Cryptographic keys. According to a study from
North Carolina State University, over 100,000 GitHub Repos leaked API or cryptographic keys
in 2022. They also found that thousands of new API or cryptographic keys leak via GitHub
projects every day.
Lets continue down this API Security path, however. We’ve seen a 300% increase in API traffic
and a 600% increase in API attacks. API security is a key component of modern web
application security. APIs may have vulnerabilities like broken authentication and authorization,
lack of rate limiting, and code injection.
The exposure to insecure APIs has sky-rocketed and only a nary few are paying attention to the
expanding exposure.
The first step is to find and catalog every API on our network. Who does this today? Almost no
one. Why? Because of the intense pressure of developer convenience, John Kindervag, the
Forrester analyst who coined the term “zero-trust”, claims developers have more power than
Cybersecurity folks these days, rapid coding and website development, combined with the
increasing drive toward federated services all contribute to random APIs popping up
everywhere, and entirely without any sort of registration structure acting as the grown up in the
room.
FindingandcatalogingneedtobetakenseriouslyasevenonemissedAPIrightnow,canleave
yourcompanyopentocyber-attack.
3. s take a look.
Seceon 2023 Cybersecurity Predictions by Seceon Thought Leadership -
Seceon
Setting up security and performance automation for every API is the next step. That
performance automation accommodates API testing, critical to security readiness. Both
functional and non-functional tests are essential as it is not enough to know that the API
performs as advertised, but also that it does so in a secure and reliable manner. Failing APIs
are common, but what isn’t common is understanding the consequences of the failure. Non-
functional testing will do that.
When pen-testing and securing an API, start with behavioral analysis. Here’s where you match
reality to documentation – it is a good time to discover what happens to your system as a whole
when an API fails. You may also determine whether the build package is buggy and/or
vulnerable.
You will want to assure the process service levels are prioritized for the right service levels, rate
limiting for transactional APIs, min/max request latency settings, and availability windows.
Some of these details are important to identify slow memory leaks or garbage collection issues
that might be a long-term threat to the integrity of the server(s) and network.
Authentication issues should come right out of the Zero Trust handbook and determine the
levels of trust you assign for the API’s users. Apply the standards required for specific DAAS
access and test the limitations before use.
When responding to an API attack, the first rule should be to kill access – an API should never
fail in an open state. Whether you caught the attempt yourself or via AI/ML detection, follow
your normal recovery process and never shift down just because it’s an API.
By the end of 2023, API security will separate the mediocre CISO, focusing solely on
infrastructure from the masterful CISO who addresses actual business threats and ensures
survivability.
Creating a system for API security, and reusable interface testing automation that keeps your
API inventory up to date will pay off big when those headlines start talking about API security
and not just our old nemesis, ransomware.
2023 Seceon Prediction Two: A heightened focus on leveraging Artificial
Intelligence (AI) and Machine Learning (ML) to identify and counter
sophisticated and stealthy cyberattacks, as well as using AI and ML to
generate advanced cyber threats.
Everyone uses AI and ML so why is this an important area to consider? Because breaches at
organizations with fully deployed Security Artificial Intelligence and Machine Learned
automation spend less than half on a data breach, than those who do not have this automation
in place.
Hereisasecondconsideration.Simplyput,thebadguysareusingthesetoolsagainstthe
interestsandcapabilitiesofthegoodguys.Let’
4. Seceon 2023 Cybersecurity Predictions by Seceon Thought Leadership - Seceon
The arrival of the amazing AI-enabled chatbot called ChatGPT last month has been wowing the
tech community with their ball caps facing forward, while it is also allowing hackers behind
email and text-based phishing attacks (along with malware gangs) to speed up the
development of their schemes.
Those who pooh-pooh the under-achieving Open AI chatbot have 1) never spent any time with
her, 2) don’t grant slack to a product that has been released in beta during only its second
month of field trials with millions of users and 3) ignore the billion + VC investment in the space
in the last couple of months even under the shadow of the great conman, Samuel Bankman-
Fried’s attempt at billionaire crime.
Here are some early instantiations of high noteworthiness:
Several serious cybersecurity researchers have been able to get the ChatGPT to write really
good phishing emails and malicious code for them in the last 30 days, mirroring what the
Malware mafia were getting good at – incorporating plausible humanlike and undetectable
tactics into their recent attack portfolio.
Researchers at Check Point Research verified that they got a “plausible phishing email” from
ChatGPT after directly asking it to “write a phishing email” that comes from a “fictional web-
hosting service.”
Abnormal Security tested ChatGPT to write an email “that has a high likelihood of getting the
recipient to click on a link.”
On the question of liability, OpenAI has implemented a few content moderation warnings into
the chatbot, ones that researchers are finding easy to side-step and avoid penalties.
Remember, this is a beta release 1.0 on the market under intense conditions for 45 days.
For those who do not take ChatGPT seriously, we say this: Organizations are already struggling
to fend off the most basic of attacks — including those in which hackers use a stolen or leaked
password to log in to accounts – would be hard-pressed to stave off costly breaches using
simple AI capabilities.
2023 Seceon Prediction Three: The Role of the CISO is Harder and More Dangerous
Than Ever Before
Four years ago, the threat landscape was such that a CISO could get the job of asset
protection done by twisting a few knobs and turning some dials. It could have been argued at
that time that CISOs should report to the CEO, not because the job was so integral with the rest
of a company’s functions, but because there could be clear and direct communication between
the onepersonabletoassessthetechnicalthreatandoperationalrisk,andtheoneperson
responsibleforthebusinessoutcome.
5. Seceon 2023 Cybersecurity Predictions by Seceon Thought Leadership - Seceon
Today, I argue that the CISO should still report to the CEO, but for entirely different reasons. In
just four years, the threat landscape has evolved into impossible complexity with amazingly
smart adversaries launching continual attacks with new and hideously polymorphic vectors with
multiple business units pushing digital transformation programs regardless of the cost of
security and protection.
Today, the job of asset protection and threat defense is not only integral to the company’s
business functions, but most of those functions could not exist without it.
No one at the C-suite or Board level understands this however, because even today, very few
senior executives take the time to understand the issues, risks and vulnerabilities around
Cybersecurity and most CISO’s and CIO’s do not explain them well and in business terms. To
make matters worse, very few if any understand the actual liabilities and fiduciary care
requirements of their role.
If you did a random poll, I think most would say today’s threats are very sophisticated and
therefore difficult to prevent. The truth is that the bulk of today’s attacks cannot be categorized
as sophisticated at all. The reason we are attacked so successfully and so often is we continue
to maintain poor hygiene which leads to unpatched known vulnerabilities, misconfigured
containers, unsecured DNS and APIs exposed to the Internet. In addition, our development
rigor is sloppy. We build code without knowledge of the transitive dependencies inherent in the
open-source libraries, APIs, and software we incorporate into our agile pushes.
Today, we don’t design code with security at the beginning. We often don’t design code with
security at all. But, it seems the Board and C-suite want to believe that we are attacked
because we are being outsmarted by our adversaries. While we are occasionally, sophisticated
attacks are rare.
Until the CISO role is perceived as peer, the rest of the C-suite will continue to think of security
folks as the deranged department of no and continue to ignore them.
2023 Seceon Prediction Four Cybersecurity professionals will see an increased
emphasis on active, real-time security monitoring and analytics.
If you are a business with a traditional insurance carrier, there is a fair chance you’re not getting
renewed. You’ll need to understand your ‘residual’ risk since you may not be able to get cyber
insurance. And the price is certainly going up, on average by up to 20% what you paid
previously, if your program is proven to be in order and working well.
Recent research reports that hundreds of millions of attempted cyberattacks that occurred
everydaythroughout2022 showthat malwareincreasedby358% overallascomparedwith
2021withnoendtotheriseinsight.
6. Seceon 2023 Cybersecurity Predictions by Seceon Thought Leadership - Seceon
76% of IT Professionals believe a successful attack against their firm is imminent, deepening
pessimism, precipitated by steep rises in remote work, BYOD, 3rd party risk, insider error, and
stepping into the cloud without knowing how to defend it. Cyber insurers have taken notice and
are placing demands on the industry to have continuous security monitoring and the ability to
mitigate or remediate threats, every minute, every day.
It is no longer acceptable to have nearly 80% of senior IT leaders believing their organizations
lack sufficient protection against cyberattacks as they did in 2021. With cyber incidents on the
rise, here’s what to expect and what you can do to best position your organization when
shopping for cyber policies.
Do you have a mitigation and remediation cyber capability for these top 10 Risks?
Vendor Risk Management
Access Control
System Security Plan
Contingency Planning
Employee Mitigation
Data Classification
Logging and Monitoring
Incident Response Planning
Configuration Management
Cybersecurity Governance
Do you have the right technologies in your top actions list such as multi-factor authentication
(MFA), encryption, vulnerability management and security event management?
Have you developed a skilled Security Operations function?
Have you focused on emerging and special challenges like IoT?
Key points about incidents we’ve handled in 2022 – it isn’t just ransomware (but as we pointed
out at the top, that’s the headline) – but how do we fall victim? We hear a lot about the end
result but, unfortunately, our experience is we are hearing less about why it happened – and
this is the critical point. What do you need to do to not fall victim?
Interesting point: phishing has trended down (from around 50%) to 30% – it’s becoming easier
to exploit vulnerabilities now, than it was in the past. What does this tell us?
First thing is to not get tunnel vision – you still need a comprehensive cybersecurity program
(many orgs focus on just phishing!)
Vulnerability Managementis still a hugeproblem,as are weak passwords, poorsecurity
controls, and employee training, and mobile device security. Having an Incident Response
capabilityis a must-havebut so arepre-determinedpoliciesandproceduresto accelerate
7. Seceon 2023 Cybersecurity Predictions by Seceon Thought Leadership - Seceon
recovery from ransomware and other attacks along with a set of playbooks to mitigate or
remediate (these two terms are not the same, mitigate buys you time, remediate stops the
aberrant action).
Other “smart” actions:
Invest in modern malware detection and cyberthreat hunting
Have analytics than can determine whether any data was compromised or leaked
Seek out automation and autonomous response capabilities to work more cohesively and
comprehensively with fewer resources.
Visibility is key. Log as much as you can, and have data visualization tools to mine key
metrics and gain context.
Insurers in some high-risk sectors are reducing their exposure by reducing coverage limits or
reducing coverages, and placing lower limits on ransomware payouts. Some of the industries
where insurers have reduced their exposures include health care and education.
Some insurers have been reducing their cyber risk exposure by adding more restrictive policy
terms and including additional exclusions to their cyber and non-cyber policies.
Every company will face cyber risk in 2023, no matter its size. The more diverse you are, the
more areas of vulnerability you have so the ramifications are serious. You must take a digital
asset approach to cybersecurity in our digitalized world. Seceon is here to help.
As we welcome you to 2023 we want to be sure to thank everyone that is working hard to make
cybersecurity effective and valuable, something that is respected. This is hard work and we
certainly never expect anyone to do it alone. Cybersecurity is about people as much as it is
about business, and we value each and every one of you. We’re looking forward to working
with many of you during 2023 and doing our very best to ensure we’re all prepared and
protected from all that is and what is to come.
8. Address - 238 Littleton Road Suite #206
Westford, MA 01886
Phone no - +1 (978)-923-0040
Email Id - sales@seceon.com
Website - https://www.seceon.com/