research Archives - Cyber Secure Forum | Forum Events Ltd
Posts Tagged :

research

Questions raised as to whether US government agencies can implement zero trust policies in short-term

 960 640 Stuart O'Brien
By:
0
0

75% of U.S. federal agencies will fail to implement zero trust security policies by 2026 due to funding and expertise shortfalls.

That’s according to Gartner, which defines zero trust as a security paradigm that starts from the baseline of trusting no end user, and explicitly identifies users and grants them the precise level of access necessary to accomplish their task.

Zero trust is not a specific technology, product or service. Instead, it is a set of security design principles that contrasts with the traditional perimeter-based security approach.

“With the September 2024 deadline for specific zero trust requirements for U.S. federal agenciesbeing established, requirements are broad for all agencies,” said Mike Brown, Vice President Analyst at Gartner. “However, consistent with other compliance deadlines, agencies will struggle to meet these goals. Given the typical delays for Congressional passage of the federal budget, funds will likely not be available for the zero trust initiative until the second quarter of fiscal 2024, allowing only a partial year to achieve goals.”

Although zero trust achievements, or lack thereof, may be captured in audits, public reporting on specific details of zero trust progress may be limited or obfuscated. This is to avoid identifying weaker aspects of government cybersecurity for the benefit of malicious actors.

“One of the main impediments for government agencies in their zero trust journey is a cybersecurity skills shortage,” said Brown.” Government agencies are challenged to compete with the private sector for staff with necessary skills. To address these talent shortages, agencies should be working simultaneously with service contracts, to reskill existing staff and to recruit new staff.”

Failure to meet policy deadlines will continue to leave federal agencies exposed to risks that could be mitigated.

“This could lead to the interruption of vital government services or the compromise of sensitive information, both of which would have a significant fiscal impact on resolving what could be prevented,” said Brown. “Security breaches will occur as even the best cybersecurityimplementations are not immune. Still, those agencies and their CIOs who fail to fully and promptly adopt zero trust measures will be subject to the most negative scrutiny. A breach often catalyzes the focus and investment in mitigation, which is a predictable need.”

Learn how to implement zero trust security in the public sector in the complimentary Gartner Zero Trust Toolkit.

Photo by Jonathan Simcoe on Unsplash

Financial sector subject to cyber attack ‘death by a million cuts’

 960 640 Stuart O'Brien
By:
0
0

BlackBerry’s Global Threat Intelligence Report states that threat actors focusing efforts on targeting high-value data held by the global financial sector, with one million attacks logged over the 120 day period.

This “death by a million cuts” is revealed to be using mainly commodity malware, which indicates a large number of independent actors targeting the industry in pursuit of financial gain. Critical infrastructure attacks, including those targeting government, financial, healthcare and communications industries, altogether accounted for 62 percent of industry-related attacks over the report period, September to December 2023.

The BlackBerry Threat Research and Intelligence team registered a 27 percent uptick in novel malware to 3.7 new malicious samples per minute prevented by its AI-powered cybersecurity solutions, compared to 2.9 per minute in the previous reporting period. Overall, BlackBerry claims its cybersecurity solutions stopped 31 attacks every minute, a 19 percent increase on the last reporting period.

“We’re consistently seeing increased volumes of attack in highly lucrative industries using novel malware,” said Ismael Valenzuela, Vice President of Threat Research and Intelligence at BlackBerry. “Novel malware typically indicates specific motivations from threat actors towards particular attack targets with intent to evade defences, which are often based on static signatures. We’ve reached a pivotal point where traditional detection methods alone are not enough to combat this increasingly complex problem. AI is already being weaponised by malicious entities, so it must equally be the dominant tool for detection and defence.”

Highlights from the latest BlackBerry Global Threat Intelligence Report include:

  • 62 percent of industry-related attacks targeted critical industries: Digitization and the prospect of debilitating national infrastructure attracted notorious gangs and Malware-as-a-Service (MaaS) groups who attempt to exploit security misconfigurations and vulnerabilities for varying motives.
  • Commercial enterprises also under attack: 33 percent of all threats targeted commercial enterprises (including retail, manufacturing, automotive and professional services), with the majority (53 percent) of those deploying information-stealing (Infostealer) malware with the aim of accessing highly sensitive data.
  • Rapid weaponization of CVEs by Threat Actors: Ransomware gangs observed taking advantage of new Zero Day vulnerabilities and mass mobilizing against potentially vulnerable targets, with zero-day exploits motivating profiteer groups.

Based on its data analysis, the BlackBerry Threat Intelligence and Research team predicts that 2024 will bring an increase in attacks targeting critical infrastructure and other profitable segments. VPN appliances will likely remain desirable targets for nation-state-level threat actors and it is anticipated that there will be a continued increase in supply chain cyberattacks targeting hardware and software vulnerabilities. Further, APAC will likely see an increase in attacks from China and North Korea, particularly financially-motivated attacks.

Photo by Jeffrey Blum on Unsplash

30% of increasing demand for APIs will come from AI and LLM

 960 640 Stuart O'Brien
By:
0
0

More than 30% of the increase in demand for application programming interfaces (APIs) will come from AI and tools using large language models (LLMs) by 2026, according to Gartner.

“With technology service providers (TSPs) leading the charge in GenAI adoption, the fallout will be widespread,” said Adrian Lee, VP Analyst at Gartner. “This includes increased demand on APIs for LLM- and GenAI-enabled solutions due to TSPs helping enterprise customers further along in their journey. This means that TSPs will have to move quicker than ever before to meet the demand.”

A Gartner survey of 459 TSPs conducted from October to December 2023 found that 83% of respondents reported they either have already deployed or are currently piloting generative AI (GenAI) within their organizations.

“Enterprise customers must determine the optimal ways GenAI can be added to offerings, such as by using third-party APIs or open-source model options. With TSPs leading the charge, they provide a natural connection between these enterprise customers and their needs for GenAI-enabled solutions.”

The survey found that half of TSPs will make strategic changes to extend their core product/service offerings to realize a whole product or end-to-end services solution.

With this in mind, Gartner predicts that by 2026 more than 80% of independent software vendors will have embedded GenAI capabilities in their enterprise applications, up from less than 5% today.

“Enterprise customers are at different levels of readiness and maturity in their adoption of GenAI, and TSPs have a transformational opportunity to provide the software and infrastructure capabilities, as well as the talent and expertise, to accelerate the journey,” said Lee.

Throughout the product life cycle, TSPs need to understand the limitations, risks and overhead before embedding GenAI capabilities into products and services. To achieve this, they should:

  • Document the use case and clearly define the value that users will experience by having GenAI as part of the product.
  • Determine the optimal ways GenAI can be added to offerings (such as by using third-party APIs or open-source model options) and consider how the costs of new features may affect pricing decisions.
  • Address users’ prompting experience by building optimizations to avoid user friction with steep learning curves.
    Review the different use-case-specific risks, such as inaccurate results, data privacy, secure conversations and IP infringement, by adding guardrails specific to each risk into the product.

Photo by Growtika on Unsplash

Is defensive AI the key to guarding against emerging cyber threats?

 960 640 Stuart O'Brien
By:
0
0

Google’s recent announcement of an artificial intelligence (AI) Cyber Defense Initiative to enhance global cybersecurity underscores the importance of defending against increasingly sophisticated and pervasive cyber threats.

And according to analysts at GlobalData, AI will play a pivotal role in collecting, processing, and neutralising threats, transforming the way organisations combat cyber risks.

Looking at AI cyber threat detection technology through the lens of innovation using GlobalData’s Technology Foresights tool reveals some compelling insights. Patent filings have surged from 387 in 2018 to 1,098 in 2023, highlighting a robust growth trajectory in AI-driven security solutions. Furthermore, the entry of 53 new companies in 2023, for a total of 239, showcases the expanding interest and investment in this critical area of technology.

Vaibhav Gundre, Project Manager of Disruptive Tech at GlobalData, said: “The ability of AI to improve threat identification, streamline the management of vulnerabilities, and enhance the efficiency of incident responses is key in addressing the continuous evolution of cyber threats. The rapid progression in the field of defensive AI is underscored by a 13% compound annual growth rate in patent applications over the last three years, reflecting a strong commitment to innovation. This trend is also indicative of the recognized importance of having formidable cyber defense systems in place, signifying substantial research and development activities aimed at overcoming new cyber threats.”

An analysis of GlobalData’s Disruptor Intelligence Center highlights the partnership between AIShield and DEKRA as a notable collaboration aimed at enhancing the security of AI models and systems. Through advanced training, assessment, and protection strategies, the partnership seeks to bolster cyber resilience across industries and foster trust in AI technologies.

Similarly, Darktrace’s collaboration with Cyware exemplifies a proactive approach to cybersecurity. By facilitating collaboration among security teams and sharing threat intelligence, the partnership enables organizations to mitigate risks and respond effectively to emerging cyber threats.

AI cyber threat detection finds application across diverse use cases, including threat detection in security cameras, real-time malware detection, network threat detection, anomaly detection in critical infrastructure, fraud prevention, and AI-powered surveillance systems.

Gundre concluded: “As organizations harness the power of AI cyber threat detection, they must also confront significant challenges. The rapid evolution of cyber threats, coupled with the complexity of regulatory landscapes, underscores the need for continuous innovation and collaboration. While patents and partnerships lay the foundation for robust cyber defense strategies, addressing these challenges will require a concerted effort from industry stakeholders. By staying vigilant and embracing a proactive approach, organizations can navigate the evolving cybersecurity landscape with confidence, safeguarding critical assets and preserving digital trust.”

Photo by Mitchell Luo on Unsplash

Are these the top cybersecurity trends for 2024?

 960 640 Stuart O'Brien
By:
0
0

Generative AI (GenAI), unsecure employee behaviour, third-party risks, continuous threat exposure, boardroom communication gaps and identity-first approaches to security are the driving forces behind the top cybersecurity trends for 2024, according to Gartner.

“GenAI is occupying significant headspace of security leaders as another challenge to manage, but also offers an opportunity to harness its capabilities to augment security at an operational level,” said Richard Addiscott, Senior Director Analyst at Gartner. “Despite GenAI’s inescapable force, leaders also continue to contend with other external factors outside their control they shouldn’t ignore this year.”

2024 will see security leaders respond to the combined impact of these forces by adopting a range of practices, technical capabilities and structural reforms within their security programs, with a view to improving organizational resilience and the cybersecurity function’s performance.

The following six trends will have broad impact across these areas:

Trend 1: Generative AI – Short-term Skepticism, Longer-Term Hope
Security leaders need to prepare for the swift evolution of GenAI, as large language model (LLM) applications like ChatGPT and Gemini are only the start of its disruption. Simultaneously, these leaders are inundated with promises of productivity increases, skills gap reductions and other new benefits for cybersecurity. Gartner recommends using GenAI through proactive collaboration with business stakeholders to support the foundations for the ethical, safe and secure use of this disruptive technology.

“It’s important to recognize that this is only the beginning of GenAI’s evolution, with many of the demos we’ve seen in security operations and application security showing real promise,” said Addiscott. “There’s solid long-term hope for the technology, but right now we’re more likely to experience prompt fatigue than two-digit productivity growth. Things will improve, so encourage experiments and manage expectations, especially outside of the security team.”

Trend 2: Cybersecurity Outcome-Driven Metrics: Bridging Boardroom Communication Gap
The frequency and negative impact of cybersecurity incidents on organizations continues to rise, undermining the confidence of the board and executives in their cybersecurity strategies. Outcome-driven metrics (ODMs) are increasingly being adopted to enable stakeholders to draw a straight line between cybersecurity investment and the delivered protection levels it generates.

According to Gartner, ODMs are central to creating a defensible cybersecurity investment strategy, reflecting agreed protection levels with powerful properties, and in simple language that is explainable to non-IT executives. This provides a credible and defensible expression of risk appetite that supports direct investment to change protection levels.

Trend 3: Security Behavior and Culture Programs Gain Increasing Traction to Reduce Human Risks
Security leaders recognize that shifting focus from increasing awareness to fostering behavioral change will help reduce cybersecurity risks. By 2027, 50% of large enterprise CISOs will have adopted human-centric security design practices to minimize cybersecurity-induced friction and maximize control adoption. Security behavior and culture programs (SBCPs) encapsulate an enterprisewide approach to minimizing cybersecurity incidents associated with employee behavior.

“Organizations using SBCPs have experienced better employee adoption of security controls; reductions in unsecure behavior and increases in speed and agility,” said Addiscott. “It also leads to a more effective use of cybersecurity resources as employees become competent at making independent cyber risk decisions.”

Trend 4: Resilience-Driven, Resource-Efficient Third-Party Cybersecurity Risk Management
The inevitability of third parties experiencing cybersecurity incidents is pressuring security leaders to focus more on resilience-oriented investments and move away from front loaded due diligence activities. Gartner recommends security leaders enhance risk management of third-party services and establish mutually beneficial relationships with important external partners, to ensure their most valuable assets are continuously safeguarded.

“Start by strengthening contingency plans for third-party engagements that pose the highest cybersecurity risk,” said Addiscott. ”Create third-party-specific incident playbooks, conduct tabletop exercises and define a clear offboarding strategy involving, for example, timely revocation of access and destruction of data.”

Trend 5: Continuous Threat Exposure Management Programs Gain Momentum
Continuous threat exposure management (CTEM) is a pragmatic and systemic approach organizations can use to continually evaluate the accessibility, exposure and exploitability of digital and physical assets. Aligning assessment and remediation scopes with threat vectors or business projects rather than an infrastructure component, highlights vulnerabilities and unpatchable threats.

By 2026, Gartner predicts that organizations prioritizing their security investments based on a CTEM program will realize a two-thirds reduction in breaches. Security leaders must continuously monitor hybrid digital environments to enable early identification and optimal prioritization of vulnerabilities to help maintain a hardened organizational attack surface.

Trend 6: Extending the Role of Identity & Access Management (IAM) to Improve Cybersecurity Outcomes
As more organization’s move to an identity-first approach to security, the focus shifts from network security and other traditional controls to IAM, making it critical to cybersecurity and business outcomes. While Gartner sees an increased role for IAM in security programs, practices must evolve to focus more on fundamental hygiene and hardening of systems to improve resilience.

Gartner recommends security leaders focus on strengthening and leveraging their identity fabric and leverage identity threat detection and response to ensure IAM capabilities are best positioned to support the breadth of the overall security program.

Photo by Markus Spiske on Unsplash

IT Services will be largest recipient of CIO spending in 2024

 960 640 Stuart O'Brien
By:
0
0

Global IT spending is expected to total $5 trillion in 2024, an increase of 6.8% from 2023, down from the previous quarter’s forecast of 8% growth – and while generative AI (GenAI) had significant hype in 2023, it will not significantly change the growth of IT spending in the near-term.

That’s according to new analysis from Gartner, which predicts that IT Services will become largest segment of spending in this year.

“While GenAI will change everything, it won’t impact IT spending significantly, similar to IoT, blockchain and other big trends we have experienced,” said John-David Lovelock, Distinguished VP Analyst at Gartner. “2024 will be the year when organizations actually invest in planning for how to use GenAI, however IT spending will be driven by more traditional forces, such as profitability, labor, and dragged down by a continued wave of change fatigue.”

IT services will continue to see an increase in growth in 2024, becoming the largest segment of IT spending for the first time. Spending on IT services is expected to grow 8.7% in 2024, reaching $1.5 trillion (see Table 1). This is largely due to enterprises investing in organizational efficiency and optimization projects. These investments will be crucial during this period of economic uncertainty.

“Adoption rates among consumers for devices and communications services plateaued over a decade ago. Consumer spending levels are primarily driven by price changes and replacement cycles, leaving room for only incremental growths, so being surpassed by software and services was inevitable,” said Lovelock. “Enterprises continue to find more uses for technology – IT has moved out of the back office, through the front office and is now revenue producing, until there is a plateau for how and where technology can be used in an enterprise, there cannot be a plateau in enterprise IT spending.”

Table 1. Worldwide IT Spending Forecast (Millions of U.S. Dollars) 

  2023 Spending 2023 Growth (%) 2024 Spending 2024 Growth (%)
Data Center Systems 243,063 7.1 261,332 7.5
Software 699,791 -8.7 732,287 4.6
Devices 913,334 12.4 1,029,421 12.7
IT Services 1,381,832 5.8 1,501,365 8.7
Communications Services 1,440,827 1.5 1,473,314 2.3
Overall IT 4,678,847 3.3 4,997,718 6.8

Source: Gartner (January 2024)

The overall IT spending growth rate for 2023 was 3.3%, only a 0.3% increase from 2022. This was largely due to change fatigue among CIOs. Momentum will regain in 2024, with overall IT spending increasing 6.8%.

Even with the expected regained momentum in 2024, the broader IT spending environment remains slightly constrained by change fatigue. Change fatigue could manifest as change resistance — with CIOs hesitating to sign new contracts, commit to long-term initiatives or take on new technology partners. For the new initiatives that do get launched, CIOs require higher levels of risk mitigation and greater certainty of outcomes.

Threat Predictions for 2024: Chained AI and CaaS operations give attackers more ‘easy’ buttons 

 960 640 mattd
By:
0
0

With the growth of Cybercrime-as-a-Service (CaaS) operations and the advent of generative AI, threat actors have more “easy” buttons at their fingertips to assist with carrying out attacks than ever before. By relying on the growing capabilities in their respective toolboxes, adversaries will increase the sophistication of their activities. They’ll launch more targeted and stealthier hacks designed to evade robust security controls, as well as become more agile by making each tactic in the attack cycle more efficient.

In its 2024 threat predictions report, the FortiGuard Labs team looks at a new era of advanced cybercrime, examines how AI is changing the (attack) game, shares fresh threat trends to watch for this year and beyond, and offers advice on how organisations everywhere can enhance their collective resilience against an evolving threat landscape…

The Evolution of Old Favorites

We’ve been observing and discussing many fan-favorite attack tactics for years, and covered these topics in past reports. The “classics” aren’t going away—instead, they’re evolving and advancing as attackers gain access to new resources. For example, when it comes to advanced persistent cybercrime, we anticipate more activity among a growing number of Advanced Persistent Threat (APT) groups. In addition to the evolution of APT operations, we predict that cybercrime groups, in general, will diversify their targets and playbooks, focusing on more sophisticated and disruptive attacks, and setting their sights on denial of service and extortion.

Cybercrime “turf wars” continue, with multiple attack groups homing in on the same targets and deploying ransomware variants, often within 24 hours or less. In fact, we’ve observed such a rise in this type of activity that the FBI issued a warning to organizations about it earlier this year.

And let’s not forget about the evolution of generative AI. This weaponisation of AI is adding fuel to an already raging fire, giving attackers an easy means of enhancing many stages of their attacks. As we’ve predicted in the past, we’re seeing cybercriminals increasingly use AI to support malicious activities in new ways, ranging from thwarting the detection of social engineering to mimicking human behavior.

Fresh Threat Trends to Watch for in 2024 and Beyond

While cybercriminals will always rely on tried-and-true tactics and techniques to achieve a quick payday, today’s attackers now have a growing number of tools available to them to assist with attack execution. As cybercrime evolves, we anticipate seeing several fresh trends emerge in 2024 and beyond. Here’s a glimpse of what we expect.

Give me that big (playbook) energy: Over the past few years, ransomware attacks worldwide have skyrocketed, making every organisation, regardless of size or industry, a target. Yet, as an increasing number of cybercriminals launch ransomware attacks to attain a lucrative payday, cybercrime groups are quickly exhausting smaller, easier-to-hack targets. Looking ahead, we predict attackers will take a “go big or go home” approach, with adversaries turning their focus to critical industries—such as healthcare, finance, transportation, and utilities—that, if hacked, would have a sizeable adverse impact on society and make for a more substantial payday for the attacker. They’ll also expand their playbooks, making their activities more personal, aggressive, and destructive in nature.

It’s a new day for zero days: As organisations expand the number of platforms, applications, and technologies they rely on for daily business operations, cybercriminals have unique opportunities to uncover and exploit software vulnerabilities. We’ve observed a record number of zero-days and new Common Vulnerabilities and Exposures (CVEs) emerge in 2023, and that count is still rising. Given how valuable zero days can be for attackers, we expect to see zero-day brokers—cybercrime groups selling zero-days on the dark web to multiple buyers—emerge among the CaaS community. N-days will continue to pose significant risks for organizations as well.

Playing the inside game: Many organisations are leveling up their security controls and adopting new technologies and processes to strengthen their defenses. These enhanced controls make it more difficult for attackers to infiltrate a network externally, so cybercriminals must find new ways to reach their targets. Given this shift, we predict that attackers will continue to shift left with their tactics, reconnaissance, and weaponisation, with groups beginning to recruit from inside target organisations for initial access purposes.

Ushering in “we the people” attacks: Looking ahead, we expect to see attackers take advantage of more geopolitical happenings and event-driven opportunities, such as the 2024 U.S. elections and the Paris 2024 games. While adversaries have always targeted major events, cybercriminals now have new tools at their disposal—generative AI in particular—to support their activities.

Narrowing the TTP playing field: Attackers will inevitably continue to expand the collection of tactics, techniques, and procedures (TTPs) they use to compromise their targets. Yet defenders can gain an advantage by finding ways to disrupt those activities. While most of the day-to-day work done by cybersecurity defenders is related to blocking indicators of compromise, there’s great value in taking a closer look at the TTPs attackers regularly use, which will help narrow the playing field and find potential “choke points on the chess board.”

Making space for more 5G attacks: With access to an ever-increasing array of connected technologies, cybercriminals will inevitably find new opportunities for compromise. With more devices coming online every day, we anticipate that cybercriminals will take greater advantage of connected attacks in the future. A successful attack against 5G infrastructure could easily disrupt critical industries such as oil and gas, transportation, public safety, finance, and healthcare.

Navigating a New Era of Cybercrime

Cybercrime impacts everyone, and the ramifications of a breach are often far-reaching. However, threat actors don’t have to have the upper hand. Our security community can take many actions to better anticipate cybercriminals’ next moves and disrupt their activities: collaborating across the public and private sectors to share threat intelligence, adopting standardized measures for incident reporting, and more.

Organisations also have a vital role to play in disrupting cybercrime. This starts with creating a culture of cyber resilience—making cybersecurity everyone’s job—by implementing ongoing initiatives such as enterprise-wide cybersecurity education programs and more focused activities like tabletop exercises for executives. Finding ways to shrink the cybersecurity skills gap, such as tapping into new talent pools to fill open roles, can help enterprises navigate the combination of overworked IT and security staff as well as the growing threat landscape. And threat sharing will only become more important in the future, as this will help enable the quick mobilization of protections.

Threat Predictions for 2024: Chained AI and CaaS operations give attackers more ‘easy’ buttons 

 960 640 Guest Post
By:
0
0

With the growth of Cybercrime-as-a-Service (CaaS) operations and the advent of generative AI, threat actors have more “easy” buttons at their fingertips to assist with carrying out attacks than ever before. By relying on the growing capabilities in their respective toolboxes, adversaries will increase the sophistication of their activities. They’ll launch more targeted and stealthier hacks designed to evade robust security controls, as well as become more agile by making each tactic in the attack cycle more efficient.

In its 2024 threat predictions report, the FortiGuard Labs team looks at a new era of advanced cybercrime, examines how AI is changing the (attack) game, shares fresh threat trends to watch for this year and beyond, and offers advice on how organisations everywhere can enhance their collective resilience against an evolving threat landscape…

The Evolution of Old Favorites

We’ve been observing and discussing many fan-favorite attack tactics for years, and covered these topics in past reports. The “classics” aren’t going away—instead, they’re evolving and advancing as attackers gain access to new resources. For example, when it comes to advanced persistent cybercrime, we anticipate more activity among a growing number of Advanced Persistent Threat (APT) groups. In addition to the evolution of APT operations, we predict that cybercrime groups, in general, will diversify their targets and playbooks, focusing on more sophisticated and disruptive attacks, and setting their sights on denial of service and extortion.

Cybercrime “turf wars” continue, with multiple attack groups homing in on the same targets and deploying ransomware variants, often within 24 hours or less. In fact, we’ve observed such a rise in this type of activity that the FBI issued a warning to organizations about it earlier this year.

And let’s not forget about the evolution of generative AI. This weaponisation of AI is adding fuel to an already raging fire, giving attackers an easy means of enhancing many stages of their attacks. As we’ve predicted in the past, we’re seeing cybercriminals increasingly use AI to support malicious activities in new ways, ranging from thwarting the detection of social engineering to mimicking human behavior.

Fresh Threat Trends to Watch for in 2024 and Beyond

While cybercriminals will always rely on tried-and-true tactics and techniques to achieve a quick payday, today’s attackers now have a growing number of tools available to them to assist with attack execution. As cybercrime evolves, we anticipate seeing several fresh trends emerge in 2024 and beyond. Here’s a glimpse of what we expect.

Give me that big (playbook) energy: Over the past few years, ransomware attacks worldwide have skyrocketed, making every organisation, regardless of size or industry, a target. Yet, as an increasing number of cybercriminals launch ransomware attacks to attain a lucrative payday, cybercrime groups are quickly exhausting smaller, easier-to-hack targets. Looking ahead, we predict attackers will take a “go big or go home” approach, with adversaries turning their focus to critical industries—such as healthcare, finance, transportation, and utilities—that, if hacked, would have a sizeable adverse impact on society and make for a more substantial payday for the attacker. They’ll also expand their playbooks, making their activities more personal, aggressive, and destructive in nature.

It’s a new day for zero days: As organisations expand the number of platforms, applications, and technologies they rely on for daily business operations, cybercriminals have unique opportunities to uncover and exploit software vulnerabilities. We’ve observed a record number of zero-days and new Common Vulnerabilities and Exposures (CVEs) emerge in 2023, and that count is still rising. Given how valuable zero days can be for attackers, we expect to see zero-day brokers—cybercrime groups selling zero-days on the dark web to multiple buyers—emerge among the CaaS community. N-days will continue to pose significant risks for organizations as well.

Playing the inside game: Many organisations are leveling up their security controls and adopting new technologies and processes to strengthen their defenses. These enhanced controls make it more difficult for attackers to infiltrate a network externally, so cybercriminals must find new ways to reach their targets. Given this shift, we predict that attackers will continue to shift left with their tactics, reconnaissance, and weaponisation, with groups beginning to recruit from inside target organisations for initial access purposes.

Ushering in “we the people” attacks: Looking ahead, we expect to see attackers take advantage of more geopolitical happenings and event-driven opportunities, such as the 2024 U.S. elections and the Paris 2024 games. While adversaries have always targeted major events, cybercriminals now have new tools at their disposal—generative AI in particular—to support their activities.

Narrowing the TTP playing field: Attackers will inevitably continue to expand the collection of tactics, techniques, and procedures (TTPs) they use to compromise their targets. Yet defenders can gain an advantage by finding ways to disrupt those activities. While most of the day-to-day work done by cybersecurity defenders is related to blocking indicators of compromise, there’s great value in taking a closer look at the TTPs attackers regularly use, which will help narrow the playing field and find potential “choke points on the chess board.”

Making space for more 5G attacks: With access to an ever-increasing array of connected technologies, cybercriminals will inevitably find new opportunities for compromise. With more devices coming online every day, we anticipate that cybercriminals will take greater advantage of connected attacks in the future. A successful attack against 5G infrastructure could easily disrupt critical industries such as oil and gas, transportation, public safety, finance, and healthcare.

Navigating a New Era of Cybercrime

Cybercrime impacts everyone, and the ramifications of a breach are often far-reaching. However, threat actors don’t have to have the upper hand. Our security community can take many actions to better anticipate cybercriminals’ next moves and disrupt their activities: collaborating across the public and private sectors to share threat intelligence, adopting standardized measures for incident reporting, and more.

Organisations also have a vital role to play in disrupting cybercrime. This starts with creating a culture of cyber resilience—making cybersecurity everyone’s job—by implementing ongoing initiatives such as enterprise-wide cybersecurity education programs and more focused activities like tabletop exercises for executives. Finding ways to shrink the cybersecurity skills gap, such as tapping into new talent pools to fill open roles, can help enterprises navigate the combination of overworked IT and security staff as well as the growing threat landscape. And threat sharing will only become more important in the future, as this will help enable the quick mobilization of protections.

Nearly half of EMEA CIOs are shifting to co-owning digital leadership with their CxO peers

 960 640 Stuart O'Brien
By:
0
0
Forty-six per cent of CIOs in Europe, the Middle East and Africa (EMEA) are partnering with their CxO peers to bring IT and business area staff together to co-own digital delivery on an enterprise-wide scale.

That’s according to Gartner’s annual global survey of CIOs and technology executives, which has found that CIO’s relationship with their CxO peers is ‘reaching a different level’.

Daniel Sanchez-Reina, VP Analyst at Gartner, said: “CIOs who co-own efforts with their CxO peers to place the design, management and delivery of digital capabilities with teams closest to the point where value is created, are most effective at maximising digital investments.”

In this CIO-CxO co-ownership, also called democratization of digital delivery, the CIO acts as a franchiser of technology within their organization.

Gartner analysts presented the survey findings during Gartner IT Symposium/Xpo, taking place here through Thursday. The 2024 Gartner CIO and Technology Executive Survey gathered data from 2,457 CIO respondents in 84 countries and all major industries, representing approximately $12.5 trillion in revenue/public-sector budgets and $163 billion in IT spending. In EMEA, 917 CIOs participated in the survey, representing nearly $3.9 trillion in revenue and $66 billion in IT spending.

“Consciously or unconsciously, CIOs have already been laying the foundation for democratized digital delivery with technologies such as low-code platforms,” said Sanchez-Reina. In EMEA, 66% of CIOs said they have deployed or plan to deploy low-code platforms in the next 24 months. Artificial intelligence (AI), which 72% of EMEA CIOs say will be a game-changing technology in the next three years (29% for generative AI), will also rapidly advance the democratization of digital delivery beyond the IT function.

The survey revealed that CIOs’ top areas for investment in 2024 include cybersecurity, data analytics and AI (see Figure 1).

Figure 1. EMEA CIOs’ Expected Change in Technology Investments in 2024

Source: Gartner (November 2023)

CIOs who franchise IT ‘by design’, which is through co-leading, co-delivering and co-governing digital initiatives with their CxO peers, perform significantly better at general IT management activities, such as executive leadership development and digital business strategy.

“Franchiser CIOs are breaking down the barriers of IT, allowing other business units to produce IT beyond using it,” said Sanchez-Reina. “Those business units participate in the IT delivery responsibility and are accountable for the success of their own IT applications and systems they produce. Such participation in technology production goes from managing to implementing and building technology initiatives.

“This shows that the distinction between what is “IT” and what is “business” is becoming virtually impossible.”

There is no one pattern for franchised digital delivery. Several factors such as the enterprise culture and CEO sponsorship will influence the design and inner workings of the franchise model and the ways in which CIOs and their CxO peers engage. Above all, the CIO must coach their business partners on the journey, offering advice and frameworks, and brokering the internal and external connections they need to successfully co-own digital delivery.

“The payoff of modeling CxO-CIO partnerships for digital delivery on a franchise model is substantial,” said Sanchez-Reina. “CxOs who embrace this franchise model are twice as likely to meet or exceed expectations from digital investments, compared with those who don’t embrace it.”

Photo by ThisisEngineering RAEng on Unsplash

The crucial role of audio solutions in IT security for hybrid work models

 960 640 Charles
By:
0
0

Shure partnered with global market research giant, IDC, to delve deep into the challenges IT security departments may face as they integrate hybrid work models. Drawing from insights of over 600 respondents from a range of countries, including the UK, the study sheds light on IT security concerns surrounding the quality of audio systems and its potential implications for secure and effective communication.

One of the paramount findings was that, while organisations in the UK are spearheading the adoption of hybrid work structures in Europe, they appear to be underestimating the security aspects linked to high-caliber audio solutions. The gaps in audio quality not only hinder effective communication but could also pose potential security risks, especially when critical information is misheard or misunderstood.

It was evident from the study that poor communication and reduced engagement during virtual meetings were key issues businesses were grappling with. Many IT security professionals highlighted that subpar audio equipment is not only a challenge for clear communication but also a potential security vulnerability, especially if employees resort to non-secure means of communication due to poor audio quality.

Globally, 72% of thriving organisations understand the importance of investing in professional-grade audio gear not just for clear communication, but also from a security standpoint. However, the UK seems to lag in this realisation, signifying an urgent call-to-action for IT security teams.

The IDC research underscores that top-tier audio isn’t merely about sound clarity; it’s also about creating a secure communication environment in the era of hybrid work. Quality audio solutions can prevent miscommunications, reduce the need for repeated information transfer, and thus limit exposure to potential security threats.

Key insights from the research with relevance to IT security are:

  • Team Dynamics: 94% of respondents acknowledge that technology which mimics the essence of face-to-face interactions can positively influence team dynamics and motivation.
  • Operational Efficiency: 90% believe robust audio solutions promote inclusive meetings and foster more efficient and secure work sessions.
  • Employee Trust: 90% perceive such investments as an indication of the company’s commitment to their well-being and security.
  • Organisational Reputation: 89% feel it impacts how both staff and external stakeholders perceive the company’s commitment to security.
  • Employee Confidence: 73% believe that quality audio solutions boost their confidence in the organisation’s dedication to secure and clear communication.
  • Decision-Making: 49% recognise its role in facilitating better-informed, and thus more secure, decision-making processes.

For a comprehensive understanding of the study and more in-depth insights, access the IDC Infobrief sponsored by Shure: : https://effortless.shure.com/content-hub/posts/idc-infobrief