Zeki Turedi , CTO EMEA , CrowdStrike
needed to solve a modern threat , only next-generation , cloud-based cybersecurity solutions , drawing on Big Data from across the globe , are equal to the task of keeping any kind of data secure .
Many countries across the globe expect their economies to approach recession this year . Cost-cutting will be discussed at many companies and cybersecurity budgets having risen – on average – for many successive years will certainly be under scrutiny . Reducing and consolidating the number of licensed products in the area may well make sense , although maintaining the best levels of security is not negotiable at any company .
Notwithstanding , many companies have far more tools than they need . Our own discussions with CISOs suggest it ’ s not uncommon for companies to have multiple licensed cybersecurity products at their disposal . This isn ’ t rendering them immune to attack and , in fact , security levels and team performance are suffering at many organisations due to redundant or excessive notifications and checks . Working towards a consolidated single point of truth through a united platform will not only yield cost savings , but also productivity and performance gains for cybersecurity analysts .
The 2023 battlefield
Over the course of 2022 , we saw some evolution in adversaries ’ ransomware tactics . The extraction of sensitive data and extortion attempts based on the threat of the sale or publication of this stolen information has seen a marked rise . Indeed , we have seen a number of cases over the course of last year in which the traditional encryption of victims ’ data was not part of the attack , with the adversary moving directly to threatening exposure of the data , with all the legal , regulatory and reputational damage such leaks would entail . The extortion tactic is potentially worth millions of Euros for every attack and can be repeated without any additional effort on the part of adversaries , so long as the data retains a value for its rightful owners .
Similar to previous years , we continue to see the successful and most sophisticated adversaries no longer using malware-based attacks but focusing on non-malware based techniques . As companies continue to focus on malware , these interactive attacks have begun to provide a higher success rate for cyberattackers . They now account for 71 % of successful breaches , up 50 % on the previous year . Ever the pragmatists , cybercriminals are now focused on identity-based attacks , whereby , rather than hacking their way into a victim ’ s system , they are able to just simply login , using genuine but stolen credentials available on the underground markets of the Dark Web or through other techniques . This continued move to malware-free attacks , growing strongly since 2019 , puts identity protection at the heart of cybersecurity in 2023 . Alongside established , well-understood policies around strong passwords , organisations need to adopt new technologies developed specifically to make it harder for criminals to succeed with identity-based attacks . Security departments need to establish Zero Trust policies and the technologies to support them if they have not already . They need to interrogate every identity on the network and use a variety of techniques to validate whether that identity is legitimate . Their chosen technology partner must offer several ways in which this legitimacy can be established ( or not ). Data in the organisation needs to be split , according to the needs of different roles in their organisation . A salesperson might legitimately need access to customer records , for example . Someone working in production probably does not .
Alongside identities , APIs became part of the cybersecurity battlefield in 2022 and is a trend we will see continue into this year and beyond . Gartner predicts this will become the most common attack vector before long . Many cloud and SaaS services are accessed and controlled through APIs that allow their functionality to be extended and the flow of data through different applications . This is key to the power and popularity of cloud and SaaS , but like any other fast-growing technology , it has attracted the attention of bad actors . We ’ ve seen a number of successful attacks in this domain and security-conscious organisations will have already adopted solutions that can ingest and assimilate signals from many different parts of their IT estate , as well as endpoints .
The right way forward – partners not technology
Technology moves very quickly and that is not set to change this year . Anyone who has worked in the domain knows this : the tools and processes that were best practice in 2022 may be considered dangerously antique by the end of this year . This has important implications for your choice of vendor . It doesn ’ t make much sense to focus entirely on a particular product or technology , since these inherently have a short shelf-life . Rather , you should choose a vendor who will become a partner through the uncertain times ahead , which will adapt and continue to support you as technologies and threats evolve . A partner organisation will have evidence of high , sustained levels of support for its customers . It will be transparent about its current capabilities and its roadmap .
Hopefully , your choice of partner will lead you to a happy and safe 2023 . p
20 INTELLIGENTCIO AFRICA www . intelligentcio . com