Rich Turner, SVP EMEA at the cyber firm CyberArk, pictured, looks at the cybersecurity challenges plaguing security teams in 2023.
CISOs and their teams have become masters of coping with change. From fighting against ransomware, nation state and insider attacks, to having to combat new technologies such as ChatGPT that make life easier for bad actors, security teams are having to adapt at a speed we haven’t seen before. And that’s before we even consider the macroeconomic climate that’s prompting smaller budgets and reduced headcount.
How can we realistically expect security teams to defend against even more threats, with fewer resources? The answer is simple: we can’t. And that’s why organisations are falling into ‘cyber debt’: a state where investment in new systems and technologies to drive the business forward isn’t matched by spend on what’s needed to secure them.
It’s a pressing problem, and one our 2023 Identity Security Threat Landscape Report delved into, the results of which we will discuss while discovering just what security teams are currently challenged with.
Threats on identity
Our research found that almost every UK organisation (99pc) believes it will experience an identity-related security compromise this year, with a majority (61pc) saying this will happen as part of a digital transformation initiative, such as cloud adoption or legacy app migration. Given investment in digital and cloud initiatives continues to grow, this is particularly worrying. Many of those projects aim to unlock greater efficiencies, making it even more crucial for security teams to act now to prevent a potentially devastating identity-related attack.
The study also found that 58pc of security professionals believe highest-sensitivity employee access is not adequately secured, as well as finding that a greater number of machines have more sensitive access than humans (31pc versus 29pc). Compromised identities will remain the most efficient method for attackers to evade cyber defences and gain unauthorised access to valuable data and assets. An effective first step is adopting zero trust principles – “trust nothing, verify everything” – bolstered by a comprehensive identity security platform. Together, they are the backbone to stopping identity-related compromise.
Macroeconomic events will cause breaches
According to the study, organisations believe large-scale issues, such as the global economic squeeze, elevated levels of staff turnover, consumer spend downturn, uncertain political environments and the ongoing race to digitise will also lead to security compromise.
The implications of these – such as reduced security headcount and spending – can directly affect cybersecurity readiness and another consequence to be expected is an increase in insider threats; either a cyberattack or misuse of data by someone with authorised access to an organisation’s systems. UK organisations are anxious about the prospect of cuts and changes to roles creating a new wave of insider threat concerns, with 61% of organisations expecting employee churn-driven cyber issues in 2023. To limit the risk of insider threat, authorised users should only be given access to what they need through strong credential management and applying the principle of least privilege.
Generative AI assisting bad actors
One technology shift on everyone’s lips in 2023 is generative AI. It’s assisting people with the menial and mundane tasks they don’t want to do, changing the world of business – for both good and ill. While security teams are working hard to implement AI into their stack, threat actors (some of which have more manpower and better budgets than ‘regular’ organisations) are already one step ahead.
UK security professionals know this is the case too, with 87% expecting AI-enabled threats to affect their organisation this year, with AI-powered malware cited as their top concern. We can expect better quality, more effective phishing and deepfake attempts also. Threat actors have upped the ante with generative AI, using it for reconnaissance, malware development and initial access, and cyber defenders need to explore and adopt it as well. Many respondents to our research have already embraced AI for automated breach and detection, for instance.
Cyber debt and the consolidation of trust
Cyber debt isn’t a new phenomenon within the industry, but it is consolidating in 2023 and costing increasingly scarce resources; in the UK alone 80% of security professionals that responded to the study reporting that their organisation had been hit by ransomware alone, and on average having to pay up to restore operations or retrieve data more than three times each.
Because of this resource-constrained and high-threat environment, organisations are increasingly opting to consolidate their cyber strategies and planning on a smaller number of vendors over an extended period to build on trust and strengthen resilience. The rate of change being seen in the industry will be difficult to keep up with but taking action to empower security teams and help them stay in front of threat actors is a must.
