The Changing Face of Cybersecurity

As cybersecurity events continue to wreak havoc on companies and society, it’s important to recognize the multifaceted nature of modern cyberthreats, from sophisticated malware to intricate social engineering tactics. The growing complexity of cyberthreats and the dizzying pace with which new technologies emerge greatly increase the degrees of difficulty of protecting the company and keep IT leaders up at night. As such, it is critical that those involved in protecting valuable assets navigate through shifting paradigms, become more proactive, and learn how to adapt to a complex and rapidly changing cybersecurity environment.

The evolution of cyberthreats and detection

Forrester Research recently described some of the most pressing cybersecurity threats facing organizations (three-quarters reported at least one data breach in the previous 12 months). This research delved into established threats such as ransomware and business email compromise (BEC) social engineering, as well as newer concerns such as AI deployments, cloud computing, and geopolitics. About AI, for example, Forrester noted that the capabilities of AI applications such as ChatGPT “are speaking concern over poisoning of data to intentionally alter the outcomes of algorithms to undermine AI reliability and performance.” It also pointed to the ongoing conflict between Russia and Ukraine, cautioning organizations to “plan for more geopolitical turmoil to follow.

These are several factors that drive the ongoing evolution of cyberthreats and detection throughout the last decade. Automation is a key major force. RiskOptics noted in a December 2023 blog, “Conventional cybersecurity management solutions are becoming outdated, unable to handle the exponential growth of sophisticated security threats. Plus, financial and talent constraints impede the ability of security teams to expand.

By design, cyberthreats such as ransomware spread quickly. Automated cybersecurity systems—powered by artificial intelligence (AI) and machine learning (ML)—can detect and respond to cyberattacks faster than humans. 

The exponential increase in the adoption of digital technology continues to be pivotal. Technologies such as the Internet of Things (IoT), AI, and even social media are still relatively new and impact cybersecurity threats and solutions. For instance, there are pros and cons associated with cloud and software-as-a-service (SaaS) solutions. SaaS vendors manage operations, which help to keep the systems healthy. SaaS platforms are also easy to scale. Conversely, cloud and SaaS vendors can never provide zero percent downtime. If the cloud platform they are using is down, so is the application their customers use. And, if an organization picks the wrong cloud vendor, all its data can end up in the wrong hands. 

As these technologies have emerged, they’ve brought increased risk for cyberattacks. One recent survey found that 82 percent of IT security and C-level executives experienced at least one data breach when implementing new technologies and expanding their supply chains.

Evolving cybersecurity threats are a growing concern. Recent data tallied 2,365 cyberattacks in 2023, marking a 72 percent increase in data breaches since 2021. The potential impact of this quantity of cybersecurity breaches is significant and far-reaching. 

Falling victim to a breach can affect customers’ trust in a company, and some stakeholders may lose faith in the brand. Cyberattackers often steal money and information and sometimes demand ransom for the decryption key to restore the organization’s access to sensitive data. Companies face added costs and the potentially high price of losing existing and prospective customers. Such expenditures can ultimately lead to budget cuts, which could result in less available resources to devote to the organization’s cybersecurity.

Strategies for improving systems’ security

Organizations commonly make several mistakes that prevent them from successfully addressing cybersecurity threats. For example, companies sometimes fail to clean up the mess. In other words, in terms of data and critical information, the company doesn’t know who has access to what, and there is no clear trail to determine who used which account and when to perform a particular operation. Some still rely on legacy applications that use old technology or in-house tools that lack the latest built-in security mechanisms that new apps have. Sometimes, organizations simply do not have the right tools and people to optimize their cybersecurity efforts. 

The right tools are the easy part. There are countless vendors ready to help a company with its cybersecurity system. As the customer, it’s essential for a company to create a business case that explains precisely what it needs and why. It’s also important to ask vendors to conduct demos and select the vendor based on factors such as budget, tool maturity, and operational overhead. 

To bolster systems security, identity governance, and threat detection, it is important for companies to throw the old playbook out the window, embrace new tools and processes, and identify the right team to manage cybersecurity. Security administrators can efficiently manage user identities and access across the enterprise by cleaning identities and communicating about identity governance. Other best practices include being proactive instead of reactive to stay ahead of audits, understanding and implementing regulations, and hiring compliance experts. 

Identifying the best security options for the organization and its customers entails several steps. For example, documenting existing security systems and processes is imperative. Most companies do not have good design, architecture, or operations models for current systems, making it difficult for cyberattack responders to understand what could have been compromised. Change management, communication, and operating models are critical to ensure all teams responding to incidents of any severity recognize the chain of command, provide constant updates, and bring in leadership where needed.  

Another smart approach is to create detailed policies, standards, and controls and implement them throughout the company. This requires a concerted communication effort. Nationwide offers a host of tips for conducting cybersecurity training throughout the enterprise. For example, the top priority is to ensure that employees “understand that they are a part of what keeps business data secure. If they don’t follow protocol and ensure that the devices they use are protected, they could be the weak link in an otherwise secure network, giving viruses or other malicious code a backdoor into the system,according to Nationwide, which also recommends ensuring employees have the proper security software and tools on their machines, “and that they understand how it works and any efforts required of them. It is critical for employees to understand the severe consequences of cyberthreats, create and use strong passwords and change them regularly, regularly back up data, and adhere to company policies regarding payment cards. 

Organizational culture plays a crucial part as well. Foster an environment where employees, including those in IT, understand that new technologies or processes designed to aid cybersecurity will not take away their jobs. Decreasing employees’ resistance to change will reduce their chances of becoming expendable. 

Growing concerns

There are many regulatory and compliance standards to consider when developing and implementing cyberthreat detection and prevention strategies. One is the General Data Protection Regulation (GDPR). This stringent privacy and security law applies to all organizations targeting or collecting data related to individuals in the European Union. Another is the Sarbanes-Oxley Act (SOX). After several accounting scandals at large publicly traded companies, the law was enacted in 2002 to improve corporate auditing and transparency. But, with the proliferation of the types of technologies highlighted in this piece, “the risks to financial reporting, and the accuracy of financial data and financial statements posed by cybersecurity threats are greater than ever,” as AuditBoard noted in a 2023 article. “Real-time issues that fall into this category include data breaches and phishing attacks in publicly traded companies and private companies alike.” Cybersecurity compliance with the Sarbanes-Oxley Act “generally refers to a public company implementing strong internal control processes over the IT infrastructure and applications that house the financial information that flows into its financial reports,writes Cryer, “to enable them to make timely disclosures to the public if a breach were to occur.

Regulations such as the General Data Protection Regulation (GDPR) differ based on the type of information with which companies work. Failure to comply with these protocols can carry severe consequences in the form of heavy fines, matters requiring attention (MRAs), or practices that stray from sound governance, internal control, and risk management principles. Non-compliance increases a company’s exposure to cyberthreats such as data breaches and cyberattacks, making would-be hackers’ jobs easier.

Compliance with AI regulations about cybersecurity will be daunting as the technology continues to become increasingly mainstream. Forrester Research addressed these compliance concerns in a 2024 report on AI’s current and projected impact on business regarding innovation and legislation.  In a report summary, Forrester notedthe patchwork of laws, executive orders, and legislations across federal and local jurisdictions with which enterprises and technology vendors must contend.”

According to Forrester, 190 bills were introduced to regulate AI at the state level, and 14 became laws. Meanwhile, at the federal level, the Federal Trade Commission (FTC) “has begun to enforce existing laws with new powers from executive orders as well as more attention from FTC leadership. This could cause a dampening effect on enterprise AI innovation and strategy. In reality, regulations aren’t stopping AI leaders from pushing ahead. But it is changing the calculus on the AI use cases that enterprises will pursue and how.

In its report, Forrester laid out six essential steps for businesses to help navigate the “AI regulatory chaos.” For example, the firm recommended addressing existing U.S. laws that address some aspects of AI. The report also noted that industries can create their own AI standards and requirements and stressed that “business roles are on the hook for regulatory compliance,” with enterprises ultimately responsible for setting expectations for business roles “to own their AI systems not as technology, but as extensions of decision-making and operations.”

The future of cybersecurity

All evidence indicates that cybersecurity threats are rising and will continue to grow and evolve. Research firm Gartner recently identified the top cybersecurity trends for 2024, citing generative AI, unsecure employee behavior, third-party risks, and boardroom communication gaps as some of the driving forces behind these trends. Gartner also predicts that, by 2028, enterprise spending on battling misinformation will surpass $500 billion, “cannibalizing 50% of marketing and cybersecurity budgets,” according to the research firm. “The combination of AI, analytics, behavioral science, social media, Internet of Things, and other technologies enable bad actors to create and spread highly effective, mass-customized malinformation (or misinformation),” according to Gartner, which recommends that chief information security officers define responsibility for governing, devising, and executing organization-wide anti-misinformation programs.

Science fiction movies may typically depict such cyberthreats in an outdated way: a hacker sitting in a dingy apartment, looking at green code on black screens, for example. The reality is cyberthreats are more multifaceted than 10 years ago. Most are automated, performed by bots, and are more than a combination of brute-force attacks. They are sophisticated and will continue to advance in the years to come. This underscores the importance of adopting the most effective cybersecurity practices to protect an organization from increasing cybersecurity threats. 

By FNU Divyanka