From Increased Email Threats To More Regulation: What Does The Security Horizon Hold?
What are the latest threats and trends in the security industry?
By recognizing the current position security teams are in, we can analyze the biggest threats and trends in the year ahead and whether the industry is up to the task, shares Mike Fleck, Senior Director of Sales Engineering, Cyren.
The past few years have been an extremely tumultuous time for cyber security. The volume and impact of attacks have both increased and intensified. With the rise in international disputes, nation-state-backed threats are a growing concern across the United States and the UK. Additionally, with the onset of an economic downturn and the skills gap growing, security teams are under more pressure than ever.
The Evolution of Email Security Towards Defense in Depth
Cyber attackers are becoming increasingly adept at slipping through email defenses and luring employees into clicking phishing links and downloading malware with the evolution of social engineering tactics.
This threat will continue to grow in 2023, and, in response, we will start to see email security evolve and move towards a defense-in-depth approach along the same lines as other areas of security. Intrusion detection systems, for example, have evolved as a response to more attacks getting through network firewalls. Meanwhile, endpoint detection and response has developed as malware authors have learned how to evade standard antivirus agents.
For email security, we need to see strategies take on more depth by adding additional layers of security beyond email filters and employee security awareness training. Stopping more sophisticated email threats requires automated detection and response tools to hunt and eliminate highly dangerous targeted attacks like spear phishing and business email compromise (BEC).
More On: The Importance of Security Control Validation in Breach Damage Minimization
Awareness of the Cracks in Multifactor Authentication Tools
Phishing has become the threat actors’ weapon of choice today, as it is currently estimated that at least 90 percent of breaches occur due to these tactics. I believe phishing will remain an unsolved problem into 2023 and result in countless more account takeover attacks.
Multifactor authentication (MFA) has often been hailed as the best solution to guard against attacks using credentials stolen through phishing. However, while the principle behind MFA is surely sound, in practice, the implementation is often flawed. Many so-called strong authentication methods still rely on mobile phones and email accounts as factors, but these were never meant to be identities and are vulnerable in high-risk use cases.
Phishers are continually updating their tactics to defeat standard additional verification steps like one-time codes sent via mobile and email. Methods such as MFA bombing, which sees a flurry of alerts sent to the victim’s device, have been exploited by high-profile groups such as Lapsus$ and Nobelium and are becoming more commonplace for regular criminal groups.
Password-less authentication tools look to be one of the best approaches for helping MFA stand up to these tactics, although it may be some time before it is widespread due to insufficient lifecycle management solutions and incompatibility with legacy systems.
Coming to Terms with the Cybersecurity Skills Gap
The security industry has been struggling with a prolonged skills shortage for some time now, and the gap is likely to widen into the new year. The 2022 Cybersecurity Workforce Study by the (ISC)² found that the global cybersecurity workforce increased by 26.2 percent this year compared to 2021, and there is still a shortfall of 3.4 million workers.
This will likely worsen over the next year as businesses reduce their workforces and freeze hiring in preparation for the economic downturn. Security roles are also becoming more stressful thanks to alert fatigue and overwhelmed Security Operations Center (SOC) teams. Roles such as analysts face a steady stream of high-volume, low quality-alerts that result in their job becoming a daily grind with low job satisfaction.
To counteract these trends, security leaders will really start seeing the benefits in accelerating the adoption of solutions that either outsource threat investigation or automate the investigations and alert responses. Automating incident response workflows will help reduce the burden on security teams and enable them to work more efficiently. While we may not see this desired result before the end of the upcoming year, this is one of the most promising use cases for AI and machine learning-powered tools, so I anticipate a lot of maturity and progress in the field in the year ahead.
More Security Regulations on the Horizon?
The last few years have seen a strong focus on national legislation pushing for better cyber hygiene and breach disclosure, with the EU GDPR setting off a global trend. There has also been a lot of movement at a state level with new regulations like the California Consumer Privacy Act (CCPA) and in specific industries, such as updates to HIPAA’s HITECH guidelines.
The US federal government also appears to be moving closer to the goal of implementing a national baseline of cybersecurity best practices. The Cross-Sector Performance Goals, recently announced by CISA, along with President Biden’s mandate on Zero Trust for governmental organizations, show a more concerted effort to improve security on a national scale. Outside of the government, the burgeoning cyber insurance industry is also setting a higher bar for due diligence in avoiding and responding to breaches.
More On: Protecting Macs Against Ransomware: Top Tips & Best Practices
A better baseline for national security is more important than ever as we face heightened international tensions and a greater level of cyber threats from nation-state actors. The political divisions within most large Western economies do not create a fertile ground for which new comprehensive cybersecurity legislation can be approved in 2023. Nevertheless, I anticipate governments will be taking a more direct approach to cyber security in the next year, particularly when it comes to critical industries such as healthcare, manufacturing and energy.
Securing critical infrastructure like this will be a major priority in 2023 and beyond, particularly as international tensions continue to run high. Supply chain security is another top concern in the year ahead as threat actors continue to target digital connections as a means of bypassing security.
A more effective approach to email security will be critical for both of these areas, as phishing emails will continue to be the primary vector for stealing credentials and launching attacks. A more reliable, layered approach to email security will make all the difference in defending against this threat in 2023 and beyond.
How are you adapting your email security strategies to suit the growing threats? Share with us on Facebook, Twitter, and LinkedIn.
Image Source: Shutterstock
MORE ON EMAIL SECURITY
