2023 has further proven that the state of cybersecurity is constantly evolving. New technologies are emerging and increasingly being adopted for purposes of enhancing threat detection, analyzing large volumes of data for anomalies and automating security processes. Meanwhile, cyberthreats are becoming increasingly sophisticated. In 2022, 76% of organizations were targeted by a ransomware attack, of which 64% were infected.1 To more effectively defend against such attacks, it is important for cyberprofessionals to understand current trends and challenges that exist in the field of cybersecurity.
A Growing Threat Landscape
The threat landscape continues to expand with the increasing connectivity of devices and systems through the Internet of Things (IoT) and the proliferation of digital technologies. Cyberattacks such as ransomware, phishing and insider threats remain pervasive and pose significant risk to enterprises, governments and individuals alike. Although these threats are nothing new, as data continue to be produced and stored in greater volumes, and as connectivity expands globally, the attack surface has become more exploitable with gaps and vulnerabilities that are appealing to criminal and nation-state hackers.2 In 2023, cyberthreats are expected to rise as unrest around the world contributes to an increase in cybercrimes.3 Malware attacks (e.g., ransomware attacks) are also expected to target more enterprises.4
Emerging Technologies
Emerging technologies such as quantum computing, 5G networks and edge computing are being adopted at a rapidly increasing rate. However, this is introducing new cybersecurity challenges across several areas:
- Quantum computing:
- Encryption vulnerabilities—Quantum computers have the potential to break commonly used encryption algorithms, such as Rivest–Shamir–Adleman (RSA) and elliptic curve cryptography (ECC), that currently provide secure communication and data protection. This raises concerns about the privacy and integrity of sensitive data, including financial transactions and personal information.
- Post-quantum cryptography—The need to develop and implement post-quantum cryptographic algorithms that are resistant to quantum attacks is a challenge. Ensuring a smooth transition from traditional encryption to post-quantum cryptography is crucial to maintain secure communication in the quantum computing era.
- 5G networks:
- Increased attack surface—The widespread deployment of 5G networks significantly expands the attack surface, as there are more connected devices and a higher volume of data transmission. This poses challenges in terms of securing a larger and more complex ecosystem, including IoT devices, autonomous vehicles, and critical infrastructure.
- Network slicing and virtualization—The dynamic nature of 5G networks, which includes features such as network slicing and virtualization, introduces new vulnerabilities and potential points of exploitation. Proper segmentation and isolation between network slices and virtualized network functions are critical to prevent unauthorized access and data breaches.
- Edge computing:
- Distributed security—For edge computing, data processing and storage occur closer to the source of data generation. This distributed architecture creates challenges in ensuring consistent security measures across a decentralized infrastructure, making it essential to secure edge devices, gateways and communication channels effectively.
- Latency and bandwidth constraints—Edge computing emphasizes low-latency and real-time processing, which may limit the resources available for robust security measures. Balancing security requirements with the constraints of latency and bandwidth is crucial to prevent vulnerabilities and ensure data integrity.
These technologies bring opportunities for innovation and efficiency, but also raise concerns about their potential impact on security, privacy and data integrity. It is essential to prioritize research and development in secure quantum-resistant cryptography, network segmentation, threat detection and secure architecture design to mitigate risk and address the evolving cybersecurity landscape introduced by these technologies.
[Emerging] technologies bring opportunities for innovation and efficiency, but also raise concerns about their potential impact on security, privacy and data integrity.
AI and ML
Artificial intelligence (AI) and machine learning (ML) are increasingly used in cybersecurity for threat detection, response and automation of security tasks. However, challenges such as adversarial ML, biases in AI algorithms and the potential for AI-driven attacks must be carefully considered and mitigated. While AI and ML can enhance cybersecurity capabilities, there are also concerns about their potential for malicious use and ethical implications:
- Misinformation and disinformation—AI models have the capability to generate human-like responses, which may be exploited to spread misinformation or disinformation. Malicious actors could use the model to generate false information, deceive individuals and/or manipulate public opinion.
- Phishing and social engineering—AI models may be leveraged by attackers to enhance their phishing and social engineering campaigns. By mimicking human conversation, malicious cyberactors may attempt to deceive users into revealing sensitive information, such as passwords or financial details.
- Bias and unfair representation—AI models can reflect biases present in the data on which they were trained. If the training data contain biased or unfair information, there is a risk that the model may inadvertently generate biased or discriminatory responses. For example, in 2018, it was reported that Amazon had developed an AI-driven recruiting tool to automate the hiring process.5 However, the algorithm showed a bias against female candidates. The system was trained on historical résumé data, which was predominantly composed of male applicants. As a result, the algorithm learned to favor male candidates and downranked résumés containing terms associated with women.
- Privacy and data protection—When interacting with AI models, users may provide personal or sensitive information. It is crucial to ensure that appropriate measures are in place to protect user privacy and securely handle any data shared during conversations.
It is also worth noting that adversarial ML and AI-driven attacks have been observed in various contexts, such as evading spam filters or manipulating image recognition systems. To contend with these issues, organizations must prioritize responsible AI practices, conduct thorough testing, and regularly evaluate and address potential biases and vulnerabilities in their AI systems. Content filtering mechanisms should be established to help identify and prevent the dissemination of malicious, harmful or biased content generated by AI models.
Cloud Security
The use of cloud computing is growing. In 2022, 93% of technology leaders identified as being “mostly cloud.”6 But organizations continue to face challenges in securing their cloud environments. Cloud security requires expertise and understanding of the shared responsibility model. Organizations must secure their data and applications while also relying on cloud service providers (CSPs) for infrastructure security. Cloud computing is popular, but securing cloud environments presents unique challenges such as data breaches, misconfigurations and insider threats. Specialized security measures and best practices are required for effective cloud security, including:
- Identity and access management (IAM)—Implement strong IAM practices to control user access to cloud resources. This includes employing multi-factor authentication (MFA), role-based access control (RBAC), and regular review and revocation of access privileges. This ensures that only authorized individuals can access and manage cloud resources.
- Data loss prevention (DLP)—Implement DLP measures to prevent the unauthorized disclosure of sensitive information. Use techniques such as data classification, content scanning and policy enforcement to identify and prevent data leakage from cloud environments. This helps protect against accidental or intentional data exposure.
- Incident response and forensics—Develop and test an incident response plan specific to cloud environments. Define roles, responsibilities and communication channels for responding to security incidents. Establish incident response procedures, including forensic investigation capabilities, to identify the root cause, contain the incident, and prevent future occurrences.
Specialized security measures and best practices help organizations establish strong security postures and protect their cloud environments from threats and vulnerabilities. However, it is important to note that cloud security is an ongoing effort, and organizations should continuously adapt their security practices to address evolving threats and changing cloud environments.
Conclusion
The state of cybersecurity in 2023 is marked by a dynamic and evolving threat landscape, regulatory compliance and privacy concerns, and the increasing use of AI and ML, among other trends. Organizations and individuals must remain vigilant, proactive and adaptive to effectively address these trends—and their accompanying challenges—and protect against cyberthreats. Staying updated with emerging technologies, compliance requirements and best practices, while building a skilled cybersecurity workforce, is crucial for effective cybersecurity in the current landscape.
Endnotes
1 Sharma, S.; “New Cyberattack Tactics Rise Up as Ransomware Payouts Increase,” CSO, 28 February 2023
2 Brooks, C.; “Cybersecurity Trends and Statistics; More Sophisticated and Persistent Threats So Far in 2023,” Forbes, 5 May 2023
3 Kaspersky, “Cybersecurity Threats: What Awaits Us in 2023?,” Securelist, 9 November 2022
4 Ibid.
5 Dastin, J.; “Amazon Scraps Secret AI Hiring Tool That Showed Discrimination Against Women,” Reuters, 10 October 2018
6 Google, The Digital Crunch Time: 2022 State of APIs and Applications, 2022
Andy Lim, CISM, CEH, CPM, ISSPCS
Is the chief executive officer (CEO), founder and senior executive managing director of SITIS Canada. He is an accomplished senior technology executive with more than 30 years of extensive IT experience managing complex projects and implementing IT solutions for financial institutions, telecommunication sectors, government departments, healthcare organizations and manufacturing environments. Lim is experienced in managing cross-functional teams, implementing new applications, and maintaining business and clinical project portfolios while aligning strategic business plans with IT to ensure enterprise success.