CS Jan-Feb 2024

More documents

Recommendations

Info

2024 predictions THROUGH THE ‘LURKING’ GLASS HOW MIGHT THE 'DARKER FORCES' OF CYBER SECURITY IMPACT THE INDUSTRY IN 2024? HERE, SEVERAL OBSERVERS OFFER THEIR THOUGHTS ON WHAT MIGHT BE LURKING UP AHEAD It's the question that so many in the cyber security industry have all been asking themselves of late, even when escaping the office, home or away, for a welcome festive break: what can we expect in the year ahead? Lots of positives to underpin a thriving business, hopefully, but also recognition that the darker forces that threaten organisations at large will not be going away. What do some of those 'in the field' make of it all? Yvonne Bernard, CTO, Hornetsecurity: It's no secret that generative artificial intelligence (gen AI) has quickly become a force to be reckoned with. Since the public release of ChatGPT in November 2022 and its following viral popularity, gen AI has turned the cybersecurity industry on its head, with OpenAI's ChatGPT registering more than 180 million unique visitors as of August 2023, according to Reuters. In 2024, cybercriminals can be expected to continue developing their understanding of dark web variants of ChatGPT - such as DarkBERT and WormGPT - to automate additional portions of a cyberattack chain (also known as a cyber kill chain). If successful in their endeavours, it will likely mean that cybercriminals will have the ability to speed up the rate of their attacks even further. These AI tools allow even inexperienced cybercriminals to not only launch attacks, but also learn how to facilitate attacks. As such, it has driven an increase in cyberattacks throughout 2023. Spear-phishing remains the most popular type of attack and, with the popularity of gen AI, it is likely not only to remain popular, but notably increase, given that spear-phishing attack chains can be completely automated and thus significantly simplified, due to personalised spear-phishing methods. With gen AI, users now only need a few pieces of information, such as an email address or place of employment, to initiate spear-phishing attacks. On top of all that, with the advent of new technology also comes new opportunities for criminal activity from bad actors - consider the potential for a cyberattack against a gen AI service. The goal of an attack of this kind likely would be to poison the gen AI tool's responses to spread misinformation. So, what are businesses to do? AI seems like a challenging opponent to best, but companies that have stringent training and tools in place among their employees are well set up to defend against even the most sophisticated AI-aided cyberattacks. The latest security tools are already using AI for good, to help detect attacks. Additionally, the risks of account hijacking can be reduced with the use of innovative two-factor identification (2FA) methods, such as FIDO2 (Fast IDentity Online). Effective cybersecurity also comes down to people. It is imperative to implement a 'human firewall', whereby employees are trained to recognise potential cyberattacks. This includes establishing the 'mindset-skillset-toolset' triad: Mindset: raise employee awareness of growing cyber threats Skillset: implement awareness training from classic learning forms with simulations Toolset: include tools to support employee security behaviour, such as password managers to protect against log-in data theft. Companies that remain vigilant and up to date on these gen AI and other emerging technological developments, and adjust their security accordingly, will be best equipped for cyber safety in 2024 and beyond. Usman Choudhary, chief product and technology officer at VIPRE Security Group Generative AI will drive self-service security and help to alleviate the cyber talent shortage. Historically, security has been considered a highly specialised and technical profession. As a result, security teams in enterprises have borne the burden of keeping the organisation safe, alongside attempts to encourage involvement from technology users and staff to also take ownership by staying vigilant to help thwart phishing attacks and other scams. Generative AI will change this in 2024, initiating a drive towards self-service cybersecurity. This technology will commoditise and democratise security by providing Natural Language Processing-based tools to enable employees to identify fraudulent 10 computing security Jan/Feb 2024 @CSMagAndAwards www.computingsecurity.co.uk
2024 predictions activity independently and accurately, to effectively escalate to infosecurity teams as appropriate. Likewise, infosecurity teams will have at their disposal capabilities that automate time- and resource-intensive processes across the cybersecurity spectrum. All this combined will make a marked stride in helping to alleviate the global cyber talent shortage. Investment in security will see an upsurge to reflect generative AI. As much as AI is a tool that will help to make strides in strengthening cybersecurity defences, it is also a technique that is being widely deployed by threat actors to breach those safeguards with success. Following a period of relatively stationary budgets, enterprises will increase spending in security, investing especially in generative AI-based products, services and cybersecurity skills. Aaron Kiemele, CISO at Jamf In 2024, cybersecurity teams will need to be extra vigilant about nation state threats. Major elections taking place across the world, as well as the continued conflict in Ukraine and Israel, will drive increased cyberattacks from statesponsored groups. Advanced persistent threat (APT) groups linked to foreign governments will expand their targets beyond large organisations in critical infrastructure or sensitive industries. Smaller businesses in the supply chain or partner ecosystem will increasingly be attacked as vectors to the true targets. Collaboration, management and cloud tools used by smaller suppliers will be attractive targets for nation state actors. These tools hold sensitive data and access that could provide an easy pathway for lateral movement towards a larger primary target. Organisations of all sizes will need to ensure they are not the weak link that allows adversaries access to their partners and customers. Cybersecurity teams should expand their protection, detection and response capabilities, with nation state campaigns in mind. Partnering closely with governments and information-sharing organisations will also be key to identify and defend against threats early. Ultimately, the APT landscape in 2024 will be highly complex. But with robust preparation and cooperation, organisations can develop appropriate resilience against even significant nation state capabilities. Simon Hodgkinson, former BP CISO and strategic adviser to Semperis Businesses are finally starting to understand that cyber isn't a topic for the IT department, but an enterprise risk. Earlier this year, Uber's former chief security officer was sentenced for his role in covering up a data breach. Such headlines drive home an important message: Organisations are waking up to the fact that security and operational resilience need to be owned by the boardroom. Incoming regulations such as NIS2, as well as the general rise in cyber awareness, reinforce this. Operational technology is one area that's particularly difficult to protect and organisations will need to put mitigating controls in place to counter the risks. Guido Grillenmeier, principal technologist, Semperis Attackers are still exploiting basic vulnerabilities - with the help of AI. The core weak spots used by attackers haven't changed over the years and are still being exploited successfully. Take Active Directory as an example, Microsoft's core identity service, which is used by hackers to gain user privileges and penetrate deeper into their victim's network. Attackers' initial entry methods are evolving, though, with Artificial Intelligence allowing cybercriminals to create ever more sophisticated and convincing phishing campaigns that play tricks with users' emotions. Even users with a high level of security awareness can now get caught out by such incredibly well-engineered phishing attempts. The release of Windows Server 2025 towards the end of 2024 recognises the need to reinforce identity security, with the introduction of some additional security Yvonne Bernard, Hornetsecurity: with the advent of new technology also comes new opportunities for criminal activity from bad actors. Usman Choudhary, VIPRE: generative AI will drive self-service security and help to alleviate the cyber talent shortage. www.computingsecurity.co.uk @CSMagAndAwards Jan/Feb 2024 computing security 11
Page 1: Computing Security Secure systems,
Page 4 and 5: Secure systems, secure data, secure
Page 6 and 7: news Bernard Montell. HORNETSECURIT
Page 8 and 9: news Sukru Ilker Birakoglu. SUPPORT
Page 12 and 13: 2024 predictions Aaron Kiemele, Jam
Page 14 and 15: training SAFEGUARDING HR IN THE AGE
Page 16 and 17: cybersecurity THE TOP-LEVEL FIBRE B
Page 18 and 19: artificial intelligence AI - WHERE
Page 20 and 21: artificial intelligence Gareth Lock
Page 22 and 23: phishing PHISHING FOR THE ANSWERS D
Page 24 and 25: ansomware WE SHALL NOT BE MOVED! SE
Page 26 and 27: ansomware Raja Patel - Sophos: cybe
Page 28 and 29: attack… attack POINT OF IMPACT IN
Page 30 and 31: attack… attack Amit Sinha, DigiCe
Page 32 and 33: cybercrime STAYING ABOVE THE WATER
Page 34 and 35: cybercrime crisis is behind us, the
Page 36: Computing Security Secure systems,

CS Jan-Feb 2024

Create successful ePaper yourself

Delete template?

Save as template?