Cyber security trends in 2023 – what fintechs can expect
Cybercrime is on the rise. With digital transformations a major concern for businesses globally, the attack surface is growing exponentially. And if recent events have taught us anything, it’s that people will always try to take things that don’t belong to them.
The fact is that cybercrime is more organized than we think. With a staggering rise in Ransomware-as-a-Service (RaaS), Hackers-as-a-Service (HaaS) and Access-as-a-Service (AaaS) lowering the bar of entry, it’s never been easier. Gone are the hoodie-wearing loners huddled in basements and mining data for cash. Now there are men in suits who, by all accounts, operate as legitimate businesses. With more systems requiring ever-increasing access to data to function, new vulnerabilities appear daily that need to be continually struck down like a mole.
As The art of war says, “If you know the enemy and know yourself, you need not fear the result of a hundred blows. If you know yourself but not the enemy, you will also suffer a defeat for every victory you achieve”. So as 2022 draws to a close, we need to study the expected cybersecurity trends to best prepare for what may lie ahead.
Ransomware and malware are on the rise
There’s a reason ransomware has stood the test of time, because it exploits the best vulnerability there is – human error. All it takes is one accidental click on the wrong link or connecting to unsecured WiFi, and an entire system can be compromised in seconds. The EU Agency on CyberSecurities’ annual Enisa Threat Landscape Report found that ransomware and accessibility attacks rank highest during the reporting period, with phishing as the most common vector of first access.
Another report found that 55% of financial institutions were affected by ransomware in the past year, an increase of 62% from the previous year. According to the same research, financial institutions received some of the lowest payouts from insurance companies after breaches, which means it’s really important to put in place a good counter-defense against cyber attacks.
One way to protect against ransomware attacks is to use regular backups, both in the cloud and on-premise, which enable quick data recovery – although this cannot defend against the very real possibility of your data being leaked in the dark the network or threat actors exploit other vulnerabilities.
Software supply chains threatened
Another important attack vector is supply chains, where attackers aim to target businesses on a mass scale by compromising third-party products. A recent incident was the SolarWinds Breach, where hackers were able to hide malicious code in an update to an IT monitoring system used by more than 30,000 public and private organizations, including the US government.
This is an extremely vulnerable area as many developers use modular software packages that come from many different sources, all of which can be compromised. “The problem is getting worse, with companies becoming more and more dependent on external suppliers,” says Steve Zalewski, assistant CISO at Levi Strauss. “What we need is an international chain of trust […] where we can all agree on a global set of tools and practices.”
One such solution could be the use of a Software Bill of Materials (SBOM), which staff can use to help them identify whether malware has been introduced into a system. However, this solution only works if the people managing the system understand the components well enough to identify anomalies.
War on cybersecurity talent
Unfortunately, weaknesses can be introduced into a system just by plain old ignorance. Nevertheless, another major problem facing companies is the lack of available talent, which leaves them unable to handle their cyber security needs in-house. This can be exacerbated by a lack of clear direction during the hiring process.
Hiring managers should know what skills they need to hire, where to find them, appropriate compensation, and above all else, good and timely communication. This requires an adequate understanding of the needs of the business, so it is important to ensure that hiring managers are properly informed before publishing a vacancy.
Lack of understanding can spill over to other employees, who may not be trained in how to identify potential attack vectors. A fact that became particularly apparent during the pandemic, when remote work forced many employees to manage their own system security: Hack-for-Hire groups like to attack “soft targets that may not […] have made security one of their top priorities“, according to Pierre Delcher, senior security researcher at Kaspersky’s GReAT. It is therefore important that all employees understand basic safety procedures.
Training current employees is a great way to approach this, as it is cheaper than leveraging salaries to attract talent and has the added bonus of keeping employees engaged. Employees are more likely to stay with a company where they feel they have momentum, which is attractive to other potential employees.
Many businesses looking to digitally transform their operations will need to mount a strong defense when it comes to cybersecurity, which means curating an IT team that knows the best way to implement this is more critical than ever.
Zero Trust models are in vogue
One such defense could be a zero-trust model, which has become a popular alternative to password protection. According to the latest Verizon Data Breach Report, 80% of data breaches are the result of bad or reused passwords. In a zero-trust model, users are treated as potential threat actors and must confirm their right to access data each time.
The traditional ‘Castle and Moat’ model of using a heavily guarded firewall is great, but once breached it leaves the entire system vulnerable. The idea of zero-trust is to establish roadblocks that prevent bad actors from moving sideways in the system. You can break one wall, but there will always be another blocking access to the rest of the system. Give your organization more time to detect and defend against an attack.
According to a study published by Teramind in 2021, organizations with fully deployed zero-trust architecture saved 43% on data breach costs. It is also the easiest and most effective way to manage the safety of remote workers. Zero trust can take many forms, including multi-factor authentication, continuous validation, intelligent surveillance (AI), least privilege, and micro-segmentation.
The role of AI in cyber defense
In addition to smart monitoring, there are many other ways AI can be implemented to keep data safe. Properly deployed AI is the well-trained watchdog whose sharp ears will detect and alert you to unknown visitors nearby.
The AI is trained to perform cognitive functions such as tracking suspicious activity in a bank’s systems, such as an employee trying to view files they normally wouldn’t, or a credit card being used outside of the customer’s normal daily routine. Anything outside the norm will be flagged to allow intervention.
These are all things that can be done by a human, but the scale required to provide this service 24/7 around the world would be almost impossible. AI can run indefinitely, constantly monitoring for suspicious behavior and ready to sound the alarm. According to the Teramind study, organizations using AI and security automation were able to detect and contain data breaches 27% faster.
