Get ready: what’s coming as cybersecurity trends in 2023

,Many organizations are aware of the risks involved in being exposed to computer threats and this has led to Cyber ​​security Be one of the top priorities. However, most organizations still struggle to respond to a security incident”Warning Camillo Gutierrez Amayahead of research laboratory ESET Latin America,

The company shares the selection with some of the main challenges facing cybersecurity today and for years to come:

cyber crime growth

It is expected that the cost will increase by 15% per year from 2021 to 2025 cyber crime And by that year they could reach $10.5 billion per year, which is more than the profits derived from the entire illegal drug trade combined. According to the report, this is explained by a very significant increase in the activity of organized cybercriminal groups and groups supported by governments, as well as an increase in the attack surface as a result of the digital transformation processes that a rapidly progressing digital economy.

lack of talent

lack of trained people To meet the growing demand of professionals as this industry is continuously growing. ISC2 says there is a need for 3.4 million more professionals working in cyber security globally and 70% of organizations said they had vacancies. In some countries, work is being done to bridge this gap and, for example, the World Economic Forum together with other companies launched an online education platform aimed at people and organizations called Cybersecurity Learning Hub. who seeks to train and improve skills. of security professionals so that more and more people can get quality employment in the field.

inclusion and diversity

In a context where talent shortage is already a challenge, another challenge before the industry is to make the workforce more diverse and inclusive. It is currently made up of mostly white people and it is necessary to develop initiatives and policies to broaden the participation of other populations. Not only because of the values, but because the goal of greater inclusion and diversity has a positive impact on the growth of organizations.

remote work

digital transformation Several companies, accelerated by the pandemic, have shown that safety is a priority issue. In the case of Remote and hybrid workOrganizations around the world can no longer rely solely on the security provided by the office’s technical infrastructure, but must ensure that there is proper training and technology in remote access to company systems to avoid risks.

dark web development

Huge increase in criminal activities dark web In recent years, this is a major challenge and reinforces the importance of carrying out activities such as threat intelligence. Monitoring of the dark web by companies and organizations helps prevent attacks, helps understand how fraudulent and cybercriminal groups think, what vulnerabilities are being marketed, how they can access organization systems or people. What malicious tools do they use to deceive, or what information about an organization is circulating in these secret markets.

development of social engineering

Trends such as the development of new forms of social engineering force organizations to carry out training tasks to stay up to date with attack methods. one of these ways is callback phishing, a strategy that combines attack forms such as phishing and vishing in a single campaign. For example, via email, potential victims are notified of the automatic renewal of a subscription to a service and if they wish to cancel, they can contact a telephone number provided by message . Cybercriminals are using these forms of attack with increasing frequency to try to access organization systems and deploy malware; Among them, the ransomware group.

Security of the Crypto Ecosystem

to realize the interest aroused by the world of cryptocurrency, NFT, games to earn And so on, for both users and malicious actors, just check out platforms like PhishTank and see the number of phishing sites designed to steal crypto wallet credentials. There are also reports of attacks on various cryptocurrency exchanges that lead to the theft of millions in cryptocurrencies, or cases involving APT groups, such as Lazarus, attacks on the Ronin sidechain of video games. axi infinity Which led to a millionaire robbery in RTH and USDC. Computer risks and threats surrounding the entire crypto ecosystem pose a major challenge to the industry and to security in general.

l ransomware

It remains a challenge that requires continuing to invest in training and awareness as well as the tools needed to face it. From 2020 to 2021, the number of hacking attacks doubled. ransomware And activity doesn’t appear to be waning in 2022. If you look at how this type of threat has evolved over the past five years, you can see not only that it is an existing threat, but that it was still there before the ransomware business stopped paying money to the cybercrime industry. There is a long way to go. ,

metaverse

presumption on adopting metaverso Show that by 2026, 25% of the world’s people will spend at least one hour a day in this virtual world. Therefore, security in the metaverse is presented as a challenge for the future. As explained by the ESET research team, these shared virtual worlds for socializing, gaming and in which the movement of assets will take place, will give rise to attacks and fraud. Furthermore, technological innovations are not always developed with safety in mind and business pressures cause technologies to be brought to market often sooner.

More education and awareness

A fundamental challenge that the industry will never have is improving education and awareness of the cyber security risks that exist. With the high penetration of the Internet and technology on a global scale, the attack surface has expanded significantly if what happened a decade or two ago is taken as context; However, this change was accompanied by actions that seek to raise wider awareness of the risks and safeguards.

,These are some of the challenges that cyber security must address. Some are part of the present and others focus on future scenarios. The list is long, but in any case, being able to tackle any of these challenges requires the work and effort of multiple actors, not just the cyber security industry.”The finale of Gutierrez Amaya.