Cybersecurity thought leaders are starting to forecast what might be on the horizon for the cybersecurity industry. To assess what can organizations, security teams, and employees alike anticipate for next year, Cybrary’s CEO, Kevin Hanes tells Digital Journal we can expect more change.
From new repercussions of paying ransomware demands, differentiating between cybercrime and nation-state attacks, lack of improvement for the cyber skills gap, OT environments under siege, and COVID’s impact on security issues (or lack thereof), Hanes looks at a variety of issues.
Ransomware attacks will continue to increase, and someone finally pays the full price for meeting demands.
According to Hanes, ransomware events are going to continue and increase in intensity: “Even though ransomware attacks over the past couple years have been bad, they were only the tip of the iceberg. Given the extensive financial motivations for ransomware gangs and their utilization of insider threats, even current legislation and the Biden Administration’s cybersecurity executive order aren’t going to prevent companies from trying to discreetly meet their demands.”
This creates decision points. Hanes predicts: “As organizations weigh the risks of guaranteed pain now versus potential repercussions later, someone is going to be made an example of by the federal government in short order. Not knowing the law won’t be an excuse and, although jail time is unlikely, there will be organizations that are indicted in order to make them think twice about paying these criminals in the future.”
The line between cybercrime and nation-state attacks will continue to blur
Hanes notes that “Following a cyberattack or data breach a couple of years ago, threat intelligence companies could often assess the breadcrumbs left behind by attackers and make a reasonably accurate determination of who was behind it. This was largely in part because certain threat actors often have a “playbook” that drives how to operate.”
This process has now shifted, as Hanes explains: “Given the common rebranding of ransomware gangs and criminal organizations using the same tactics, techniques, and procedures (TTPs) as nation-states, some of these attacks are becoming indistinguishable from each other. Additionally, a single threat actor isn’t solely responsible for various attacks, but rather a group that all have a hand in it.”
The cybersecurity workforce shortage and skills gap won’t improve.
Hanes is pessimistic for the skills gap improving. He discusses: “Following the Biden Administration’s cybersecurity executive order in May, there was hope throughout the industry that the increased resources and emphasis placed on the growing threat would lead to closing the cyber workforce and skills gap.”
The problem is, says Hanes “It’s not going to be an immediate fix and it’s also one that needs to be assisted by private companies that invest in more hands-on training programs that focus on building transferable technical skills rather than purely professional development. This way they make their respective security teams more efficient instead of having to rely on expensive security products. Also, in terms of geographies, organizations based within countries with allocated resources, such as the U.S. aren’t going to see this issue get worse, but places without the same prioritization and funding are going to encounter even more difficulties on this front.”
OT environments will be subject to the cyber “perfect storm.”
In terms of significant risks, Hanes predicts: “Centers that control the entire manufacturing process for organizations are going to be at even greater risk in the new year. Since implementing new technology and infrastructure can disrupt their entire environment and supply chain, these centers often have old security systems that can be vulnerable to attacks. This perfect storm of outdated technology and a lack of adequate patching capabilities, combined with the fact that it’s the closest thing to an organization’s cash register, makes it an ideal and easy target for threat actors.”
COVID’s impact on phishing attacks and WFH security is more bark than bite.
Other types of risks that hit the headlines may not be so bad, Hanes advises: 2Over the past couple years, many have been talking about the impacts that COVID could have on phishing campaigns and remote work. However, there’s always going to be a current event or newsworthy item that threat actors can exploit or leverage when it comes to phishing campaigns. Additionally, even though remote work used to be a concern at the onset of the pandemic, organizations and employees have adapted at a rapid pace, leaving a majority of the security concerns in the dust.”
