acm-header
Sign In

Communications of the ACM

BLOG@CACM

Navigating the 2023 Cybersecurity Landscape


View as: Print Mobile App Share:

We live in an era where information security technologies flourish like never before. The importance of these technologies cannot be overstated, given how deeply integrated gadgets have become in our lives. People willingly feed various services with their personal information, everything from passport details to vaccination codes. Even more intriguing, many apps and services have become so personalized that they often greet us by name and wish us happy birthdays even before our loved ones do.

The expansion of infosec awareness

Safeguarding sensitive data has emerged as a top priority for organizations. Any data breach can serve as a compelling reason for customers to abandon a company's products. It is interesting to observe the evolving landscape of services in response to these security concerns. For instance, banking applications now provide complimentary protection against scam calls, while personal budgeting apps offer intricate authentication systems.

The main reasons for these changes are largely attributed to the impact of the COVID-19 pandemic. As individuals adapted to practicing increased hand hygiene and wearing masks to mitigate the spread of the virus, businesses also realized the importance of being equally vigilant in safeguarding their infrastructure.

These changes were driven by several factors. Firstly, the necessity to transition from offline to online became crucial for numerous businesses as a means to sustain their operations. On this way, many small and medium-sized enterprises lacking dedicated information security specialists became vulnerable targets for cybercriminals.

Secondly, the shift toward remote work mode played a significant role. Work systems that were previously manageable within the confines of office perimeters now extended to employees' home computers, making them more challenging to control and secure.

To ensure security, it was crucial to appropriately configure the virtual desktop infrastructure and other tools. This task typically required the expertise of an experienced system administrator or the use of preconfigured solutions. Inadequately configured protection mechanisms could potentially create vulnerabilities in information security systems.

The last reason extends beyond the pandemic's consequences and represents a significant market trend. Service architectures are becoming increasingly complex, with their functionality experiencing exponential growth alongside a rising number of users. This naturally influences the approach to the supporting infrastructure's quantity and quality. In complex systems, there is an inherent risk of human error, which can create potential entry points for cybercriminals. Consequently, the demand for modern information security solutions continues to rise to mitigate these risks effectively.

Insights into 2023 and beyond

In recent years, the cloud infrastructure field has witnessed remarkable growth in the realm of information security. Virtual machines have captivated us with their rapid deployment speed and the flexibility of payment models. The cloud environment also offers greater ease in constructing intricate architectural models. The rise in popularity of multi-cloud, which combines services from multiple vendors and hybrid infrastructures, further illustrates this trend.

The market is decidedly trending toward more complex solutions, a development driven by the reduction in Time-to-Market—how quickly a product's value can reach the user. Companies creating services are establishing processes for the continuous integration of fresh solutions. However, merely constructing a fortress-like wall around one's infrastructure with firewalls is not enough anymore. That is because modern threats are increasingly originating not just externally but internally, exploiting code vulnerabilities or emanating from malicious insiders.

Shift left

There is a trend in cybersecurity called Shift Left Security, which emphasizes considering security issues one step earlier in the development process before the application is rolled out into production. Essentially, it advocates for writing product code in a way that prevents vulnerabilities from the outset. To achieve this, a range of information security solutions are being developed, such as static and dynamic analyzers, component and dependency analyzers, image scanners, etc. Fields like DevSecOps and Application Security, which are tasked with monitoring the safety of code and CI/CD, are swiftly evolving and expanding.

Revamping the perimeter

In 2023, the roster of most frequent techniques used to breach computer systems has not changed much. Tactics such as social engineering, password cracking, configuration mistakes, and exploiting unpatched vulnerabilities continue to top the list.

Cybercriminals' tactics are evolving in complexity, with some beginning to employ artificial intelligence to craft highly personalized phishing messages. Despite comprehensive security awareness programs, exploiting company employees remains an effective and relatively easy method for breaches.

As remote work and multi-platform services grow in popularity, it has become easier to target employees. The ability for a person to access sensitive company systems from a mobile phone ,or work over a coffee shop's Wi-Fi, has blurred the security perimeter. It is increasingly common now for work and personal computing to blend together. People often use the same laptop for work—such as analyzing company data during the day—and for personal use, like ordering groceries for delivery in the evening.

Traditional security measures like data encryption, secure protocols, and network filters are no longer sufficient. Consequently, new tools are being introduced with the primary goal of re-establishing network security perimeters. This is done by creating safe work zones or restricting access to specific software and websites. These solutions include Cloud Access Security Broker, Sandbox, Web-Filtering, Data Loss Prevention, Application Whitelisting, Network Segmentation, etc.

Monitoring in cybersecurity

Another rapidly growing sector in information security is monitoring. You are likely familiar with open-source infrastructure monitoring solutions like Zabbix or Prometheus that alert you to network overloads and other server anomalies. Now, envision a tool capable of scrutinizing your service's information security system. This tool would be able to identify vulnerabilities based on the latest updates or detect unusual user behavior, all thanks to advancements in AI technology.

Compliance

Customers, particularly in the B2B and B2C sectors, increasingly are recognizing the importance of security and demanding it from their service providers. So, another key trend today is ensuring compliance, which involves services and infrastructure adhering to information security standards mandated by legislation or international norms. Aligning an on-premises infrastructure with these standards can be lengthy and challenging. This is where cloud service providers step in and provide support. Typically, market leaders make it a point to align their services with relevant regulations, relieving clients of the burden of ensuring compliance when handling and processing personal data.

SECaaS and MSSPs

The trend of Security-as-a-Service is closely tied to the broader trend in the cloud market toward Managed Services. In this model, clients can outsource the most complex tasks to external teams if they lack the necessary in-house expertise. From a financial perspective, the cost of recruiting and training one or more employees is often higher than procuring services from a specialized provider.

IT services that assist with infrastructure system administration and migration from dedicated servers to the cloud are quite popular. Similar services also are emerging in the realm of information security. Setting up network security, selecting the appropriate infrastructure, and optimizing a suite of information security solutions can be daunting for a standalone security team. For companies that may not have the resources to maintain a full-time team of such experts, Managed Security Service Providers (MSSPs) offer a viable solution.

Provider selection's impact on security

The journey toward ensuring information security often begins with choosing the right provider. This decision should be approached with the same scrutiny you would use when selecting a bank, only with the understanding that it is not money being safeguarded, but data. Opting for a reputable company with market experience already lays the foundation for your protection strategy. A compelling reason to choose a reputable provider is the diverse range of security products they offer. When you lease their infrastructure, you can also immediately acquire essential information security services such as VPNs, firewalls, endpoint protection, and more. These services are easier to integrate into your existing infrastructure and typically come at a lower cost.

Most importantly, the best providers stay current with industry trends. This means they have either already incorporated all the security trends into their offerings or included them in the service development roadmap for the upcoming year.

Final thoughts

As we look ahead, it is evident that the evolution of cybersecurity is intrinsically linked with our collective, technology-driven future. Navigating this digital landscape demands continuous learning, agile adaptability, and an unwavering commitment to security at all levels. From embracing sophisticated security tools, investing in provider services, and anticipating the next wave of threats, a proactive stance toward cybersecurity has become a non-negotiable corporate necessity. It is no longer just about protecting data; it is about sustaining trust, ensuring compliance, and fostering an environment safe for innovation.

Alex Vakulov is a cybersecurity researcher with over 20 years of experience in malware analysis and strong malware removal skills.


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account