Understanding the latest trends and threats is crucial to staying ahead in the fast paced world of cybersecurity. At Atlantic Data Security (ADS), our experts are on the front lines, navigating the complexities of this ever-changing landscape. Risk management is not just about having the latest technology but also understanding the nuances of the threat landscape.
We sat down with five of our top cybersecurity professionals to get their take on the most pressing issues and innovative strategies in the field today. Each of them brings a wealth of knowledge and a unique perspective, providing a comprehensive view of the current cybersecurity landscape.
Here is what five of our ADS team members have to say about different trends in cybersecurity, what they mean, and how best to approach them.
By ensuring that all members of the organization have basic cybersecurity awareness and contribute to the overall collective organization of the team.
This blog will guide you through the essential steps to create a robust cybersecurity awareness program. Read on to discover how a proactive approach to cybersecurity can transform your organization’s security posture and protect your valuable assets.
Table of Contents
- Supply Chain Attacks:
- Phishing, more dangerous than ever
- Remote Work and Access
- Optimizing Security Resources
- AI and Cybersecurity
- Conclusion:
Supply Chain Attacks:
Mike Chao is one of our Field Security Architects, spends most of his time working with our clients, helping develop collaborative security strategies and identifying ideal solutions. Here’s what he has to say about the growing risk of Supply Chain attacks.There’s been a huge increase in supply chain attacks over the past few years, and it feels like it’s accelerated even more this year. Our entire online infrastructure, and so much of the code that runs it, is so interconnected, it’s impossible to be totally invulnerable. And we’ve seen various threat groups over the past few years realize this and really make a concerted effort to identify different ways to use supply chains to get access into vulnerable target environments.
The challenge is that there are so many different pathways and approaches in which a supply chain attack can unfold, that it’s hard to secure them all effectively. One thing we’ve seen is that some threat groups seem to be focusing on injecting malicious code in commonly used libraries or tools and using that as an entry point. Others focus on breaching third party service providers, and using data and access they gain there to infiltrate and exploit secondary targets.
It’s also scary that some of these groups seem to be very sophisticated, likely with nation state backing. Just look at the recent Linux utils vulnerability, where threat actors spent years gaining the trust of the maintainer to integrate a back door.
The good news is that fundamental security practices can also help reduce your risk of exposure to these instances. Strong MFA, a good zero trust architecture, enforcing the principle of least privilege and establishing a TPRM program can all massively reduce the risk that you get caught up in an attack on your supply chain, and limit the blast radius if you do.
Phishing, more dangerous than ever
Taken as a whole, the cybersecurity profession does a good job of staying up to date with whatever threat actors are up to. Threat researchers monitor activity, and this trickles down to the rest of the industry, and we quickly adjust to whatever novel tactic bad actors may be using. But I think over the past year or so, we’ve fallen behind on how phishing emails and other social engineering attacks have gotten more dangerous.
There are some threat groups out there that specialize in credential harvesting, where they hack an organization and then try to scrape as much account information as possible and then resell it to other threat actors. They then use the stolen account info to launch other attacks. These days MFA has thankfully started to become fairly widespread, so a compromised password isn’t an instant breach, so threat actors often need to launch phishing attacks to compromise MFA.
None of that’s super new, but what has changed is that the quality of phishing emails we have been seeing. I suspect the surge in AI is at least partly responsible for that; where threat actors are starting to use tools like ChatGPT or similar to start personalizing emails much larger scales. And threat actors are getting more aggressive about launching their attacks through different methods, like social media or over phone.
Ultimately, this all boils down to the fact that we need to take Cybersecurity training and awareness seriously. We’ve come so far that security tools can protect us from most of the attacks out there. Which is why hackers need to directly attack and trick our users now. With the right preparation and training, we can set up our users to be our strongest layer of protection against these threats, but if not, we leave a core vulnerability exposed.
Remote Work and Access
Allison Brown heads our Professional Services team, providing our clients with seamless implementation and updating of new and exisitng security solutions. This is what she has to say on the role of remote work in the modern threat landscape.Personally, I was used to working in the office 5 days a week. Then the pandemic happened, and I’ve never been back to the office regularly. Looking back, I think the transition to remote work was somewhat inevitable, but massively accelerated. The benefits for remote working when possible seem pretty clear to me; better productivity, better work life balance, better employee satisfaction, better retention.
In short, I think remote work is here to stay. It’s been 4 years since many organizations have made the switch. Companies have reopened offices but have stuck with hybrid polices in many cases. As I said, in hindsight the switch to remote work seems inevitable. A lot of the technology that really made it feasible, such as Cloud and SaaS applications, were already established and developing into maturity back then. So the challenge for a lot of our customers back then was not so much, ‘how do get our employees to be able to work remotely,’ but ‘how can we make sure our employees work securely.’ That boils down to a number of different steps. Multi-factor authentication, good password hygiene and management, endpoint security solutions, etc. But like the Cloud and SaaS infrastructure that enabled remote work, these security tools were also already established components of a comprehensive security posture. So we really got to see the benefits of a proactive security approach, where companies that were well prepared had a much easier time adjusting to remote work. There is one thing about the remote work shift though that I think has been a good and bad thing in terms of security, and that we, as an industry, are still trying to get up to speed on. Remote working has made our users more engaged with and responsible for their devices than they used to be. That’s really driven the need for effective cybersecurity training and awareness for all users, especially as we’ve seen hackers really step up their phishing and social engineering attacks.
Optimizing Security Resources
AS VP of our Security Services Delivery Department, Matt oversees our diverse services, ensuring that clients recieve impeccable, comprehensive, and effective security. This is his persepctive on the challenges many security teams face balancing limited resources and risk reduction.Working with our clients on a regular basis, I’ve noticed a significant shift in the last few years as security teams across industries are facing more pressure to be cost-effective. Parts of that are related to the economic slowdown in some sectors such as tech after the pandemic, and some of that is also related to lingering impression of cybersecurity as a luxury and a cost center. But I also see it as a sign that cybersecurity is maturing. When security IS a luxury, you don’t care as much about exactly what you get out of that budget. Whereas If we recognize cybersecurity as essential for business operations and continuity, we need to invest into it. But we also need to maximize our investments. That being said, it’s not always easy to optimize your tech stack. Cybersecurity is a complex field which requires know-how and skills in several different domains and toolsets. And risk management is always a tricky balancing act. On top of that, we’re seeing increasing amounts of overlap and convergence between vendors across the industry. Ultimately, you’re trying to answer a bunch of tightly interconnected questions. There are ways to try to structure and systematize these challenges, like the [NIST CSF], that should make it easier to prioritize, plan, and implement security optimizations. But ultimately there’s no substitute for expertise and experience.
AI and Cybersecurity
AS the longest tenured ADS employee, Eric wears a variety of hats, from field security architect to cybersecurity evangelist, sharing his thoughts and unique perspectives on how we can best tackle the current threat landscape. These are his thoughts on the role of AI in cybersecurity.We can’t really put out a Cybersecurtiy 2024 Trends blog without talking about AI can we? So I’ll bite the bullet.
AI has gotten a lot of buzz and attention over the past year, although I’m often a bit reluctant to use the term. Some technologies, most prominently LLMs, and text-to-image models have made significant, highly visible leaps towards maturity in the past year. But a lot of that buzz misses the steady advances that other machine learning applications have been making in other use cases.
I’m not sure I can make any definite predictions of how much and in what ways AI will reshape our world, but here are two predictions I will make:
I don’t think that AI will dramatically shake up the balance between threat actors and defenders. In my experience every new technological advancement we’ve seen in cybersecurity was quickly leveraged by both sides closing any related gaps.
I expect that we’re going to see some significant regulations in the next 5 to 10 years. Recently, we saw some of the fight kick of about intellectual property issues with several record labels suing AI music generators. I expect we’ll see similar questions arise related to data privacy, and consumer protection.
However things shake out, it should be interesting.
Conclusion
Navigating cybersecurity requires both knowledge and strategy. Whether it’s supply chain attacks, phishing, remote work security, optimizing resources, or the impact of AI, understanding these issues is crucial for robust defense. Our ADS experts have years of experiences, sharing this expertise with our clients. Speak with one of our advisors today to learn how Atlantic Data Security can help protect your organization