When we look at the current state of cybersecurity readiness there is one bright spot. Companies and individuals are beginning to shift their focus to create cultures of security and resilience versus compliance and breach-prevention. We continue to face strong headwinds.
We are witnessing a dramatic rise of purely destructive attacks by advanced persistent threats, as techniques of cyberwar are coming into commercial cybercrime. Adversarial artificial intelligence will be become mainstream. We have seen some advancement with ChatGPT, but GPT-4 technology will be the killer tool.
Mobile workplace and work from home started during Covid will continue to offer attackers a broadened attack surface that will allow more lateral penetrations. Macro-economic pressures and the fear of recession will move companies’ priorities and focus away from cybersecurity exposing weaknesses. Industrial control service systems are coming under increased levels of attack as utilization and reliance continues to grow.
Crime-as-a-service and ready-made-kits are becoming more common allowing lower-level criminals to get involved in cybersecurity exhortations and attacks. Increasing multi-factor authentication is fueling a surge in social engineering as criminals find a way to circumvent this roadblock.
Cybersecurity insurance underwriting will continue to increase security requirements. Premiums and outright rejections are skyrocketing as insurance companies have suffered increased losses.
Another bright spot is that these vulnerabilities are continuing to drive innovation in the space. We are seeing implementations of artificial intelligence on the defensive side. There are new products being introduced that not only level the playing field, but they also drive down costs for companies.
The news headlines are still being led by nation-state threat actors. We will continue to see this as an increasing threat as countries take advantage of a weakening economy, and the discord of the upcoming election cycle.
