How to Protect and Mitigate Security Risks

By Zemer Shwartz, associate, and Ilia Shnaidman, vice president at Blumberg Capital

2022 surfaced a new generation of targeted cyber attacks. They spread quickly across a wide range of attack vectors, posing new challenges for CISOs. Increased adoption of cloud environments, connection to more SaaS applications and IoT devices, and a growing remote workforce, drove security challenges to a new level.

As we dive into 2023, CISOs, startups and other IT decision makers should take note of these 2023 cybersecurity threats.

Credential Stealing

Credential stealing has become a key tactic for hackers seeking to access corporate assets. By impersonating legitimate users, attackers can move laterally within networks and evade detection for extended periods of time. Companies without zero trust identity and access management (IAM) are particularly vulnerable to these types of attacks.

One example of this was the Uber data breach, in which a hacker gained access to the company’s VPN and discovered login credentials for an admin user in the company’s PAM solution stored in Microsoft Powershell scripts. Uber is far from alone. In 2022, 84% of enterprises experienced identity-related breaches, 96% of which could have potentially been prevented with more robust identity protection measures.

How companies will address credential stealing in 2023: To safeguard against these types of threats, we will see more companies adopt a zero trust framework for identity authorization, enforce least privilege access, and continuously monitor and detect potential threats. We will also see increased demand for identity threat detection and response solutions using technologies such as artificial intelligence and machine learning.

Misconfigurations

Misconfigurations can have serious consequences for organizations of all sizes. Misconfigurations refer to mistakes or errors in the configuration of IT systems, networks, and software that can leave them vulnerable to attack. These mistakes can occur for a variety of reasons, such as human error, a lack of  training, or a lack of proper processes and controls. The majority of cloud incidents are related to misconfigurations, typically overly broad access control. Cloud misconfigurations are among the biggest threat to cloud security, growing by 28% since last year, with a 200% increase in cloud accounts offered on the dark web.

There are a number of potential solutions that organizations can use to prevent and manage misconfigurations. These include implementing proper configuration management processes, establishing clear policies and procedures for configuring and managing IT systems, using automation tools and conducting regular audits.

How companies will address misconfiguration risks in 2023: We expect to see more organizations better protect themselves against the risks posed by misconfiguration by implementing these best practices. 

Supply Chain Attacks

Supply chain attacks have become a major concern for organizations, as hackers aim to compromise the networks and systems of third-party vendors to gain access to their customer’s data and resources. These attacks can be difficult to detect and defend against, as the initial point of entry is often outside of the target organization’s control. In recent years, we saw several high-profile supply chain attacks, including the SolarWinds incident in which hackers compromised the software and used it to infiltrate a wide range of government and corporate networks. 

How companies will protect against supply chain attacks in 2023: To protect against supply chain attacks, it’s important for organizations to carefully vet and monitor their third-party vendors, as well as implement strong security controls and regularly update their software and systems.

Financial Fraud

Financial cyber fraud refers to the use of digital technologies to conduct fraudulent activities related to financial transactions, such as phishing scams, bank account takeovers, and card-not-present fraud. In 2022, we saw a significant rise in the number of financial fraud incidents, with global losses totaling billions of dollars. The average cost of a data breach in the financial sector in 2022 was $5.97M, an increase from the previous year. This trend is likely to continue as reliance on digital technologies for financial transactions grows and fraud cases become more complex in sectors such as banking, credit, and insurance. Over 30% of all identity theft cases in 2022 were related to credit card fraud.

How companies will protect against financial fraud in 2023: To protect against these threats, it is essential for organizations to implement strong email and financial security controls, as well as educate their employees on how to identify and prevent these types of scams.

In closing, CISOs should prioritize the following cybersecurity initiatives in 2023 to protect their organizations:

  • Adopt a zero trust framework for identity and access management to protect against credential stealing attacks.
  • Continuously monitor and detect potential threats to prevent breaches caused by identity-related attacks.
  • Implement proper configuration management processes and establish clear policies and procedures to prevent misconfigurations and protect against cloud-related vulnerabilities.
  • Invest in identity threat detection and response technologies such as artificial intelligence and machine learning to detect and respond to threats to digital identities.

For entrepreneurs and startups in cybersecurity, these trends present opportunities for innovation and growth. In 2023, it’ll be exciting to see young cybersecurity startups enter the market with specialized solutions and services for organizations of all sizes.

_________

Will you be at CyberTech TLV next week? Find us there!