Opportunity is often the driving force behind cyber attacks: think phishing scams that offered early access to COVID-19 vaccines, or messages sent with financial documents during tax season that contain malware. Threat actors know how to seize any moment and adjust their means of attack on the fly. An industry or organization not currently in the crosshairs of a threat actor can find itself there in a heartbeat.
The evolving threat landscape makes it challenging to defend against future attacks. But by creating a cybersecurity program that’s based on readiness and resilience, an organization can position itself to handle a variety of cyber attack types. Mitigating risks and creating tested processes to recover from an incident with minimal downtime are keys to deterring opportunistic threat actors and getting them to move on.
To assist with preparation, the global FTI Cybersecurity team identified 10 cyber trends worth paying attention to this year and beyond. Here’s what to know:
Trend: Investigations into historical blockchain transactions are becoming more prevalent
The technology for tracing cryptocurrency transactions conducted on the blockchain is growing more effective and will continue improving as the year goes on. As noted in a Bloomberg Law article, “This increase in government resources and capabilities has produced several high-profile indictments, arrests, and successful prosecutions.”1
Watch: The immutability and permanence of blockchain transactions will allow investigators to dig into past transactions pertaining to cyber crime, fraud and money laundering. This will result in legal and criminal penalties for the parties involved, even those who unwittingly participated in an illegal transaction.
Trend: Insider threat and shadow IT concerns are lingering
Increased reliance on once-temporary cybersecurity solutions as a result of hybrid and remote work, combined with a rise in the use of personal devices for work purposes, has permitted employees to introduce significant risks.2
Watch: Personal devices and software as a service (“SaaS”) applications will be the primary threat vectors for incidents, severely limiting the effectiveness of traditional agent-based solutions. This will force the reevaluation of information security efforts, as well as incident response procedures regarding containment and eradication.
Trend: M&A activity will serve as a catalyst for cyber attacks
Reports suggest that after reaching historic highs in 2021, the mergers and acquisitions (“M&A”) market is expected to “return to normal” in 2023.3
Watch: Threat actors follow trends and pay attention to headlines, especially when the exchange of funds is involved. With M&A activity expected to normalize, organizations that conduct proper due diligence ahead of these deals will identify threats and vulnerabilities prior to closing and can remediate the issues. Those that fail to take this important step will inherit additional cyber risk.
Trend: Investors are analyzing cybersecurity more closely
Investors are paying closer attention to an organization’s cybersecurity program before deciding whether to commit their funds, especially as cybersecurity is factored more often into the public perception of an organization, much like ESG initiatives.4
Watch: Cybersecurity will become even more of a value-add this year. Whether to invest or not might be determined by the amount of risk an organization owns and how capable it is of securing critical assets. In turn, cybersecurity will become a market differentiator, as investors may decide to fund only organizations that properly address cyber risks.
Trend: Chief Information Security Officers face greater communications demands
As cybersecurity risk and oversight remains a top focus for boards, the role of the Chief Information Security Officer (“CISO”) continues to expand in both importance and responsibility — including in the area of communications. A recent survey by FTI Consulting revealed that CISOs are struggling to effectively articulate the business impact of cyber risks; 52% of respondents claim that “managing communications with internal and external stakeholders is the biggest challenge when responding to an incident.”5
Watch: In ransomware events that impact operations, CISOs and security teams are increasingly inundated with questions and requests from stakeholders. Often, the stakeholders include sophisticated business customers requesting direct calls with company CISOs, security questionnaires and more. Communications demands on CISOs, and other information security leaders, will continue to rise as internal and external stakeholders look to them more frequently as spokespeople, both pre- and post-incident.
Trend: Government-mandated orders examining cybersecurity are increasing
Across the globe, organizations are facing increased scrutiny regarding their cybersecurity processes and programs, stemming from a combination of regulation and customer/client expectations around their interests being protected.6
Watch: Whether in response to a class action lawsuit or a data breach, organizations can expect to face increased government-mandated assessorship or monitorship, which often requires an independent security program assessment to determine the effectiveness of risk management capabilities. Preparing in advance will better position organizations to ensure compliance and minimize damages.
The tech industry is becoming an even bigger target
The U.S. tech industry and major players in public markets began making significant layoffs toward the end of 2022.7 Between offboarding thousands of employees all at once and dealing with potentially disgruntled individuals, the risk of exploitation from threat actors rises correspondingly.
Watch: Threat actors are already targeting the tech industry because of the vast revenue generated by organizations in the space and valuable intellectual property. However, the sector could become even more vulnerable to threat actors who may assume that incident response capacities and overall security capabilities have weakened due to layoffs and overburdened security teams.
Trend: Economic uncertainty will breed new threat actors
Some economists are forecasting that the U.S. will enter a recession this year.7 Others differ.9 Still, economic uncertainty, coupled with inflation issues and rising interest rates, will cause financial instability, which could result in individuals looking for alternative revenue streams.10
Watch: The cost to launch an unsophisticated cyber attack is low and can be done without advanced technical skills. Through ransomware as a service (“RaaS”), individuals pay for malware that can steal or encrypt data and then extort the victim for its return. Similar attacks, like phishing campaigns to steal cryptocurrency, can also be purchased online. These methods offer ease of access and the chance for a quick payout, which could create new threat actors looking for financial stability.
Trend: Third-party reliance will cause multiple data breaches
The number of organizations that rely on outsourced security providers as a cheaper alternative to in-house is expected to continue growing this year. With that comes a shift in responsibility to the providers for data protection and cybersecurity. Threat actors are adept at finding weak links or alternate access points to infiltrate their primary target.11
Watch: The more third parties within an organization’s digital ecosystem, the more opportunities exist for oversight and for threat actors to exploit and steal or expose data. Organizations that fail to track data flows to third parties or to follow current regulatory compliance standards must watch for these risks.
Trend: Involving technical experts will be critical to election security
The start of 2023 begins the ramp-up to the U.S. presidential primaries for the 2024 election. Given the confirmed meddling in the 2020 election, it is safe to assume that attempts at interference and persuasion will occur this year and next, putting additional stress on election infrastructure. A particular focus will be on swing states, where safeguarding devices and voter data is essential.12
Watch: This trend has an upside that may be worth encouraging: Adding more bipartisan technical observers at voting stations to determine firsthand if machines are being altered or manipulated in any way adds a layer of security to the process and helps ensure voter confidence.
For further information, please contact:
Anthony J. Ferrante, FTI Consulting
ajf@fticonsulting.com
Footnotes:
1: Robert Appleton and George McEachern. “How to Recover Assets Lost to Cryptocurrency Theft and Fraud.” Bloomberg Law (December 9, 2022). https://news.bloomberglaw.com/us-law-week/how-to-recover-assets-lost-to-cryptocurrency-theft-and-fraud.
2: Nathan Eddy. “Policies for SaaS Apps, Shadow IT Prove Difficult to Manage.” ITPro Today (November 29, 2022). https://www.itprotoday.com/saas/policies-saas-apps-shadow-it-prove-difficult-manage#menu.
3: Emily Rouleau. “ANALYSIS: 2023 M&A Market May Reveal a Return to Pre-2021 Levels.” Bloomberg Law (November 13, 2022). https://news.bloomberglaw.com/bloomberg-law-analysis/analysis-2023-m-a-market-may-reveal-a-return-to-pre-2021-levels.
4: Jordan Rae Kelly. “Will Proposed SEC Cybersecurity Disclosure Rules Enhance Defenses or Hamper Responses? There’s Still Time to Assess and Comment.” Corporate Compliance Insights (April 6, 2022). https://www.corporatecomplianceinsights.com/sec-proposed-cybersecurity-consequences/.
5: “CISO: Communications Redefined.” FTI Consulting, Inc., Strategic Communications (October 13, 2022). https://fticommunications.com/ciso-communications-redefined/?topic_origin=ciso-communications-redefined.
6: Igor Volovich. “FTC Consent Order Against Drizly CEO Sets Cyber Accountability Precedent.” CPO Magazine (December 27, 2022). https://www.cpomagazine.com/cyber-security/ftc-consent-order-against-drizly-ceo-sets-cyber-accountability-precedent/.
7: Keerthi Vedantam. “Tech Layoffs: The U.S. Companies That Have Cut Jobs.” Crunchbase News (December 23, 2022). https://news.crunchbase.com/startups/tech-layoffs-2022/.
8: Patti Domm. “Why everyone thinks a recession is coming in 2023.” CNBC (December 23, 2022). https://www.cnbc.com/2022/12/23/why-everyone-thinks-a-recession-is-coming-in-2023.html.
9: “Jeanna Smialek. “What Recession? Some Economists See Chances of a Growth Rebound.” (February 9, 2023). https://www.nytimes.com/2023/02/09/business/economy/fed-economy-recession-rebound.html
10: “Rising interest rates and inflation have upended investing.” The Economist (December 8, 2022). https://www.economist.com/briefing/2022/12/08/rising-interest-rates-and-inflation-have-upended-investing
11: Joan Goodchild. “In-house vs. Outsourced Security: Understanding the Differences.” CSO Online (December 8, 2022). https://www.csoonline.com/article/3682808/in-house-vs-outsourced-security-understanding-the-differences.html.
12: The Associated Press. “Putin-linked businessman admits to US election meddling.” AP News (November 7, 2022). https://apnews.com/article/2022-midterm-elections-business-social-media-7fefa7ab0491b653f6094a4d090155fe.
© Copyright 2023. The views expressed herein are those of the author(s) and not necessarily the views of FTI Consulting, Inc., its management, its subsidiaries, its affiliates, or its other professionals.
About The Journal
The FTI Journal publication offers deep and engaging insights to contextualize the issues that matter, and explores topics that will impact the risks your business faces and its reputation.