Security weaknesses are costing organizations billions of dollars in losses and the cybersecurity landscape continues to be unrelentingly risky. Over the past few years, the COVID-19 pandemic has forced a shift to more remote workers, and most recently the Ukrainian conflict threatens to throw gasoline on an already red-hot cyber-threat landscape.
According to the Canadian Chamber of Commerce, 35% of Canadian businesses are planning to implement new cybersecurity measures, but that leaves 65% with the mindset that they are not impacted by cybersecurity or don't know how to address increased cyber risk. There are reasons to believe that more companies need to adopt a security-friendly attitude.
The biggest menace, ransomware, continues to evolve and punish at unprecedented levels; payouts have increased in frequency and total cost. Moreover, attackers push to extort as much money as possible with double and even triple extortion tactics and the ransomware-as-a-service (RaaS) model has fractured the kill-chain process into distinct first and second phases, allowing criminal actors to sharpen their attacks with highly-specialized skills and partner with complementary expertise.
Although cybersecurity teams are overwhelmed by the cyber-crime heyday there are some hope-inspiring trends on the horizon. Machine learning (ML) is improving cybersecurity product effectiveness and efficiency, and managed service providers and cloud services offer more high-quality digital productivity with stronger security and less effort. It's also clear that more companies want cyber-aware staff and partners.
Let's review the cyber-threat landscape as it stands in mid-2022 and make some predictions for the rest of 2022 and beyond.
Persistent threats from all forms of cyber-attacks are overwhelming the cybersecurity community and enterprise security teams. 80% of global companies reported that they suffer from a cybersecurity skills gap. Since there will certainly be no mercy from threat actors, pressure will not abate in the near future.
However, there are some positive developments that have emerged from this sustained pressure. For example, cybersecurity product developers have started to incorporate ML capabilities into endpoint and network detection and response agents which can reduce the burden on human analysts. The application of ML to cyber-defences also provides key benefits to cyber threat intelligence (CTI) sharing and enables coherent real-time cybersecurity orchestration on a global scale. Expect ML to deliver big improvements to corporate cybersecurity over the next several years.
Two concurrent trends are pushing an increased need for cybersecurity compliance; increased government regulation and increased risk management requirements. Most businesses are already bound by some form of compliance requirements such as HIPAA, GLBA, or PCI-DSS. However, the majority of companies polled by Varonis reveal that cyber compliance requirements are driving spending, and almost 80% of respondents say they expect more regulatory requirements in the future.
In 2018, the EU's General Data Protection Regulation (GDPR) and California’s California Consumer Privacy Act (CCPA) in 2020 have placed new demands on organizations to protect user data. In Canada, PIPEDA is expected to soon be replaced by the Consumer Privacy Protection Act (CPPA) to modernize privacy protection for consumers.
But the trend towards compliance is not only propelled by new regulatory requirements. The need to reduce cyber risk is driving the number of ISO, SOC-2, CIS, and NIST compliant vendors. The increased risk presented by the digital landscape is forcing more companies to become cybersecurity savvy and choose partners that who can evidence similar priorities.
The number of ransomware attacks briefly ticked down at the initial set-off of the Ukrainian conflict. However, this trend is unlikely to be sustained in the long term. A more broad assessment of the state of ransomware in 2022 paints a bleak picture. The number of companies compromised by ransomware doubled, overall more companies chose to pay the ransom and paid higher ransom than in 2020.
There are other signs that indicate that ransomware attacks have not yet seen their peak. Ransomware gangs have evolved their strategic malice to include double extortion methods (demanding ransom for data decryption, and to avoid the release of sensitive data publicly), triple extortion methods (adding ransom to avoid DDOS attacks against the organization), and a ransomware-as-a-service (RaaS) model that segments the attack process by skillset, enabling cyber-gangs to hone a small subset of specialized skills and cooperate in coordinated attacks.
The RaaS model includes two types of players; ransomware operators and ransomware affiliates. Ransomware affiliates specialize in social engineering tactics such as spam, phishing, and spear-phishing tactics to gain initial access to target networks, then hand off to specialized post-initial-exploit operators who finish the attack by extending unauthorized access throughout the network, exfiltrating valuable data, and encrypting files.
The risks of a breach are increasingly high and considering that 60% of SMEs are bankrupted by a successful cyber-attack, expect to see more of them seeking to mitigate risk. Instead of building internal teams and software solutions, organizations are increasingly outsourcing their needs to Managed Service Providers (MSP), and cloud-based services.
The global MSP market was valued at $280 billion USD in 2021 and is expected to surpass around $757.10 billion USD by 2030, at a CAGR of 12.6% (2022 - 2030). Similarly, the global cloud-services market was valued at $480.04 billion USD in 2022 and is expected to grow to $1,712.44 billion USD by 2029 at 19.9% CAGR (2022 - 2029).
These phenomenal growth trends also apply to cybersecurity. The Security as a Service (SECaaS) market, also known as Managed Security Service Providers (MSSP) was valued at $9.1 billion USD in 2020 and is expected to grow to $22.6 billion USD by 2026 at a CAGR of 16.3% (2021 - 2026).
As the available benefits of digital services expand in scope, vendors who are able to deliver solutions that increase office productivity have ample opportunity to scale their customer base. But in the age of heightened cybersecurity risk, expect vendors displaying solid security posture through compliance certification will take the lion's share of this expanded market opportunity.
Business communication is the most attacked point in the enterprise attack surface, as malicious actors seek to phish malware into corporate networks. Cybersecurity user awareness training provides employees insight into how to defend their organization against cyber-attacks by spotting attacks and responding to them appropriately. Training programmes use educational videos and phishing attack simulations to increase awareness, which is often outsourced to specialized providers.
While many large corporations have adopted cyber awareness training, this trend will gain momentum with SMEs as they seek new ways to deflect cyber-attacks. The global cybersecurity awareness training market is projected to grow at a CAGR value of 6.2% (2022 - 2027).
From a broad perspective, the cyber-threat landscape has been impacted by post-pandemic related digital migration towards increased work-from-home, and an evolving cyber-war environment resulting from the Ukrainian conflict. Organizations will continue to seek the benefits of digital transformation, but these operational evolutions pose increased cyber-risks.
Ransomware will remain the biggest risk to corporate operations although less than 50% of Canadian businesses are responding with plans to increase cybersecurity measures. Cybersecurity talent shortages will push organizations to seek more outsourced managed services (including cybersecurity) and cloud-based solutions to gain the advantage of specialized skills and talent.
On the human-intelligence level, more cybersecurity awareness training will help defend network entry points, and on the artificial-intelligence, level advanced machine-learning enabled products will ease the burden on human security analysts with improved detection and response capabilities.
Finally, companies will continue to see an increased need for cybersecurity compliance due to both government regulations and the need to mitigate risk when working with digital partners.
October 24 - Blog
Packetlabs is thrilled to have been a part of SecTor 2024. Learn more about our top takeaway's from this year's Black Hat event.
September 27 - Blog
InfoStealer malware plays a key role in many cyber attacks, enabling extortion and lateral movement via stolen credentials. Learn the fundamentals about InfoStealers in this article.
September 26 - Blog
Blackwood APT uses AiTM attacks that are set to target software updates. Is your organization prepared? Learn more in today's blog.