Just before we welcomed in the new year of 2023, Flow CEO Etienne Greeff looked back at the year just gone, and shared his predictions for the year ahead. Etienne is one of the early pioneers of internet security. With almost 30 years cybersecurity experience, he really has seen the development of the industry from the very beginning.
This is a past prediction that unfortunately came true. A few years ago, I predicted that the prevalence of ransomware would continue to rise, and that has in fact come to bear. Some thought that we might have reached the peak of the use of ransomware around three years ago, but 2022 has been the biggest year yet for malware.
This year we’ve seen ransomware gangs professionalise themselves. No longer a lone individual in a basement, these gangs are now serious. Some have disappeared as they became too big to manage, but unfortunately this has just led to them forming multiple smaller groups instead.
These gangs have adopted a business model that provides ransomware as a service. This trend has long been speculated about with many saying it wouldn’t happen, but it really has come to pass this year.
There is, however, one positive to the sustained and significant rise in ransomware – it has elevated cybersecurity to board level. We’re seeing major corporations losing vast amounts of money, with insurance premiums shooting through the roof, but this has caused top-level execs to take notice and finally increase their spend on cybersecurity.
Regulators are also starting to take notice and we are finally starting to see more robust regulation and oversight from governments in terms of standards, which is certainly a positive.
Here at Flow, we’re certainly seeing an increase in companies coming to us for more information on things like the Cyber Essentials government backed scheme, as they increasingly ask themselves ‘What’s the minimum I have to do to protect my business?’.
Sadly, I don’t see this trend slowing down. It’s certainly going to get worse before it gets better.
One thing I’ve been very glad to see this year is a continued move away from passwords. More and more companies are utilising 2-factor authentication, and not just by text messages, which isn’t the most secure, but by some really solid third-party applications in the market. The number one infection vector for ransomware is email and at root of that is the password. We should have moved on a long time ago but at least we’re getting there, albeit slowly.
With the increase in ransomware attacks set to continue for the foreseeable future, I can think of one positive outcome – businesses will have no choice but to take their cybersecurity more seriously. Rather than thinking a ransomware attack ‘might’ happen, businesses will increasingly assume it ‘will’ happen and start taking steps to protect themselves, including making more money available for cybersecurity.
This move has been a long time coming, but I see companies getting much smarter about where they spend their money. The whole notion of just ‘covering your backside IT’ will become a thing of the past. CISOs often put a large spend behind expensive technology, so that when the inevitable happens, they can wash their hands and say they had the best tech in place. Boards will increasingly become wise to this and will ask more questions of their CISOs, such as ‘how will this spend reduce my risk?’ and ‘how will it reduce my financial exposure?’.
In the next 12 months the consolidation we’re seeing in the vendor space will continue. Cybersecurity has passed that ‘teenage’ phase now and is becoming more responsible. In the early days of cybersecurity there were a huge number of start-ups, all promising to do different things. Now that the industry has matured, the bigger companies have acquired some of the smaller firms. We’ve seen it with likes of Microsoft having a much more comprehensive security offering and we’ll continue to see the likes of the big vendors such as Palo Alto, Cisco, Fortinet, Checkpoint etc, acquiring more tech and becoming more fully formed. This can only be a good thing for customers as one of the biggest enemies of cybersecurity is complexity and having just the one console to manage instead of several will make things much simpler.
We’ve seen a massive increase in recent years of servers moving to the cloud, and this move to the cloud will continue. Customers are increasingly moving critical business applications to the cloud and not because of its financial benefits and efficiency but because their hardware is coming to end of life. Businesses aren’t just moving individual applications to cloud but are looking at how they can rearchitect their applications and are using cloud products as a service to remodernism their applications. We’re already seeing it with many people moving their Office 365 to the cloud, and this trend is only set to continue.
Alas, with every change comes a new challenge. It’s inevitable that with this increase in cloud working, we’re set to see some monumental cloud breaches. Some businesses have moved very quickly to the cloud and are often not managed by IT departments, but by line of business users who don’t understand the risks. This will unfortunately leave some very vulnerable to attacks.
A big change over the coming years will be an increase in real applications of machine learning and artificial intelligence in the cybersecurity world. Take the OpenAI developed ChatGPT, a chatbot with an IQ of 83, which is pretty phenomenal for a software application. So far, there has been limited application of machine learning, mostly around spam, but we’ll see machine learning play a much bigger role next year.
One thing that is for sure is that the stakes have never been higher – criminal groups have developed an appetite for making money out of cyber and this is only set to continue.
Figures from the FBI revealed that in 2022, for the first time, the amount of money made from cyber criminality is higher than traditional criminality. We’ve really crossed a threshold there and once crossed, I don’t see us ever going back.