The Current Cybersecurity Landscape: New Threats, Same Security Mistakes

COMMENTARY

From economic turbulence to a relentless surge in cyber threats, today's cybersecurity landscape requires enterprises to remain resilient by adapting to security risks. Many organizations have chosen to adapt to these risks by embracing modern technology such as generative artificial intelligence (GenAI), which can present new risks if not implemented properly.

The speed at which companies innovate and adopt new technology is far outpacing the security measures that must be addressed first. This issue is compounded by the fact that innovation is moving faster than ever before, emphasizing go-to-market over producing secure technology.

Recent insights gleaned from the "2024 Thales Data Threat Report" ("DTR") shed light on the intricate challenges facing organizations today. Almost all (93%) respondents report an uptick in attacks such as malware, ransomware, and phishing among the many pressing concerns presented by emerging technologies. There is a critical need for a proactive and comprehensive approach to cybersecurity. Amid the backdrop of technological advancement, three prominent focal points for effective cybersecurity arise in the modern era.

Keep Compliance Top of Mind in the Race to AI

The rise of AI yields a new era of innovation, with 22% of enterprises planning to integrate AI into their products and services within the next 12 months. An additional 33% are gearing up to experiment with this transformative technology. However, with this innovation comes unknown vulnerabilities to a company's security posture.

Because large language models (LLMs) are trained by data, the input information potentially could be stored and resurfaced if prompted by a certain query. Should employees enter confidential information into an AI platform, it runs the risk of this form of extraction. Additionally, prompt injection is a proven threat to AI, where hackers trick chatbots by inputting deceptive triggers to override their instructions. This exploits the predictive nature of LLMs, which drive AI responses.

Ultimately, facing the pressure to innovate quickly, companies rushing to implement AI could strain operational systems, making them more susceptible to cyberattacks or abuse. This is a probable scenario for many, despite numerous industry examples showing the dangers of prioritizing adoption speed over security. 

It is essential for organizations to create robust policies or adhere to published guidance from organizations like the Cybersecurity and Infrastructure Security Agency (CISA) to ensure the LLMs being leveraged or developed internally don't have access to sensitive data. Otherwise, pausing to focus on compliance as regulations come down the pipeline is a strong course of action, as the DTR found that companies with better compliance are 10 times less likely to experience a breach.

PQC Prototyping as a Cybersecurity Cornerstone

Since the National Institute of Standards and Technology (NIST) approved four cipher suites in July 2022, post-quantum cryptography (PQC) has become increasingly relevant in tackling a looming threat that is gradually becoming more immediate. Despite the absence of any verified or recurring quantum computing attacks on conventionally encrypted data, there is still cause for proactive measures. Though quantum computing is not yet a threat to cryptographic standards, the data encrypted using traditional methods today potentially could be gathered now with the intention of decrypting it in the future in "harvest now, decrypt later" attacks.

For these threats, PQC presents itself as the primary defense against the looming threat of quantum computing. Almost half (48%) of respondents have not recognized PQC as the cornerstone of future cryptographic strategies. Consequently, many companies aren't investing in PQC because it seems years away from tangible adoption, but the reality is, data is presently being harvested.

Businesses can future-proof their technology by making the proper investments. Soon, customers will be looking for products built only with PQC to thwart sophisticated cyberattacks or elevate their cybersecurity efforts otherwise. While we still may be a few years out from quantum, the organizations that will be ready when that innovation comes are preparing now.

Adding Security to Secrets Management

Given the adoption of new technologies, the need for security to be integrated seamlessly into digital products and/or services has never been higher. Specifically, when assessing cloud and DevOps environments, secrets management was the greatest security concern for 56% of DTR respondents, followed by workforce identity and access management (IAM) and authorization.

For developers, these three challenges are closely related, as they all require tasks for both privileged users and the workload lifecycle that they manage. However, the common difficulty with secrets is that they are designed as "bearer tokens," granting access to whoever possesses said token, password, API (application programming interfaces) key, encryption key, or any other credential. When secrets are "lost" — for instance, included in code as plain, readable text — hackers won't need to impersonate internal users to gain access. Thus, the consequences are severe. 

Adopting a data-centric security architecture is key to improving security across these environments. Organizations can mature their DevSecOps practices by leveraging new frameworks such as the NIST "Guide to Operational Technology (OT) Security" standards to improve the quality and resilience of overall engineering performance. Security champions are also crucial to the development team and should provide clear, practical security guidance to better manage privileges and store secrets.

Meeting Old and New Threats With Upgraded Security Tricks

The pace of technological development is astounding, with innovation emerging rapidly through recent years. While enthusiasm to adopt the latest technology is understandable, this excitement can't overshadow critical security considerations. Despite the variety of new threats that invariably accompany modern technology, many of the mistakes being encountered are recurring issues.

It is imperative to develop robust policies for new tech and future-proofing by favoring investments in security. Trusting device security out of the box is no longer viable; evaluation and strong security practices should precede adoption. The industry can and should continue to embrace innovation, but with the understanding to remain vigilant against evolving vulnerabilities by demonstrating security as priority.