‘Tis the season, as they say, for those in the tech industry to be mercilessly flooded with ‘trends’, ‘predictions’ and ‘forecast’ articles speculating about the year ahead. Having operated in the IT and cybersecurity space for over 20 years, I’ve recognized a rather predictable pattern in these end-of-year trend forecast pieces: For the past 10-15 years, these articles have unanimously predicted that “Cyberattacks will accelerate and intensify in the next year,” each warning us about anticipated attack tactics, vulnerabilities, and industries most likely to be targeted by cybercriminals. Don’t get me wrong, this is all important and valuable information. That being said, the cybersecurity industry does not operate in a vacuum. When speculating about what may be in store for the industry in the year ahead, we must consider the various global forces and how their impact may influence decision-making in the cybersecurity space.
Organizations cannot decide how to configure and shore up their cybersecurity programs for 2023 without considering the wider geopolitical and economic shifts at play. Trend predictions are helpful but shallow. After all, these programs are just one component of an organization’s wider business strategy, and accordingly, are subject to operational and budgetary considerations that shift and change in light of global market dynamics.
For this coming year, smart cybersecurity investments will be driven by the overarching goal of optimization – getting the most efficient bang for your buck. In many cases, this requires a significant cultural change and reconfiguration of the practices and processes that relate to cybersecurity. Cyber threat intelligence is one of those practices, and as a core component of any cybersecurity program, will also inevitably be influenced by wider global trends.
The Complexities of the Cybersecurity Landscape - Two Primary Influencing Factors
While I try to avoid fearmongering when discussing the current state of the ‘cyber war’ (indeed, it rages on), there is no disputing the fact that there are multiple factors that contribute to the increasingly complex nature of today’s cybersecurity landscape.
2022 has been a turbulent year for the international community, plagued by kinetic warfare, uprisings, and diplomatic upheaval. Amid political instability, the threats posed by state-sponsored (or at the very least, state-condoned) cyber aggression are especially concerning for governments, businesses, and individuals alike. Like in regular warfare, in the cyber battlefield, intelligence on the adversary’s plans, capabilities, and likely attack tactics is vital. Instead of collecting information about the enemy through undercover spies and secret agents, cyber threat intelligence must infiltrate the digital meeting grounds of threat actors to derive insight into the discourse and activities of the enemy. As any military general will tell you, to effectively block an attack, you need to know as much about it as early as possible. To effectively block cyber-attacks – especially the sophisticated attacks launched by state-backed actors – you need access to the earliest possible indications of risk, as well as actionable context-rich intel on each threat.
According to experts, the global economy is teetering on the brink of a worldwide recession. Despite increasingly stringent regulatory compliance standards and board-level recognition of the significance of cybersecurity to overall business success, cybersecurity spending is not recession-proof. To reduce the budgetary burden, many enterprises are likely to outsource cybersecurity processes, investing in Managed Security Service Providers (MSSPs) to optimize efficiency for a lesser cost. MSSPs, in turn, will be required to enhance the value they offer to customers by reducing risk while simultaneously increasing efficiency. To satisfy these two key requirements, strong, accurate and pre-emptive cyber threat intelligence is a highly valuable instrument.
While we are unable to impact global political and economic volatility, we can arm ourselves with the pre-emptive insights we need to bolster our cyber defences against attacks. Instead of reacting to attacks as they happen, organizations must adopt a proactive approach – leveraging intelligence and the earliest possible warning of potential risk before they can be weaponized in an attack.
Written by Gabi Reish, Executive Product Management Leader at Cybersixgill