The top three trends in cybersecurity

By Nils Gerhardt, Chief Technology Officer for Utimaco.

  • 1 year ago Posted in

Digitalisation World

2022 brought about new crises, and these economic conditions caused cybercrime to continue to grow rapidly, putting extra strain on companies, who will face a huge upswell in petty fraud attempts. For example, eCommerce companies receiving large numbers of automated credit card fraud attempts or organisations receiving more severe ransomware attacks, phishing attempts, and so on. This increases the load on automated anti-fraud systems and raises the chance of an attack getting through – it only takes one unsavvy employee opening a phishing email to cause a major security breach. With that said, let’s take a look at some of the key trends for 2023.

Protecting supply chains

Software supply chains are changing: remote tools and services are used alongside open source software and companies are building whole applications using low-code methods. To avoid introducing new vulnerabilities that may spread to customers if they go undetected in the software supply chain, companies will have to focus on securing their software supply chain. Many of these are low-code or no-code, meaning that there is little interaction with them at the code level, and while this may be helpful in many cases, it can prevent security professionals from identifying vulnerabilities.

Similarly, the hardware supply chain needs scrutiny, especially when components are in high demand. In hardware supply chains it is important to check whether networked components are original. In the meantime, large quantities of counterfeit goods are in circulation, which cannot be easily distinguished from the real thing. Insecure firmware of such components can become a dangerous gateway into networked systems. Therefore, solutions are needed to guarantee the authenticity of such parts.

In the software space, software bills of material (SBOM) can be used, which show which software components were used, whether they are open source or otherwise. In addition, the relationships between individual components in the software supply chain are made transparent. This allows users to assess if software is being affected by a reported vulnerability much more quickly.

Ultimately, companies should be careful with low-code or no-code platforms, since traceability is extremely difficult as users usually have no insight into exactly which components are being used and when they were updated. While low-code and no-code platforms give companies an immense advantage in terms of speed of deployment and ease of use, these platforms will need to focus on providing possibilities to integrate appropriate security measures in the generation of new applications.

Confidential Computing

Cloud computing has given companies incredible computing power that would normally only be available from super-computers. However, when an organisation sends sensitive information to a cloud service, it is possible for outside actors to eavesdrop on that information in a way that would be much more difficult (but not impossible) if the operation was happening in a closed system, thus increasing the need for security.

Confidential computing processes data in a trusted execution environment (TEE), a secure part of the cloud computer’s CPU. Embedded code makes sure that the encryption keys that secure the data are available to authorised code only, so additional code that could be sent from a third-party won’t be executed and authorised code will be ‘invisible’ to attackers. This way, sensitive data will remain encrypted in the cloud computer’s memory until the TEE moves it to the processor. Throughout the entire process the data is invisible to both third parties and the cloud providers themselves. This in turn creates the need to manage the identities of users for authorised access, as well as more reliance on data encryption in the cloud.

Crypto asset management

Companies today are often not aware of what type of cryptography they are using, which certificates are being used, when they will expire and what algorithms are executed by the different enterprise applications. With this uncertainty in mind, there is a great need to better understand a company’s own infrastructure and to properly secure a wide variety of communications. For this reason, security-conscious companies are increasingly starting crypto assessments and furthermore, asset management when an algorithm is outdated.

In the future, it will be important to find solutions and define processes for continuously modernising your own cryptographic assets. The aim of this is to achieve so-called crypto-agility, so that algorithms are adapted directly if a certain encryption method is broken – for example by quantum computers.

Overall, 2023 looks set to be a year in which companies will be concentrating on the essentials of their security setup – their supply chain, the safety of their data in the cloud and their ability to switch to new forms of encryption. When building up the foundations of a company’s cybersecurity the hardware or cloud-based solutions will continue to be essential.

By Alasdair Anderson, VP of EMEA at Protegrity.
By Eric Herzog, Chief Marketing Officer, Infinidat.
By Shaun Farrow, Security Practice Lead at Bistech.
By Andre Schindler, GM EMEA and SVP Global Sales at NinjaOne.
By Darren Thomson, Field CTO EMEAI, Commvault.