Army Technology is a news service specializing in military technology. Although it usually covers defense and aerospace industry topics, it also devotes content to cyber-warfare. It recently published an article on the key trends in the field of cybersecurity, based on a report by the data analytics company Global Data. The threats and potential applications of artificial intelligence are one of the most prominent, but we will look at others that we have addressed in one way or another in our blog previously. These trends are as follows:
- Better understanding of the business and environment among CISOs: Global Data notes that according to EY’s Global Information Security Survey, 21% of cyber-attacks come from hacktivists or groups with social and political motivations. However, it also adds that only 20% of boards of directors believe that their cybersecurity teams are effective. This indicates that CISOs who have a better understanding of the organization’s business and environment, as well as all its stakeholders and other related actors, will be better prepared for future threats.
- Converging risks: The industrial sector is increasingly threatened by the convergence between IT technologies and OT technologies controlling plant machinery. This can lead to very dangerous incidents, including in critical infrastructure.
- The huge cost of data breaches: The report cites incidents such as the DesJardins financial firm, whose data loss cost it $108 million. It also mentions the Easy Jet breach, for which the airline faces millions of dollars in fines from data protection authorities.
- Cross Site Scripting (XSS) attacks: this is a type of web cyberattack in which malicious code is executed in the browser and is becoming increasingly common. We have already mentioned it as one of the most damaging methods for the retail and eCommerce sector.
- Possible end of passwords: Apple joined the Fast Identity Online Alliance (FIDO) in 2020, which aims to solve the problems associated with the use of passwords and to propose possible alternatives such as biometrics, although this is not risk-free either.
- Zero Trust: Many CISOs are increasingly aware that a traditional approach to cybersecurity based on reactive defense against external threats is clearly insufficient today. Therefore, they apply a Zero Trust strategy in which any application or binary, no matter how legitimate it may seem, is systematically distrusted. This is also recommended by the NSA.
- Supply chain incidents: the supply chain is very fragile. In fact, Global Data mentions the technique known as “island hopping”, where hackers not only target the organization that is their main target but also others linked to their network.
- Hidden malicious payloads: cyberattackers are employing more fileless malware techniques or malware containing highly advanced polymorphic code, which is able to mutate by evading common cybersecurity measures based on known malware registries. This is why cybersecurity solutions that use AI techniques to detect anomalous patterns are so important.
- Threats and applications of AI: new types of malware use AI techniques to hide their tracks. In addition, they will also resort to the application of Generative Antagonistic Networks (GANs). However, AI can also prove to be a great ally for cybersecurity. That is why Machine Learning is an essential element of the Cytomic Platform: it uses algorithms that continuously classify applications according to their behavior and search for suspicious activity through data analys