Virtualization Technology News and Information
Article
RSS
CSC 2023 Predictions: Staying Secure in 2023 and making it the Year of Action

vmblog-predictions-2023 

Industry executives and experts share their predictions for 2023.  Read them in this 15th annual VMblog.com series exclusive.

Staying Secure in 2023 and making it the Year of Action

By Ihab Shraim, chief technology officer (CTO) with CSC DBS

This past year we saw a shifting cybersecurity threat landscape, security breaches of major organizations, constant geopolitical challenges, repeated spikes in targeted cyber-attacks in the form of phishing and malware (ransomware), brand infringement and counterfeit, and so much more. Organizations' ability to have awareness and visibility into all of it, keep up with it, and make notable adjustments to their overall security posture and cyber risk mitigation strategies has been a constant challenge. Almost every targeted phishing and malware attack campaign begins with domain names. Therefore, part of these strategies must involve online domain security.

In many ways, 2022 was no different than the prior year in that domain security has not been the number one priority as organizations address other business risks as part of their overall security posture. However, we are starting to see a major shift toward including it. An organization's domain ecosystem plays a vital role in brand reputation, revenue leakage, customer engagement, and most importantly, sales. It remains a major target for bad actors and fraudsters and needs to be a target of cyber risk investment for organizations. With this backdrop, I anticipate 2023 looking a bit different.

Since 90% of cyberattacks were carried out by targeted phishing campaigns in 2022, they will continue to grow exponentially - both in number and sophistication - throughout 2023.

CISOs are now putting more emphasis on ensuring that their domain security (i.e., domain portfolio) and online brand reputation are becoming an integral part of the corporate global security posture. As the adoption of the Zero Trust model gains more traction in the industry, there will be continued emphasis on user authentication and authorization in cloud infrastructures-essentially solidifying the need for domain security.  This in turn, translates to a more accurate monitoring, detecting, and enforcement against those threat vectors targeting their corporate online brand presence.

Additionally, companies are struggling to qualify for cyber insurance rates they can afford, and domain security is one area where the fix is a relatively low cost compared to other cybersecurity and risk management expenses. Domain security protocol implementations such as registry lock, registrar domain locks, continuous domain registration monitoring and mitigation, 100% availability of domain name system (DNS) and bi-costal redundancy, managing & monitoring DNS traffic and IP space, implementing DNS security extensions (DNSSEC), online Brand protection & enforcement, and managing digital certificates portfolios are must-haves within today's cybersecurity landscape. All of this requires the deployment of the latest technology architectures such as leveraging a domain data lake equipped with machine learning and deep search.

More scrutinization of the security of partner ecosystems

In 2023, organizations will need to continue to scrutinize the cybersecurity posture of those vendors, suppliers, and partners that work as part of their supply chain. There will be a redefining of what it means to be a trusted partner - someone that has shown they have implemented the security processes and technologies in place with continuous security audit controls to ensure the data you are sharing with them is secure and not susceptible to cyberattacks. There will also be a greater emphasis on partner ecosystems and verifying with valid proof that they have deployed comprehensive security programs with emphasis on user authentication & authorization, role-based access controls, continuous network & system vulnerability assessments, patch management, and penetration testing.

Over the years, we've seen challenges with choosing the wrong partners.  For instance, in the domain security space, not all partners are alike in implementing security technologies and security audit controls to keep your company and data secure. How do you evaluate and cross-check to be sure they are dedicated to your safety as well as enabling your business? Enabling business requires security - you can't have one without the other. As CTO of an enterprise-class registrar, I've seen how this plays out poorly for companies that use other registrars (consumer-grade) that don't have a strong security posture.  Essentially, it translates to owning a large environment that's attractive and favorable to bad actors and fraudsters.

Fraud and online brand abuse and scams will continue to plague companies and consumers

Fake websites used by criminals are most prevalent with some of the largest brands in the world. In this year's annual domain security report looking at global 2000 companies, we found that 3 out of 4 brands had fake domain registered by third parties. And despite the constant barrage of fraud schemes, less than five percent of the global 2000 companies implemented new proactive domain security measures this year.

This time of year, we all like to be forward-looking and outline what we anticipate will occur. But every year, there are so many unknowns that influence organizations' activity. In 2023, organizations will do their best to navigate what comes at them. However, the most important rule of thumb is - control what you can control. To that end, it's even more imperative to embrace a more preventative approach to cyber risk management shoring up the exposed surfaces that have been overlooked or under-invested in to date. That's why 2023 is really the year of ‘action'.

Security Operation (SecOps) Impact: Increased demand on registrars to provide secure API integration with threat intelligence and SIEM platforms

Threat intelligence platforms suffer from overload of available ingested data. However, the data require smart queries, training, and time to conduct security investigations to track indicators of potential compromise. Moreover, SIEM's main challenge today is that the SecOps team suffer from "alert fatigue" and "alert numbness" which is an overload of alerts being generated from deployed security appliances, systems, and network logs. This directly results in SecOps wasting valuable response time, delays in processing alert queues, and a diluted focus on what is critical for mitigation.

CISO's and SecOps teams are increasingly requesting domain registrars to provide real-time, secure API gateways, focused domain security data associated with their online domain name portfolio, DNS services, digital certificates, and online brands infringement solutions. This also include comprehensive enforcements (takedowns) and data associated with threat vectors targeting their corporate online domain names and brands. Such API integration with threat intelligence and SIEM platforms will provide focused accurate data which in turn reduces SecOps personal alert fatigue and increases the overall workflow performance and incident investigations.

##

ABOUT THE AUTHOR

Ihab-Shraim 

Ihab Shraim is the chief technology officer (CTO) with CSC DBS. He is responsible for the vision, innovation, and product revenue growth within the company's cyber security, domain security, fraud protection, and brand protection lines of business.

Published Wednesday, January 11, 2023 7:32 AM by David Marshall
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<January 2023>
SuMoTuWeThFrSa
25262728293031
1234567
891011121314
15161718192021
22232425262728
2930311234