Part 1 of this series discussed how global cyberspace faces threats from geopolitical tensions.
The dynamics of geopolitics change over time; it is not a new phenomenon. Therefore, all data and transactions on the internet are encrypted. The widely used encryption method (RSA protocol) uses encryption keys to securely transmit data globally. An encryption key is a random string of bits used to encode and decode data. Each key is unique and unpredictable. The longer the key, the better the robustness of encryption.
The advent of new-age technologies, such as quantum computing, mars the reliability of these encryption keys. The high processing power of a quantum computer can break the current encryption code in seconds.
Emerging tech will have the most influence on cybersecurity
Respondents of a survey said that artificial intelligence (AI) and machine learning (20%), greater adoption of cloud technology (19%), and advances in user identity and access management (15%) would have the most influence on their cyber risk strategies over the next two years.
The new technologies are potent tools for cyberattacks. More resources are thrown at cybercrime campaigns by criminal groups. A sense that cybercrime is converging with nation-state actors due to political rifts prevails in organisations across industries. It has led to more new campaigns and attacks clearly tailored to the target organisation.
The leaders at the helm of large organisations concur that the variety of attacks has increased significantly since last year; the impacts are systemic rather than isolated in one target or sector.
How do emerging tech shape emerging threats?
Cyberattackers come in many forms and with different motivations. In cybersecurity terminology, these disparate groups are bundled together as 'threat actors'. In 2022, malicious threat actors adapted quickly to exploit changes in the political, technological, and regulatory landscapes.
The threat landscape has become increasingly volatile. Professionalised cybercriminal groups have continued to grow and create a higher volume of new attack types. Volatility is not only risky; the time it takes to develop a response is an opportunity cost for cybersecurity experts. Cybersecurity teams sometimes feel forced to ignore strategically important activities to address immediate tactical issues.
Ransomware attacks and weaknesses from increased cloud service use are some emerging threats. Potential vulnerabilities of 5G technology and the evolution of the Internet of Things (IoT), which includes smart home devices, also pose security risks.
How can regulations boost cyber resilience?
Creating cybersecurity regulations is a centralised process. Though the system creates valuable policies, the process takes time. It might take two years to develop them. Standardisation can take 18 months. A cyberattack takes seconds. The speed at which emerging technologies are implemented outpaces our ability to build security measures around them. We should go beyond simple compliance with regulations if organisations are to be cyber-resilient.
Some elements of cybersecurity regulations, particularly for organisations operating in more than one country, remain duplicative causing resource constraints.
Compliance challenges remain. However, in case of mitigating a large-scale cybersecurity event, regulations are an effective measure for moving resources toward cybersecurity and resilience activities.
An increase in cyber incidents, related fines, investigations, and engagements between policy-makers and the private sector has elevated the perception of regulations as a critical influence on organisations’ cyber resilience.
Business leaders also support effective enforcement of regulatory requirements: 76% of business leaders agreed that further enforcement would increase their organisations’ cyber resilience. They believe that regulations enforced properly will raise the quality of cybersecurity across their sector and their supply chains, making their business less prone to collateral damage from attacks on other organisations.
Supply-chain risk (spread across global vendors) of a business
In 2022, 39% of respondent organisations had been affected by a third-party cyber incident. Simply put, they were ‘collateral damage'. Their operations were disrupted due to cyberattacks on companies from whom they bought or sold services.
Third-party organisations that have direct connections with an organisation or that process organisational data are a primary concern for all leaders. About 90% of respondents are concerned about the cyber resilience of such third parties.
Supply-chain risk indicates risk shared across a particular sector, different sectors, or countries and regularly affects important everyday services.
For example, in February 2022, a cyberattack on commercial satellite services in Ukraine caused electricity-generating wind farms to shut down across central Europe.
In July 2021, supermarkets in Sweden were forced to close their doors after a cyberattack on IT services provider Kaseya, based in Florida, USA.
In both cases, the rolling flow of disruption across sectors was due to a dependency on another organisation’s services, and the outcome of a service breakdown was unpredictable.
These incidents show how technologies that support businesses, infrastructure, and societies are increasingly interdependent and vulnerable.
Vulnerabilities are to deepen; how will we cope?
The magnitude of problems due to cyber breaches is unfathomable. The world is facing a dire need to increase the security arrangements on the internet. Doubling the size of the encryption key is a possible option, but it is easier said than done. Recalibrating the entire encryption system is a tedious, long-drawn process and comes with a very high price tag; it is also not sustainable.
Does that mean we should succumb to new-age threats? Are we in the age of gloom and doom?
Not really!
Quantum technology is an answer to its own set of problems.
How will quantum physics radically reform cybersecurity?
Read Part 3 of our blog series.