Cybersecurity: Why The C-Suite Should Care

More From Forbes

Spyware Company NSO Exploits Find My iPhone Flaw In Zero-Click Hack“,”scope”:{“topStory”:{“index”:1,”title”:”Spyware Company NSO Exploits Find My iPhone Flaw In Zero-Click Hack”,”image”:”×0.jpg”,”isHappeningNowArticle”:false,”date”:{“monthDayYear”:”Apr 18, 2023″,”hourMinute”:”07:00″,”amPm”:”am”,”isEDT”:true,”unformattedDate”:1681815656000},”uri”:””}},”id”:”8hc2egegb6og00″},{“textContent”:”

Platforms Issue ‘Urgent’ Warning Against UK Online Safety Bill“,”scope”:{“topStory”:{“index”:2,”title”:”Platforms Issue ‘Urgent’ Warning Against UK Online Safety Bill”,”image”:”×0.jpg”,”isHappeningNowArticle”:false,”date”:{“monthDayYear”:”Apr 18, 2023″,”hourMinute”:”05:08″,”amPm”:”am”,”isEDT”:true,”unformattedDate”:1681808903197},”uri”:””}},”id”:”7328g824oamg00″},{“textContent”:”

Why Your Tech Stack Isn’t Enough To Ensure Cyber Resilience“,”scope”:{“topStory”:{“index”:3,”title”:”Why Your Tech Stack Isn’t Enough To Ensure Cyber Resilience”,”image”:”×0.jpg”,”isHappeningNowArticle”:false,”date”:{“monthDayYear”:”Apr 17, 2023″,”hourMinute”:”09:53″,”amPm”:”am”,”isEDT”:true,”unformattedDate”:1681739594607},”uri”:””}},”id”:”2f8d2rrch8kk00″},{“textContent”:”

New iPhone Threat—What Is Reign Spyware?“,”scope”:{“topStory”:{“index”:4,”title”:”New iPhone Threat—What Is Reign Spyware?”,”image”:”×0.jpg”,”isHappeningNowArticle”:false,”date”:{“monthDayYear”:”Apr 14, 2023″,”hourMinute”:”11:07″,”amPm”:”am”,”isEDT”:true,”unformattedDate”:1681484843421},”uri”:””}},”id”:”8rnhlhfcf56o00″},{“textContent”:”

Almost Human: The Threat Of AI-Powered Phishing Attacks“,”scope”:{“topStory”:{“index”:5,”title”:”Almost Human: The Threat Of AI-Powered Phishing Attacks”,”image”:”×0.jpg”,”isHappeningNowArticle”:false,”date”:{“monthDayYear”:”Apr 11, 2023″,”hourMinute”:”01:16″,”amPm”:”pm”,”isEDT”:true,”unformattedDate”:1681233408438},”uri”:””}},”id”:”3n64e8j0dl0o00″},{“textContent”:”

Indian Government Starts ‘Fact Checking’ Social Media; Twitter Accused Of Caving In“,”scope”:{“topStory”:{“index”:6,”title”:”Indian Government Starts ‘Fact Checking’ Social Media; Twitter Accused Of Caving In”,”image”:”×0.jpg”,”isHappeningNowArticle”:false,”date”:{“monthDayYear”:”Apr 11, 2023″,”hourMinute”:”05:47″,”amPm”:”am”,”isEDT”:true,”unformattedDate”:1681206473050},”uri”:””}},”id”:”d36qp0rmf6dk00″},{“textContent”:”

iOS 16.4.1—Update Now Warning Issued To All iPhone Users“,”scope”:{“topStory”:{“index”:7,”title”:”iOS 16.4.1—Update Now Warning Issued To All iPhone Users”,”image”:”×0.jpg?cropX1=0&cropX2=1116&cropY1=2&cropY2=630″,”isHappeningNowArticle”:false,”date”:{“monthDayYear”:”Apr 8, 2023″,”hourMinute”:”02:03″,”amPm”:”pm”,”isEDT”:true,”unformattedDate”:1680977005977},”uri”:””}},”id”:”4n6of0i41o2c00″}],”breakpoints”:[{“breakpoint”:”@media all and (max-width: 767px)”,”config”:{“enabled”:false}},{“breakpoint”:”@media all and (max-width: 768px)”,”config”:{“inView”:2,”slidesToScroll”:1}},{“breakpoint”:”@media all and (min-width: 1681px)”,”config”:{“inView”:6}}]};

Cybersecurity Maturity Models Can Be Immature

Like many things in life, cybersecurity posture is a spectrum of states in maturity. Cybersecurity Maturity Model Certifications (CMMC) are all the rage now in IT departments. You can be at one end of the spectrum of cybersecurity maturity, the other end of the spectrum, or maybe somewhere in the middle. The National Institute of Standards and Technology (NIST) and CMMC have defined those security maturity models in five distinct stages. You even often hear some IT departments proudly declare that they are a level three or four or five in terms of their security maturity. We can analytically categorize the levels that compose these security states, and that is a good thing. However, some of these states assume reasonably well-known threat patterns. The challenge is that even with the best possible security posture, novel threats can bring the entire security structure crashing down. This is one of the driving conditions that make a comprehensive cyber security approach an operational and technological necessity.

From Reactive to Proactive

Whether it is NIST or CCMS, the five levels of cybersecurity maturity shape up like this:

● In the first level, the organization is vulnerable. A lack of preparedness is the most palpable description, along with a general lack of structure, documentation, or processes.

● At the second level, an organization becomes more aware, but they are still reactive. They can repeat basic efforts, and they have basic documentation of processes available but only in a reactionary manner. This organization can respond in the timeframe of a few days, but they are vulnerable to data loss, operational gaps,and financial impact.

● Level three marks the beginning of effective security measures. Typically constructed from security, compliance,and regulatory efforts, along with a greater establishment of tight security processes. Security policies and technologies are deployed and are available in documentations for the most critical environments. General assurance of the environment is established, typically including the existence of backups and repeatable issue mitigation. In this scenario, rapid event awareness is the vehicle for enablement, reducing response to hours and sometimes minutes while there is a significant minimization of potential financial loss.

● The next level escalates to a continually compliant state based on external requirements and internal operational standards. The entire environment is managed, logged, and reviewed on a routine basis and continuous monitoring helps eliminate regulatory penalties and awareness of operations across each discipline.


● The highest level in this security maturity level is the optimized proactive posture where information security processes are a model of continual improvement. These processes are tightly integrated with information from throughout the environment, offering feedback, external information, and research, and they can introduce needs-based process updates to better serve the organization. Organizations at this level are able to respond in real time, and they can significantly reduce data and application breaches.

Prepared but Still Exposed

While these five levels sound good, there are still massive risks from novel threats that can make much of the level two and level three preparedness become obsolete, and perhaps severely compromise even a level four organization. A Zero-Day attack is an unforeseen event that bypasses previously established standard security measures. This makes it difficult for security systems and software providers alike, as they don’t know what threat signature might trigger alarms or not— leaving their products vulnerable in the process.

During a Zero-Day attack, all that preparedness can be undermined as even a limited opportunity slips through the cracks, unknown and unopposed. Preparing for Zero-Day attacks is critical, with a foundation of:

● Being proactive

● Maintaining good data backups

● Monitoring traffic, security incidents, and accounts

● Keeping systems up to date

● Zero-Trust implementation

Zero-Day Blinders and Zero-Day Finders

A key disadvantage of operating as a single organization with a single infrastructure is reduced visibility. In terms of Zero-Day vulnerabilities, a lone organization may only be subject to a single attack at a given time. This makes it easy to lose sight of looming dangers that are continuously present and just as dangerous.

Among the benefits of leveraging a massive infrastructure, and a adopting the mission to go beyond the final level of security maturity into Zero-Day conditions, is the ability to see incoming threats across different channels, organizations, industries, and geographies. The imperative of Zero-Day threats across a scaled base requires never-ending active identification and hunting of threats throughout the infrastructure.

When we speak of comprehensive security, it incorporates everything from process to technology to detectionmonitoring to recovery. It encompasses everything from designing, building and operating the entirety of the IT environments. Absent this complete approach, even proactive organizations cannot rely on their maturity model designation as a crutch against threats. When the significant risk of Zero-Day threats is unacceptable, no stone can be left unturned.

Predicting What 2022 Holds For Cybersecurity

2021 was a fascinating and somewhat terrifying year for cybersecurity, as all our fears regarding cyber-threats have come true in one way or another.  2021 was tricky, as many organizations have been slow to adapt to the new security climate. Predictions aside, complacency is not an option if you plan to survive and thrive in 2022. Rest assured, the future of cybersecurity is bright, but it will come with its own set of challenges. We look forward into the future because the sooner we can start adapting strategy, policies, and technologies, the better off everyone will be in the long run. Predictions can be both exciting and terrifying at the same time, so please put on your seat belt and helmets:

1.     The Cybersecurity Talent Drought Will Get Much Worse

The cybersecurity talent shortage that affects the industry is only going to get worse. At one point in 2021, there were 500,000 unfilled cybersecurity jobs in the US. That’s a figure that is likely to increase due to the continued growth of ransomware, data breaches, and other cyberattacks. 

Faced with this challenge, businesses will find it increasingly difficult to protect their networks and data. Services and specific technology partnerships will continue help fill and protect that which is sacred, but further help may be on the way from an unlikely place: artificial intelligence (AI). AI has the potential to detect malware on networks before it is spotted by employees. Along with machine learning, these technologies can better analyze vast quantities of data more quickly than humans, detecting sneaky issues such as phishing attacks, privilege escalations, data exfiltration, and insider threats.

2.     Supply Chain Cyberattacks Will Be Commoditized

In recent years, we have seen a significant increase in the number of cyberattacks targeting software supply chains. These attacks are particularly effective because they can take down an organization’s entire software supply chain and services, resulting in massive business disruptions.

Unfortunately, we can expect these attacks to become even more common in 2022. Cybercriminals will realize that these supply chain attacks are an effective way to cause maximum disruption, and once inside the trusted gates, the hardest part of the hack job is already handled. These groups will commoditize these attacks as a result. We can expect this commoditization to lower the bar for entry by encouraging less-skilled attackers to conduct software supply chain attacks.


3.     The Death and Rebirth of Cyber Insurance

Faced with a costly environment of escalating risks, the cyber insurance industry has seen many challenges in the past year and the premiums for coverage have skyrocketed. Even though many businesses are required to carry cyber insurance, these conditions are leading to companies no longer purchasing extensive policies. This market squeeze will certainly affect the cyber insurance industry itself. 

We are going to see this happen, but we will also see a resurgence of cyber insurance as companies become more aware of the risks associated with data breaches and standardize on what it takes to attain coverage.  Cyber-Insurance without Comprehensive Security, will become a non-starter.   Combined with a growing awareness of the risks associated with data breaches and cyber incidents, the market for cyber-insurance is starting to mature, and premiums will become prohibitively more expensive for companies that don’t have a sound security strategy.  

4.     More Smart Devices, More Risk 

It’s inevitable – The Internet of Things is a continually growing trend that will bring about more cyberthreats. In 2022, we can expect to see even more cyberattacks due to the increased number of IoT devices. The proliferation of these often minimally protected devices increases the threat vectors through everyday devices. Hackers can attack through many vulnerable devices such as security cameras, smart TVs and DVR’s in your home or workplace. 

The Mirai Botnet was one such attack which took down several high-profile websites with a denial-of-service (DDoS) attack. This botnet was made up of millions of hijacked IoT devices and attackers will always be looking for the maximum bang for their hacking buck. 

5.     Cyberattacks Will Cost Lives

The world is no stranger to the amount of damage hackers can cause. We have seen attacks on hospitals, transportation systems and even schools leaving hospitals paralyzed, cities without electricity and students’ grades showing up as F’s. However, what many people have a hard time imagining are the effects of a hacker setting their sights on critical infrastructure like power plants or dams. 

Threats will become all too real when an upcoming attack results in disruption and death. It’s not a pretty picture, but the actions of world leaders have indicated that cybersecurity is the front line in a global cyberwar and casualties are just a logical hop away.

6.     SHTF Events Will Put Disaster Recovery into the Forefront Again

Expect the unexpected. Seldom have three words carried so much weight. An improbable but all too real SHTF scenario is out there waiting in some company’s destiny, but it doesn’t have to go the way of painful recovery.  You can’t plan for everything, but you should plan for anything.

From cyber incidents to weather disruptions, to natural disasters of every type, major events will drive a resurging focus on enterprise disaster recovery (DR) in the year ahead. The cost of NOT thoroughly protecting these systems is higher than ever and the events experienced in the last year are the beginnings of a wake-up call for both businesses and governments around the world. The need to protect critical infrastructure and data is now at the forefront of every boardroom conversation and government policy.  

7.     Machine Learning/AI Tools Continue Changing the Game for Cybersecurity

Machine learning (ML) and artificial intelligence (AI) have already started to revolutionize cybersecurity, and their impact is only going to grow in 2022. These tools are making it possible for organizations to detect and respond to threats much more quickly and effectively than ever before. Security professionals can identify potential attacks more quickly than ever before with AI-powered dashboards. Meanwhile, machine learning tools can be used to detect ransomware in an image file before it’s opened on a computer. 

Cybersecurity teams will use ML and AI to automate the detection of attacks, understand the impact of a breach, and reduce fraud.

8.     More Cyber Criminals in the Slammer

Law enforcement agencies have stepped up their efforts to catch cyber criminals. While the biggest headlines seem to show that the perpetrators are never caught, many successful investigations have been resulting in prosecution. This increased trend is going to continue as law enforcement officials become even better at identifying and apprehending cybercriminals. That’s good news for businesses and consumers alike, as cybercriminals will have a reduced ability to operate with impunity.  

9.     Tables Will Turn: Cyber Crime Will Hit International Companies in China and Russia

A recent major cybersecurity report found that four in five large international companies have been targeted by cybercrime in China and Russia. The sad part that 40% of companies that lose data or have a data breach, end up going out of business due to the cost and reputational damage. These companies have fallen victim to a wide variety of attacks, including malware, ransomware, and phishing.  

As it turns out, nobody is immune to cyber threats and you shouldn’t do business with criminals. Foreign nations have been dancing a perilous line of espionage and state-sponsorship of attacks on adversarial and strategic targets. The tables are going to turn on them at some point.  

10.  Quantum Computing to Make a Debut

This one has been building up for a while now, but this should finally be the year that quantum computing debuts in the cybersecurity world. We are talking about actual quantum computing, not the marketing type of quantum-like features. 

The breakthrough will be small at first but expect to see products that can take advantage of the peculiar properties of quantum mechanics to do things like factor large numbers very quickly or break current cryptography within a few years. This could also present a serious challenge to today’s security protocols and necessitate a wholesale rethinking of how we protect our data.

Quite a Year Ahead

There’s a sense of foreboding in cybersecurity, especially when everything seems to be as safe as possible. Cybercriminals thrive on this false sense of security and subsequent complacency to do their worst. We must always be on guard, prepared for the worst. Cybercrime is rampant and the threats don’t discriminate. This year alone, four in five large international companies have been targeted by cybercriminals – meaning that nobody’s immune to the risk of a breach. Fortunately, there are ways we can protect ourselves against these risks: strong cybersecurity protections like firewalls, anti-virus software and intrusion detection systems; training for employees so they know how to avoid becoming victims themselves; and understanding what brings on data breaches. The best approach is to not only adopt a comprehensive security approach to every level of the IT stack, but also include all business processes in that approach.