Banking, manufacturing, professional services, and federal governments are the four industries that will account for more than one-third of all security spending this year
Last month a bug found in ChatGPT’s open-source library caused the chatbot to leak the personal data of customers, which included some credit card information and the titles of some chats they initiated. In another high-profile data breach, a Washington DC-based healthcare provider that handled sensitive data belonging to a number of federal legislators and their families may have affected up to 170,000 people. The data has been put up for sale online, although the FBI is thought to have already purchased it as part of their investigation.
Cybercrime represents the greatest transfer of economic wealth in history. It will cost companies worldwide an estimated $10.5 trillion annually by 2025, up from $3 trillion in 2015; at a growth rate of 15% year-over-year according to research by Cybersecurity Ventures.Global security spending will reach $219 billion this year and grow to nearly $300 billion in 2026, per an IDC forecast.
The biggest security spenders this year will include organisations in banking, manufacturing, professional services and federal governments. The four industries will account for more than one-third of all security spending this year, according to IDC. Software, the fastest-growing segment, will account for 47% of all cybersecurity spending this year, followed by services at 39% and hardware at 13%.
Most vulnerable are small business
Cyberattacks on all businesses, but particularly small to medium sized businesses, are becoming more frequent, targeted, and complex. According to Accenture’s Cost of Cybercrime Study, 43% of cyberattacks are aimed at small businesses, but only 14% are prepared to defend themselves. According to the World Economic Forum report, one of the biggest threats is a “mutating” threat. This could take the form of an AI-enabled virus that transforms as it infects various systems and organisations to evade defence systems or even detection.
State-sponsored cyber-attacks have institutionalised cybercrime. A recent Mandiant research identifies APT43 as a prolific North Korean cyber operator that supports the interests of the North Korean regime. The group combines moderately-sophisticated technical capabilities with aggressive social engineering tactics, especially against South Korean and U.S.-based government organisations, academics, and think tanks focused on Korean peninsula geopolitical issues.
Publicly reported activities attributed to APT43 are frequently reported as “Kimsuky” or “Thallium” and include credential harvesting and espionage activity most likely intended to inform North Korean leadership on ongoing geopolitical developments.
In addition to its espionage campaigns, APT43 funds itself through cybercrime operations to support its primary mission of collecting strategic intelligence. The group creates numerous spoofed and fraudulent personas for use in social engineering, as well as cover identities for purchasing operational tooling and infrastructure. APT43 has collaborated with other North Korean espionage operators on multiple operations, underscoring the major role APT43 plays in the regime’s cyber apparatus. The ultimate aim of campaigns is most likely centred around enabling North Korea’s weapons program, including collecting information about international negotiations, sanctions policy, and other country’s foreign relations and domestic politics as these may affect North Korea’s nuclear ambitions
Russian cybercriminals have been named
Researchers have long concluded that cybercriminals working in Russia have amorphous but crucial connections to the Kremlin, but there has been little clear information, and officials have often been vague about the dynamic. As a part of a push to shut down ransomware gangs, the UK and US governments have unmasked some of the criminals behind the attacks.
Officials have sanctioned seven alleged members of notorious ransomware gangs and published their real-world names, dates of birth, email addresses, and photos. All seven of the named cybercriminals are said to belong to the Conti and Trickbot ransomware groups, which are linked and often jointly referred to as Wizard Spider. Moreover, the UK and US are now explicitly calling out links between Conti and Trickbot and Russia’s intelligence services.
Addressing the skill shortage
However, most companies are finding it difficult to mount an effective cyber defence strategy due to a huge shortage of skills in this space. One way of tackling this could involve utilising automation where possible, freeing up professionals to focus on the human challenges – whether that is spreading awareness of the dangers of phishing and the importance of good password practices or understanding the behavioural changes that attackers will be taking advantage of in the near future. For most organisations, this is likely to involve making an investment in training.
Know more about our Top Ranked PGDM in Management, among the Best Management Diploma in Kolkata and West Bengal, with Digital-Ready PGDM with Super-specialization in Business Analytics, PGDM with Super-specialization in Banking and Finance, and PGDM with Super-specialization in Marketing.