I rarely share cyber-related content on this platform. But I’m hoping to change that. One post at a time. 

As someone who has been in the industry long before it blew up. I have spent a fair amount of my time attending security conferences and workshops on a semi-regular basis. During my time at these conferences, I picked up on a thing or two (apart from vendor merch), and here are my thoughts on the cyber landscape in 2023. 

1.       Lateral movement is easier than we think. 

Lateral movement allows a threat actor to avoid detection and retain access  (even if discovered on the machine that was first infected. After an attacker gains initial access to an endpoint (via a phishing attack or malware), the attacker is able to impersonate the legitimate user and move through the network and systems until its end goal is reached. 

More often than not, we are now seeing companies that have weak horizontal controls (i.e. flat network, lack of logging and monitoring) become an ideal target to these types of attacks. 

2.       Human error is becoming an everyday occurrence.

With the way technology is evolving, humans are not always aware of the severity of these cyber-attacks. And more often than not, lack of awareness is one of the main reasons why people end up becoming victims to cyber-attacks. All it takes is one wrong scan of a shady QR code and one click of a phishing link. 

3.       Plenty of phish. 

Phishing is when an attacker impersonates a legitimate company/user to reveal personal information about themselves. This can usually be done through ‘legitimate’ looking addresses, QR codes or txt messages (known as smishing). The issue with phishing attacks is that as technology evolves phishing attacks have evolved to better impersonate legitimate banks and postal services allowing them to attack a larger target audience.

4.       Monitoring user access.

User access reviews are usually boring and repetitive. But they are necessary. Recent industry trends indicate that most companies don’t have a governance process around their user access reviews resulting in people with higher levels of access that don’t necessarily align with their roles and responsibilities. Having elevated access for longer periods of time leaves the user and companies vulnerable to damage arising from external attacks, as well as from insider malfeasance or negligence.