The security trends IT leaders must be aware of – and what’s needed to combat them

Security threats are becoming ever more sophisticated as cyber criminals expose vulnerabilities in the hybrid work environment and leverage generative AI tools.

That's why it's imperative that organizations understand how cyber attackers think and what techniques they are using to outflank enterprise security technology.

 "Enterprise IT leaders are often surprised when we explain how cyber criminals follow the market forces that shape their companies' business decisions," says Sean Duffy, VP Cybersecurity GTM at NTT. "Cyber criminals are no slouches when it comes to adding emergent tech like AI to their attack arsenals. Every organization is now within range."

Meanwhile the ransomware ecosystem is changing too¹. Attackers are forming smaller ransomware-as-a-service (RaaS) operations, as they aim to be harder to detect.

This gives security leaders more headaches as these smaller groups diversify tactics and make ransom negotiations even more challenging.

"As adversaries combine new threat types with existing attack models, traditional perimeter-based security provisioning is being outflanked and outgunned," adds Duffy. "SecOps teams must review, renew and reinforce their cyber security strategies, and the counteractive options open to them. Insights into future cyber security trends that help them better prepare for the challenges they'll face in 2023 will prove vital."

Foremost of these challenges - the normalization of remote working for many previously office-based staff - now demands that employers rethink the fundamentals of how their IT is structured and secured.

"The trend toward remote working is still playing out," says Mike Pimlott, Global Vice-President MSS at NTT. "Hybrid working is now largely the new norm. Businesses have to manage a decentralized network model where at least 35 percent of the workforce could be working remotely at any time."

This has changed security models built on the premise that employees could be protected if they were within a secure perimeter, Pimlott adds.

Next, you have an added complication that is a matter of growing concern for CISOs and other IT decision makers - malicious use of new generative AI tools.

"There are many ways AI can be used - to write malware or add plausibility to phishing attacks, for instance," Pimlott says, "or even help newbie cybercriminals acquire technical proficiency."

The growing burden of protecting organizations against cyber-attacks puts security professionals under intense, unremitting pressure. This strain and stress leaves businesses more vulnerable to attacks - a further reason why Security Operation Centers (SOCs) need extra support.

"Powered by automation and threat intelligence, services such as managed detection and response (MDR) enable companies to strengthen internal teams, extend their security stack, and attain what we call security at the speed of cloud to reduce the meantime to cyber-attack counteraction," says Duffy. "With NTT's MDR services, moreover, companies gain visibility across their entire IT environment so they can see and remediate each point of vulnerability."

Based on flexible consumption models, the benefits of MDR also exemplify the advantages for IT leaders of transitioning to a single-vendor approach to their cyber security provisioning models.

 "We're seeing a move away from multiple layers of defense based on different vendor solutions, as organizations gain confidence in adopting a single-vendor strategy," Pimlott says.

Duffy further argues that cyber management must become holistic and centralized.

"Business models have to couple with IT security models. Resilience and recovery should be as important as threat detection and mitigation. And then all employees, whether working on-premises or remotely, can be made to feel part of the extended enterprise IT security team."

And as enterprise digital estates transform, go multicloud, and create new attack surfaces, it's imperative that cyber defenses scale commensurately. For this to succeed, IT teams are gaining tactical advantage through proven techniques - like digital forensics - augmented by support and guidance from cyber services providers.

Find out more about NTT’s Managed Detection and Response.

[1] Ransomware ecosystem becoming more diverse for 2023 (CSO)