4 reevaluations in cybersecurity that every SOC team should address in 2023

Rasheed Al Odah, Country Managing Director, MEA Services and Saudi, UAE South, Bahrain & Levant at Trend Micro highlights all the SOC teams in the region needs to focus on 4 areas in cybersecurity.

The threat landscape continues to evolve by the day. The Trend Micro 2022 Midyear Cybersecurity Report revealed that its solutions blocked and detected more than 28 million email threats, nearly 14 million malware attacks and close to 6 million URL victims’ attacks across the kingdom. In our recently published “Future Tense – Trend Micro 2023 Security Predictions” report, we take a deeper look at the state of the threat landscape and identify the challenges facing organizations and their security teams.

As enterprises continue their growth journeys and the digital transformation that drives them, they should never lose sight of the fact that their attack surface is expanding and that there is a human element to address on both sides of a cyberattack. Here are four areas that need to be revisited to make  cybersecurity a match for the evolving threat landscape in 2023.

Reevaluate the user
As employees adjust to hybrid work, security teams must finally abandon traditional security solutions and move to a holistic approach. The end-user, when equipped with the right tools, can be a supporting soldier in the SOC’s daily fight against threat actors. Meanwhile, C-suites need a bird’s-eye view of the technology stack too, tailored to their concerns, which will be related to compliance and brand trust

Reevaluate the enemy
Lately, we have seen cybercriminals professionalize their operations. Ransomware is RansomOps and tools are offered through Ransomware-as-a-Service (RaaS) cloud platforms. Security teams may be increasingly better armed and legislators increasingly strict, but ransomware actors will find a way; they will regroup and refine their playbooks, perhaps opting for full-time data-extortion rather than traditional ransomware. Successful SOCs will not wait to see what their adversaries invent. They have already procured holistic solutions that automate the mundane and eliminate alert fatigue, clearing out the white noise so that when cyber-gangs deploy their new methods, they can be identified and mitigated.

Reevaluate old vectors
While malicious actors come up with new ways to harm us, we cannot expect them to remain wholly inactive. They will likely fall back on old, reliable vulnerabilities and inroads, steering clear of riskier more rewarding ones. In 2023, expect attackers to revisit outdated protocols and devices that enterprises have failed to decommission. Some of these legacy threats may be given a fresh spin, so be on the lookout for sophisticated social-engineering campaigns that may include novel technologies like deepfakes. Others may adapt old living-off-the land techniques to mount “living-off-the-cloud” attacks.

Reevaluate transformative innovations
This year, the novelty of the Metaverse and its attendant NFTs, may grow stale. But their underlying blockchains will offer attackers many opportunities to evade security professionals and law enforcement. Meanwhile, open-source software has come under fire for the flaws (think Log4Shell) that have surfaced in recent years, so that too is a space to watch carefully.