Exploring the Future of Cybersecurity
May 30, 2023
By Kevon Swift, Head of Public Safety Affairs
Step into any major tech event over the past decade, and you are guaranteed to stumble upon fervent discussions about cybersecurity. It is a topic that has shared the spotlight with buzzworthy subjects like cloud computing, quantum technology, the Internet of Things (IoT), and Artificial Intelligence (AI). But amidst this buzzing cacophony, what makes a panel discussion on cybersecurity at the recently concluded LACNIC 39 event so relevant and important? The answer lies in the profound transformations that have reshaped our cyber landscape over the past ten years, revealing unsettling truths about the world’s woefully underdeveloped state of cyber hygiene. Yet, amidst the disquieting revelations, a glimmer of hope emerges. The time-tested wisdom shared in earlier cybersecurity conferences, emphasising the human element and the power of cooperation, remains as pertinent as ever.
At LACNIC 39, I had the privilege of moderating the panel discussion titled “The Future of Cybersecurity”, flanked by Mr Pablo Álvarez, SIIES Government of Yucatan; Mr Sabas Casas, ACCENTURE México; Mr Wilberth Pérez, Head of the CSIRT-UADY (Computer Security Incident Response Team – Autonomous University of Yucatan); Mr John Brown, Team Cymru Senior Security Evangelist; and Ambassador Claudio Peguero, Cyber Affairs Advisor, Ministry of Foreign Affairs of the Dominican Republic. Our five esteemed cybersecurity experts graced the stage, shedding light on pressing matters such as the current state of cyber hygiene, global trends in cyber incidents and crimes, and our most potent defences against the imminent risks lurking in cyberspace. The conversation commenced by delving into the truisms and clichés that have plagued our underwhelming cyber hygiene. One such revelation was the unfortunate relegation of cybersecurity as a mere IT problem, often undervalued by corporate decision-makers who fail to grasp the multifaceted nature of its risks. The panel astutely identified moments of miscommunication, akin to being “lost in translation,” between Chief Information Security Officers (CISOs) and those prioritising short-term financial gains within organisations. It is disheartening that an uninformed view of the information security field may still linger, perpetuating the misconception that security measures boil down to purchasing firewalls and antivirus software alone. In introspection, the disconnect among professionals from diverse backgrounds is not a novel phenomenon. What, then, has truly changed in our environment?
Three compelling reasons spurred us into action for this occasion. Firstly, the global pandemic thrust us into an unprecedented reliance on Internet services and technologies, welcoming a wave of new-to-digital customers with varying levels of technological proficiency and awareness into the digital realm. Alarming trends have emerged, revealing that both young adults and the elderly are particularly vulnerable to falling prey to cybercrime. Their lax attitudes towards data privacy, or limited familiarity with digital tools as is the case among individuals over 75, have made them easy targets. Secondly, the rapid digitalisation witnessed across governments, businesses, and the education sector has outpaced the development of robust security and contingency plans by CISOs. As valuable assets were swiftly migrated to the virtual realm, the critical need for comprehensive security measures became glaringly evident. However, the implementation of such measures struggled to keep pace with the accelerated pace of digital transformation. Furthermore, the surge in remote work and the widespread adoption of ordinary consumer devices as workstations necessitated an immediate and substantial increase in cybersecurity measures. A 2020 report on the business case for enhanced cybersecurity shed light on an unsettling reality: despite the practicalities of working from home, 57% of those surveyed reported feeling more distracted than in a traditional office setting. This distraction had a direct correlation with a heightened susceptibility to cyberattacks, including the insidious threat of phishing scams.
(Free access, no subscription required)
There is another powerful rationale for conducting this focused discussion on cybersecurity at this time. According to Deloitte, in the pre-pandemic era, approximately 20% of cyberattacks employed previously unknown malware or techniques. However, with the onset of the pandemic, this percentage had surged to 35% in that first year. Among the emerging attack methods, some leverage machine learning capabilities to adapt and evade detection. Another concerning trend is the growing complexity of ransomware attacks. Attackers are combining data leakage tactics with ransomware, employing persuasive strategies to coerce victims into paying the ransom.
With innovative models such as malware as-a-service, the cybercriminal economy has been shifting drastically. Seasoned bad actors have commoditised and made their threat capabilities available on criminal marketplaces so that entry-level cyber criminals can easily purchase malware and malware deployment services and in turn sell stolen credentials and data in bulk. This industry practice has massified the number of cyberattacks although the scale and intensity of each attack have shifted as the seasoned criminals have positioned themselves higher up the criminal value chain to avoid detection. Cybercriminal groups have been evolving into organised entities, mirroring legitimate businesses. For example, the Conti criminal group was replete with marketing departments, human resources, and remote staff who might have been oblivious to their involvement in criminal activities.
In our review of cybersecurity preparedness in Latin America and the Caribbean, we focused on three insightful perspectives to assess our region’s cyber capabilities. Among 33 economies in the region, we found that 18 already had national cybersecurity strategic plans in place or were actively developing them. These plans serve as comprehensive, collaborative documents that outline strategic areas for enhancing cyber resilience, responding to cyber threats, promoting cyber awareness, and ensuring legal measures for delivering justice to cybercrime victims. It is paramount that these strategic plans are regularly updated, adequately resourced, and effectively implemented to enable collective cybersecurity efforts. Regarding technical responses to cyber incidents and attacks, a significant majority of countries in the region had established Computer Security Incident Response Teams (CSIRTs). These teams operated at various levels, including national, governmental, military, and sector-specific entities. Additionally, nearly all countries, except for four, had enacted cybercrime legislation. However, it is worth noting that we did not assess the effectiveness of this legislation in terms of the currentness of cybercrime definitions or the adequacy of procedural provisions to facilitate cyber investigations and cross-border cooperation among law enforcement agencies. The snapshot did help us identify important building blocks for cyber resilience at a macro level, which would indeed be required to support anything we do at a corporate level.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of LACNIC.