At IDC’s UK & Ireland Security Summit 2023, on April 17, 2022, 60 security leaders from across the UK and Ireland discussed the key theme of the event — “Security Strategy 2023: Managing Risk to Enable Digital Business”.
The summit featured an impressive panel of speakers from our partners and the CISO community, complemented by insights from the IDC’s European Security and Privacy team. Based on the presentations, workshops, and roundtable discussions from over 20 sessions, our top five European cyber security trends are as follows:
- Threat Landscape
Security practitioners are aware that their attack surfaces are expanding due to digital transformation, remote work, IoT and mobile adoption, and an increasing reliance upon the Web for conducting all aspects of a business. Cyber threats facing organizations are diverse and fast-changing. The ability to understand and mitigate risk depends upon having a clear view on the complexity and dynamic nature of the threat landscape. Who might the threat actors be? How are they trading in terms of selling enterprises’ credentials and vulnerabilities? Employees and contractors at organizations continue to be a point of entry for successful cybercrime. This may be credential theft or more simply end users clicking on malicious links. Standards for security hygiene must be continually assessed and addressed; for example, avoidance of the use of guessable password formats, conducting regular back-ups on different mediums including immutable data back-up and limiting the use of unsanctioned IT or Bring Your Own Device (BYOD).
Businesses should challenge the security industry on how technology vendors and MSSPs can drive security behind the scenes; so that malicious URLs and emails do not appear in the inbox or browser in the first place. Thus, security should become more invisible and frictionless.
- The Evolving Security Leadership Role
IDC sees the CISO role as a communications conduit to the board and the C-Suite on strategic security topics. It has become important for security leaders to have expanded skills broader than the technicalities of security. The modern CISO needs the capability to understand the overall business strategy and direction: inevitably this will include digital transformation or digital business elements. The CISO must ensure that security outcomes delivered are consistent with business strategy and digital initiatives.
- The Importance of Cyber Crisis Readiness
A senior speaker from a European government national defence agency highlighted how demonstrations of crisis response during a major global sporting occasion was a valuable exercise, as it gave leaders first-hand experience of how the response to crisis is handled in a realistic scenario. In this example the crisis response group brought in senior government officials to witness crisis response activities. Major cyber-attacks on critical national infrastructure have become national security event, and predetermined crisis centres are essential to give the most effective response to serious incidents. The key takeaway is that security leaders should explore bringing the C-suite and Board into cyber crisis simulation “rooms” to imitate a major attack and use this to critically evaluate responses amongst the executive leadership, as well as build in muscle memory so that appropriate responses are more automatic.
- Generative AI
It’s agreed that generative AI will have a transformative effect across all aspects of the technology industry, including cyber security. Generative AI is already a major issue as far as cybersecurity is concerned, with generative AI, for example, making phishing attacks much harder to detect. Businesses and governments should be encouraged to move quickly in understanding and responding to these new threats. Unskilled would-be cyber criminals can potentially create malware code using OpenAI, and thus the barriers for entry are now lower than ever, which is driving up the number of potential threat actors and cyber-attack volumes. On the other hand, the application of generative AI can help security teams build up their defences, by applying generative AI to SOC automation and SIEM/SOAR triage.
- Security Skills Shortages and Lack of Diversity
There continues to be a major skills shortage in cybersecurity that’s been around for a decade. There are initiatives in place to address this, but organizations must do more to address the skills shortage and lack of diversity. MSSPs and security technology vendors should lead on up-skilling and diversity in the industry, by driving training programs, internal skills transfer programs, and efforts to encourage and motivate a more diverse workplace.