Top 7 Trend Articles of 2023. . .
. . . For ISOs of Small Financial Institutions.
Welcome to our annual T7 article: a list of our favorite trend articles from the past year. Our intent: help you organize your thoughts as you work through your strategic planning process. We hope reviewing these articles will help you create a list of “outside-the-bank” ideas.
Some of the authors of these articles are friends of infotex, others we have not met. We avoid mainstream authors (like Schneier or Krebs) and try to make the trend articles “bank related.” We’re queuing up this year’s list like a David Letterman’s Top Ten list, saving our favorite for last!
Trend Article #7: The Artificial Intelligence Risk Management Framework published by NIST aims to give “individuals, organizations, and society” a framework to manage risk related to AI. AI has become a hot topic in the past year, and as such many businesses are starting to get AI on their radar, though due to its new nature and relative complexity, many are having trouble wrapping their hands around AI risk. A playbook has also been developed for use side by side with the AI RMF.
Trend Article #6: While this was included in last year’s T7 article we believe it is still relevant to keep it at the front of the mind this year. Zero Trust, while ‘buzzwordy’, is a major step forward in architecture. It balances ease of use with security in an effective and easy to understand manner.
Trend Article #5: Paloalto’s article goes over some of the modern extortion methods cyber criminals use and as well shows the increase of costs over time. The more the payments are made, of course the more prolific of a “business” ransomware becomes. They identify “quadruple” extortion being on the rise. There are four methods that ransomware gangs use to make sure they get their payment out of the stolen data. Whether the company paid or not, they make sure they get use out of it. Paloalto then goes into the trajectory they believe ransomware will take over the coming months and years
Trend Article #4: This article, Must-Know Cyber Attack Statistics and Trends by Embroker has some amazing visualizations of cyber statistics as well as some great information pertaining to the cost of breaches, breach detection times, most common types of attacks, what industries are vulnerable to certain attacks and some suggestions to help keep your business safe!
Trend Article #3: Cloud security is an ever increasingly important thing to wrap your hands around. As third-party cloud providers grow, so does the threat of major attacks on the big cloud providers having an effect on your day to day operations. It is important to appropriately analyze and asses the risk that arises from the shared responsibility, and this article by checkpoint gives an up-to-date outlook on cloud security.
Trend Article #2: OWASP is a known trusted name in the cyber world. While we always suggest taking a look at their web-application top 10 list, their newest list covering API security risks, is even more relevant to today’s security landscape. API’s are everywhere now and even if you maintain your own API, you probably use software that uses them, and as such its’ valuable to know how they can be vulnerable and how they are exploited!
Trend Article #1: Using IAM techniques combined with a zero-trust mindset is needed for a secure network environment today. This article by Veritis goes over the main IAM trends seen across the field, with some key takeaways that make it easier to start implementing these principles on your network.
2023/24 is shaking up to be a scary year in trends. Let us know which trend articles you think we missed! And don’t forget, you can leave anonymous feedback at feedback.infotex.com.
Original article by Dan Hadaway CRISC CISA CISM. Founder and Managing Partner, infotex