Balancing cybersecurity and user experience needs is no mean feat. As threats increase rapidly and customer demands spiral, it can be tricky for businesses to know where to focus their efforts to reap the most reward.
In 2023, leaders will encounter rising zero-day attacks, start to recognise the dangers surrounding IoT, and identify edge computing as an area of investment. However, many organisations simply don’t have the internal resource to handle this level of security needs or implement new solutions effectively.
So, what should leaders focus on when engaging with partners and vendors to improve their security, without sacrificing user experience? Paul McNamara, Senior Solutions Engineer at Edgio explores.
Zero-day attacks hit new levels
The threat landscape is constantly changing with the introduction of new technologies and attack vectors. Some of the most preeminent threats in 2023 will be zero-day application exploits – where hackers identify a vulnerability in something that’s used by many organisations and then exploit it to bring down systems all over the world. They are massive attacks that can be difficult to spot, losing businesses money, brand reputation and trust. For instance, in Q2 2022, application-layer and network-layer DDoS attacks increased by 72% and 109%, respectively. In the last decade, about 40% of attacks took place in 2021 alone, and hackers show no signs of slowing down with recent breaches at Samsung, Apple, and Google.
As companies start maturing their cybersecurity awareness and programs, it is important to have proper investment in solutions and capabilities to not just prevent cyber-attacks, but also to detect and respond to them. Having visibility of zero-day attacks allows organisations to quickly mitigate, resolve them, and deploy security rules quickly which minimises impact.
Businesses should invest in a distributed edge network and dual WAF solution, as it allows them to test out new mitigation techniques without endangering their network. Once organisations test in audit mode and check that everything is working properly, they can quickly deploy into production and mitigate vulnerabilities faster – without going offline. For enhanced protection, solutions that detect threats via AI and machine learning (ML) will be vital in 2023. Organisations using AI and automation had a 74-day shorter breach lifecycle, saving an average of $3m more than those without.
The dangers of IoT devices will become evident
With ongoing IoT developments, in 2023 there will be billions of connected devices to the internet, opening unprecedented opportunities for hackers. With more than 43bn connected devices, there are more attack vectors than ever for cybercriminals.
The UK and US are introducing greater measures to help buyers understand what risks might be posed by specific devices they introduce in their homes. For instance, the UK government is already looking at the Product Security and Telecommunications Infrastructure Bill, formalising their previous Code of Practice for Consumer IoT Security. With stolen or compromised credentials the most common cause of a data breach, it’s about identifying vulnerabilities in IoT infrastructure and taking mitigating action.
The struggle for CISOs is fully grasping their attack landscape and where opportunities lie for hackers. For example, when retailers use IoT to extract real-time in-store sales data, this can often be through the use of third-party vendors, or applications from their point of sale. Identifying vulnerabilities like this and focusing on the potential risks associated with third-party applications will be vital to boost security in 2023. It is an ongoing challenge as systems and solutions continue to evolve as organisations modernise and build out their IoT infrastructure – however, moving security to the Edge of your network can help to filter sensitive data locally and only send critical IoT data to the Cloud.
2023 will be the year of the Edge
Despite being widespread, Edge computing is still nascent, with organisations trying to understand how to incorporate it and realise all its benefits. 2023 will see workloads moving to the Edge, due to better performance and reduced latency, lower costs, greater scalability, and improved availability.
The future of digital experiences is at the Edge. These solutions provide the performance, security, and reliability needed to deliver innovative and personalised experiences, resulting in reduced costs and latency. Using this technology shields critical infrastructure and absorbs increasingly enormous threats from zero-day attacks and IoT hacks. And finally, it provides greater reliability by offering better routes or ‘fast lanes’ between users and the data they are accessing.
There used to be a belief that implementing comprehensive security would slow down processes and jeopardise user experience – but this is not the case. It is believed that over 40% of all internet traffic is comprised of bot traffic, so by blocking bad bots you can allow real users to access your site more easily and get better performance as your site is not being slowed down by malicious requests. For instance, in the retail industry, having super-fast page loads encourages customers to browse more and increase spend.
Whether it’s combatting zero-day attacks, preparing for new IoT threats or embracing new Edge solutions, 2023 will be a year of both threat and opportunity.