Sandy Carielli, Principal Analyst and Brian Wrozek, Principal Analyst

Show Notes:

For security and risk leaders, one of the keys to defending against new threats is understanding the biggest recent attacks. In this episode, Principal Analysts Sandy Carielli and Brian Wrozek unveil the top security lessons learned in 2022 and describe how they can be used to help defend against the new threats in 2023.

The episode starts with some eye-popping data. Carielli says that in 2022, the top 35 global security breaches exposed 1.2 billion records, and 34% of those attacks hit public sector and healthcare organizations, with media and entertainment and financial services being the next-most-targeted industries. Wrozek notes that, while there was an “honor among thieves” agreement in the past to limit the targeting of healthcare facilities, “that’s not the case anymore — I think the number of ransomware attacks against healthcare institutions has doubled in the last five years.” Cryptocurrency players were also a top target, with the top nine crypto breaches costing a staggering $2.7 billion — the FTX attack alone cost $477 million.

From there, Carielli discusses the increasing number of insider attacks (double-digit growth in 2022) and the value of a Zero Trust approach to defending against insider threats. And with more layoffs and geopolitical disruption expected, Carielli says it’s possible to see another double-digit increase in insider attacks in 2023.

Wrozek, the lead author of the new report Top Cybersecurity Threats In 2023, says one of the threats quickly emerging in 2023 is generative AI. While an earlier episode of What It Means touched on some of the threats associated with generative AI, Wrozek says a newly emerging threat is the poisoning of data that fuels the generative AI models. To defend against that threat, more orgs are looking at embedding security expertise within ModelOps and DataOps teams or even training traditional developers on security best practices so that they’re a hybrid security/development resource. “And now you’ve got people who can rotate into the cybersecurity team and bring that tribal knowledge with them,” he says.

Throughout the episode, the analysts cite specific incidents that have happened in the past year, including attacks against the City of Dallas, Shanghai National Police (China), Optus, and Cash App. The episode closes with a review of some of the threats that didn’t make the list this year but still merit the attention of security leaders, so be sure to stick around for that.