Guest Blog by Dragos Stanescu, Co-Founder | Board Member, SYN Cubes.
2023 Cybersecurity Predictions: Navigating the Impact of ChatGPT, Economic Downturn, and Layoffs
As the CEO of an offensive security startup, “predicting” trends is an essential skill. And this is possible by connecting as many dots as possible from as many sources.
I might be a little late to the 2023 cybersecurity predictions party; however, I’ll try jumping on this bandwagon and describe in a few words a few possible effects of the current overall existing state of affairs, focusing on the economic downturn and the mass usage of ChatGPT who rocked the world starting with the end of 2022. Without any further ado, let’s dive in and line up a couple of hot topics that I consider essential to watch for further developments.
We are witnessing top companies laying off a significant number of people this time; we are talking about 100,000 people roughly, with more to come. What makes this time slightly different from the last time when something similar happened, like a couple of years ago, is that some of them are highly trained SRE engineers with solid cloud engineering or offensive experience. This is a big pool of talent with a lot of experience and training, paid for by their previous employers over many years.
Many of those laid off come from places like FANG (Facebook / Amazon / Netflix / Google), Microsoft, etc., meaning that what once was for defending the castle is now part of a surviving scenario. And what is more concerning is that these assets are highly skilled and trained with SRE playbook knowledge and other similar offensive cyber skills.
It should not be a surprise that the current “open to work” people mass is expected to generate rogue actors, approached by nation-state entities or other malicious actors.
2. The LLM technology
Beyond anything else, this is one of the most remarkable moves Microsoft has made since Windows XP. By supporting OpenAI and helping them scale ChatGPT, they managed to shift the balance to their advantage, at least for the moment and enabled the world with an unregulated IBM Watson-like feature.
Thus, there are at least a couple of nuances here that stand out from the rest, like:
— A growing number of software engineers will rely on LLM-based chat features, blindly trusting the output and embedding it into their production applications. Like the GitHub Copilot feature, it was proven that the generated code could be notoriously vulnerable to basic but deadly security issues.
— Except for Bing, Google and other similar search engines will significantly decrease usage, implying that their ad revenue will gradually decrease. Google’s search engine is already under fire for promoting ads pointing to malware. Furthermore, the Yahoo search engine is planning a comeback. This will diversify even more threat actors’ options.
— Pen testing-wise, with the LLM options on the game, what used to work in the past, from the issue ratings, reporting style, and executing the engagement, won’t work anymore. From the feedback received at the end of 2022, CISO and CTO started to show SaaS fatigue.
Many CTOs expect the pen testing vendors to focus more on uncovering impactful issues and providing a certain level of support in remediating some problems in hybrid security consulting. Furthermore, there is an increased appetite for strong data encryption at rest.
3. “Before anything else, love goes through the stomach.”
Cybercrime is expected to go rampant, with companies facing more complex attack vectors while having a reduced capacity, skill set, and budget required to defend and respond appropriately.
In conclusion, with the Cloud becoming increasingly complex and the rise of LLM “arms race,” here are some points that a company can expand while looking to maintain a strong security posture:
- Keep its data encrypted at rest, in transit, and in use.
- Pinpoint and maintain an accurate registry with the company’s exposed assets.
- Have a mature third-party security assessment process.
- Execute penetration testing focused on added value.
It should be noted that Ukraine’s war adds a few more layers of complexity to the equation. In the last 5 months, specialized US agencies warned that well-coordinated and increasingly sophisticated attacks target US and NATO’s allies’ related businesses.
Surviving this year should be your top priority if you are in the startup space. Companies that do this and, ideally, stay cash positive until the end of the first quarter of 2024 will almost certainly see their value double, making them attractive to more experienced investors.