The nature of the threat situation has been a constant in the security industry. For years, analysts have been predicting the growth of threats, which has left many wondering why, despite significant investments in security, these threats continue to proliferate.
One key factor behind this ongoing trend is the independence of threat existence and intensity from an organization’s security efforts. While investment in security can reduce the risk of harm from threats, it does not directly impact the threats themselves. An interesting concept to consider is the idea of “herd immunity,” wherein a large portion of potential targets implementing certain security controls can affect the overall threat intensity. Essentially, if the chances of being successful with a certain approach are minimized, threat actors may abandon that approach in favor of something else.
Furthermore, threat actors’ ability to evolve their capabilities is a significant driving force behind the continuous growth of threats. These actors are adept at advancing their capabilities, primarily due to their ability to operate as a syndicate and share information at a much higher level than the defense side. This superior level of information sharing is fueled by threat actors’ lack of concerns about legal implications, mandates, privacy, or IP protection. In essence, if sharing information makes sense for them to achieve their goals, they will do so, regardless of the potential implications.
Another crucial point to consider is the optimization of threat actors’ techniques towards achieving their objectives. They do not necessarily need to produce more advanced attack techniques, but rather focus on producing more effective ones. Ultimately, their goal is to achieve their objectives, and if there are simpler and more efficient means to do so, they will prioritize those over complex alternatives.
This brings us to the idea of a Darwinian effect within the threat community. Just as species in the natural world do not necessarily evolve towards better, advanced traits to survive, threat actors may not necessarily produce more advanced Techniques, Tactics, and Procedures (TTPs) to achieve their objectives. Instead, they focus on survival and achieving their objectives within the context they operate in.
Within the evolving landscape of cybersecurity threats, the potential outcome of threat activity also continues to grow. The increasing circulation of money and the interconnectedness of the modern world provide more opportunities for criminal activity, including cyberattacks. As a result, the potential pool of targets for threat actors continues to expand, leading to a natural increase in attempts to cause harm online.
In light of these factors, it becomes evident that predicting the continuous growth of threats is not an act of defeatism but rather a realistic assessment of the evolving threat landscape. While it is important to do everything possible to mitigate the risk of suffering from these threats, it is equally important to recognize that the problem will never be completely “solved.” The fight against threats in the digital sphere will be an ongoing and continuous effort that requires constant adaptation and vigilance.
As the Vice President Cyber Security Evangelist at Securonix, Augusto Barros plays a critical role in strategically delivering top-tier threat detection and response solutions. Leveraging his extensive experience in the security industry, Barros helps clients worldwide optimize their security operations and avoid cyber threats. His deep understanding of the evolving threat landscape positions Securonix as a visionary and leader in the space, empowering organizations to stay ahead of the constantly evolving threat landscape. For further information and insights from Augusto Barros, he can be reached online at: https://www.linkedin.com/in/apbarros/ and at the Securonix website: https://www.securonix.com/.