Cybersecurity predictions for 2022 and 2023
Former White House CIO: Human psyche essential in protecting against fraudsters.
When people think of cybersecurity, they typically think about technology and data. They should also be thinking about human behavior, according to Fortalice Solutions CEO Theresa Payton, who starred in the CBS TV show “Hunted” and is the only female White House chief information officer in history.
“You do need to make investments. But you’ve probably already made some good investments, so take a step back, study the human psyche, study the technology, and then decide where to put controls in place,” says Payton, who gave the opening keynote Wednesday at the CUNA Operations & Member Experience (OME) Council and CUNA Technology Council and CUNA Technology Council conference Wednesday in Las Vegas. “Many of the ideas don’t cost money. It’s looking at how cybercriminals are operating and thinking about ways to outthink and outmaneuver them.”
There are a lot of technologies to track and protect. According to a graphic from DOMO Analytics and The World Economic Forum from November 2021, every minute of every day includes an average of 12 million iMessages sent, 2,000,000 Snapchats sent, 167 million TikTok videos, $283,000 spent on Amazon, and many more transactions.
In the current marketplace, Payton says the most common cybercrime is business email compromise. Another burgeoning issue is deep fake audio editing technologies that allow cybercriminals to manipulate audio and use deep fakes to pretend to be a boss or CEO and “give authorization.” Payton says “everything is hackable, but credit unions looking to protect against this type of fraud build in more levels of protection, including texting codes and no longer using a public facing domain name to move money around.
Deep fake audio wasn’t around when Payton entered the cybersecurity world. And she knows she’ll be around for many more adaptations of cybercrime, such as QR codes and the potential adoption of quantum computing. She makes predictions two years ahead of time, outlining paths she expects cybercriminals to take going forward.
Payton’s predictions for 2022, which were made in 2020, include:
- A 5G smart city will be held for ransom and taken offline. “Ask yourself where you operate and where your third-party vendors typically operate,” Payton says of how credit unions can prepare for this type of attack. “Ask your service providers what their backup plans are.”
- A mini black swan banking event. Payton believes fraudsters will hack into a bank, get away with a little money, and overhype it with a disinformation manipulation campaign.
- Artificial intelligence (AI) drives misinformation campaigns, targeting companies without human intervention. “Have a pre-debunking strategy,” Payton says of how to combat misinformation campaigns. “How would you get to the members? How would you get them the truth? Just have a playbook.”
Payton’s predictions for 2023 include:
- Space will be hacked. As low-orbit satellites become more integral to humanity’s infrastructure, they are going to be targeted by cybercriminals.
- AI code generators will produce dormant security flaws. "My concern is there will be dormant security flaws in AI-generated code,” Payton says. “Ask your third-party developer: How do you do your code generation and code development? And do you have a third party ethically hack your code before you deliver it to me?”
- Forgeries and theft rock the blockchain. "A lot of people believe the blockchain is unhackable, impenetrable,” Payton says. “There are chinks in the armor and I believe fraudsters will create deep-fake forgeries and people won’t realize it until it’s too late.”