• Current students
      • Student centre
        Enrol on a course/exam
        My enrolments
        Exam results
        Mock exams
      • Course information
        Students FAQs
        Student induction
        Course enrolment information
        F2f student events
        Key dates
        Book distribution
        Timetables
        FAE elective information
        CPA Ireland student
      • Exams
        CAP1 exam
        CAP2 exam
        FAE exam
        Access support/reasonable accommodation
        E-Assessment information
        Exam and appeals regulations/exam rules
        Timetables for exams & interim assessments
        Sample papers
        Practice papers
        Extenuating circumstances
        PEC/FAEC reports
        Information and appeals scheme
        Certified statements of results
        JIEB: NI Insolvency Qualification
      • CA Diary resources
        Mentors: Getting started on the CA Diary
        CA Diary for Flexible Route FAQs
      • Admission to membership
        Joining as a reciprocal member
        Admission to Membership Ceremonies
        Admissions FAQs
      • Support & services
        Recruitment to and transferring of training contracts
        CASSI
        Student supports and wellbeing
        Audit qualification
        Diversity and Inclusion Committee
    • Students

      View all the services available for students of the Institute

      Read More
  • Becoming a student
      • About Chartered Accountancy
        The Chartered difference
        Student benefits
        Study in Northern Ireland
        Events
        Hear from past students
        Become a Chartered Accountant podcast series
      • Entry routes
        College
        Working
        Accounting Technicians
        School leavers
        Member of another body
        CPA student
        International student
        Flexible Route
        Training Contract
      • Course description
        CAP1
        CAP2
        FAE
        Our education offering
      • Apply
        How to apply
        Exemptions guide
        Fees & payment options
        External students
      • Training vacancies
        Training vacancies search
        Training firms list
        Large training firms
        Milkround
        Recruitment to and transferring of training contract
      • Support & services
        Becoming a student FAQs
        School Bootcamp
        Register for a school visit
        Third Level Hub
        Who to contact for employers
    • Becoming a
      student

      Study with us

      Read More
  • Members
      • Members Hub
        My account
        Member subscriptions
        Newly admitted members
        Annual returns
        Application forms
        CPD/events
        Member services A-Z
        District societies
        Professional Standards
        ACA Professionals
        Careers development
        Recruitment service
        Diversity and Inclusion Committee
      • Members in practice
        Going into practice
        Managing your practice FAQs
        Practice compliance FAQs
        Toolkits and resources
        Audit FAQs
        Practice Consulting services
        Practice News/Practice Matters
        Practice Link
      • In business
        Networking and special interest groups
        Articles
      • Overseas members
        Home
        Key supports
        Tax for returning Irish members
        Networks and people
      • Public sector
        Public sector presentations
      • Member benefits
        Member benefits
      • Support & services
        Letters of good standing form
        Member FAQs
        AML confidential disclosure form
        Institute Technical content
        TaxSource Total
        The Educational Requirements for the Audit Qualification
        Pocket diaries
        Thrive Hub
    • Members

      View member services

      Read More
  • Employers
      • Training organisations
        Authorise to train
        Training in business
        Manage my students
        Incentive Scheme
        Recruitment to and transferring of training contracts
        Securing and retaining the best talent
        Tips on writing a job specification
      • Training
        In-house training
        Training tickets
      • Recruitment services
        Hire a qualified Chartered Accountant
        Hire a trainee student
      • Non executive directors recruitment service
      • Support & services
        Hire members: log a job vacancy
        Firm/employers FAQs
        Training ticket FAQs
        Authorisations
        Hire a room
        Who to contact for employers
    • Employers

      Services to support your business

      Read More
☰
  • Find a firm
  • Jobs
  • Login
☰
  • Home
  • Knowledge centre
  • Professional development
  • About us
  • Shop
  • News
Search
View Cart 0 Item

News

  • Home/
  • News for RSS feed 3
☰
  • News
  • News archive
    • 2024
    • 2023
  • Press releases
    • 2025
    • 2024
    • 2023
  • Newsletters
  • Press contacts
  • Media downloads

Four cybersecurity vulnerabilities to be vigilant against in H2

Sep 08, 2023

Navigating the evolving cyber threat landscape demands vigilance. Aaron Hambleton explores four critical vulnerabilities shaping the second half of 2023

In the ever-evolving landscape of business technology, the second half of the year presents a host of challenges that demand the unwavering attention of organisations and cybersecurity experts.

As organisations navigate this dynamic environment, it is imperative to be acutely aware of the vulnerabilities that loom large on the horizon, poised to test the resilience of businesses and their security measures.

As we delve into the nuances of these vulnerabilities, it becomes evident that vigilance and proactive measures are the keys to safeguarding organisations.

Here are four vulnerabilities organisations and businesses should be aware of going into the second half of 2023.

1. AI-powered social engineering attacks

Artificial intelligence (AI) has entered almost all spheres of the business world. While AI brings numerous benefits and advancements, it also introduces new cybersecurity risks, such as social engineering attacks.

These attacks use manipulative tactics to deceive the victims into revealing sensitive information or trespassing organisations’ security infrastructure.

To execute these attacks, cybercriminals rely on AI-based natural language processing (NLP) algorithms to generate more realistic and human-like phishing emails, chatbot interactions or voice calls.

According to Forbes, “AI technology is advancing so rapidly that hackers are very possibly developing their own custom AI applications specifically designed to take social engineering to the next level.”

Detecting these malicious campaigns is getting harder for the average employee, which is why significant training is required to know what to look for and how to prevent escalation.

2. Cloud-based breaches

Cloud computing has become the norm in today’s digital landscape, offering scalability, flexibility and cost-efficiency to businesses. However, the widespread adoption of cloud services exposes organisations to new cybersecurity threats, making them a major concern in 2023.

Cybercriminals target cloud environments to exploit misconfigurations, weak access controls or insecure application programming interfaces (APIs).

A recent example of the consequences of cloud misconfigurations is the Toyota data leak, in which the personal information of over two million customers was exposed after an access key was leaked on GitHub for almost five years.

“Upon discovering the GitHub [repository], Toyota immediately made it private. Two days later, the company changed the access key to the data server. The Japanese giant commissioned an investigation into the blunder and was unable to confirm or deny whether miscreants had spotted and used the key to pilfer data from the server,” reports The Register.

3. Enhanced phishing attacks

Phishing attacks involve cybercriminals posing as trustworthy entities with the intention of deceiving individuals into divulging sensitive information or performing malicious actions.

With over 500 million phishing attacks reported in the US in 2022, this number is expected to rise further this year. Threat actors are continuously refining their techniques to make phishing emails and messages appear more genuine and convincing, which takes a trained eye to spot.

4. Zero-day vulnerabilities in supply chain attacks

With the increasing complexity of supply chains and the interconnectivity of various systems, zero-day vulnerabilities are expected to be a significant cybersecurity threat in the second half of 2023.

A zero-day attack is a strategic exploitation that involves the use of previously unknown vulnerabilities in the supply chain and has no available patches or fixes.

These vulnerabilities in the supply chain can have severe consequences, allowing attackers to compromise the integrity and security of products and services. They can lead to data breaches, unauthorised access, and the potential for sabotage or manipulation of systems.

Aaron Hambleton is Director for Middle East & Africa at SecurityHQ

You can read their full white paper, Global Threat Forecast: H2 2023 Predictions, at securityhq.com

The latest news to your inbox

Please enter a valid email address You have entered an invalid email address.

Useful links

  • Current students
  • Becoming a student
  • Knowledge centre
  • Shop
  • District societies

Get in touch

Dublin HQ

Chartered Accountants
House, 47-49 Pearse St,
Dublin 2, D02 YN40, Ireland

TEL: +353 1 637 7200
Belfast HQ

The Linenhall
32-38 Linenhall Street, Belfast,
Antrim, BT2 8BG, United Kingdom

TEL: +44 28 9043 5840

Connect with us

Something wrong?

Is the website not looking right/working right for you?
Browser support
CAW Footer Logo-min
GAA Footer Logo-min
CCAB-I Footer Logo-min
ABN_Logo-min

© Copyright Chartered Accountants Ireland 2020. All Rights Reserved.

☰
  • Terms & conditions
  • Privacy statement
  • Event privacy notice
  • Sitemap
LOADING...

Please wait while the page loads.