Rachel Wilson, a managing director and head of cybersecurity for Morgan Stanley, said cybersecurity teams need to focus on four Rs: Russia, ransomware, resiliency and regulators.

Speaking this week at the Qualys Security Conference for the Americas, Wilson told attendees the cybersecurity landscape is dramatically different today after a sea change of events that have occurred over the last five years.

Cybercriminals, for example, working on behalf of the Russian government, have been opening fraudulent bank accounts around the world as part of an effort to stymie the flight of capital from Ukraine. After having their authentication gateways pummeled, banks have, at times, been forced to require customers looking to open new accounts to visit a branch because the system for managing that process had to be taken offline, said Wilson.

Even today, roughly 75% of new accounts being opened are fraudulent, she added.

There are, of course, other nation-states such as North Korea, Iran and China that have developed extensive expertise, but Russia has become more adept at advancing its agenda in a way that reduces the chances there will be retaliation or escalation, noted Wilson. “I’ve got a lot of new respect for Russia,” she said.

Ransomware, meanwhile, has evolved into a protection racket that is now similar to the methods organized crime syndicates used to extort money from shop owners. For a monthly fee, cybercriminal syndicates will not only pledge not to attack a company, they will also protect that organization from other cybercriminals, said Wilson.

When ransomware attacks are launched, they are becoming increasingly sophisticated as cybercriminals become more adept at identifying and attacking the crown jewels of an organization, she added.

In the face of these escalating threats, cybersecurity teams are being challenged by regulators to increase the resiliency of business processes. As a result, cybersecurity leaders are now required to explain how business processes are being secured on an end-to-end basis versus merely ensuring controls have been applied. In effect, the bar has been raised, said Wilson.

The cybersecurity landscape is likely to continue to evolve. It’s still early days as far as the use of artificial intelligence (AI) is concerned, but Wilson said organizations should expect the scope, scale and velocity of cyberattacks to increase substantially. The challenge, as always, will be getting business leaders to truly understand how new and existing threats will impact the business, she noted.

Naturally, the stress levels cybersecurity leaders experience tend to increase as threats escalate in both volume and sophistication. Hostile nation-states and cybercriminal syndicates have many more resources at their disposal than the average understaffed cybersecurity team. It’s not possible for cybersecurity teams to defend everything, so the focus needs to be on securing the assets that the business depends on to function. In effect, cybersecurity is now a game of risk arbitrage.

Of course, savvy cybersecurity leaders are doing everything they can to encourage IT operations teams and application developers to augment their meager forces. There may never be enough cybersecurity expertise available, but there are millions of professionals that have enough expertise that, when properly applied, could dramatically even the odds that today are stacked against more organizations.