Cybersecurity Trends Predictions That Will Mark 2023
Vectra AI released its 2023 predictions, revealing the emerging trends that will shape cybersecurity in the coming year.
Christian Borst and Brian Neuhaus, CTO for the Americas at Vectra AI, have outlined several trends that they believe will significantly impact the cybersecurity industry in the coming year.
Cybersecurity trends 2023
Supply chain attacks will continue, but hackers will look beyond the “usual targets” to wreak havoc: Attackers will continue to cause maximum disruption in the form of supply chain attacks, but instead of targeting key suppliers, they will look beyond the “usual targets” to gain access to networks. For example, they might include legal or accounting firms.
A holistic approach can help turn the tables: Supply chain means partnership; partnership means collaboration and mutual support. Businesses can only thrive in the digital economy as an interconnected “mesh” structure with consistent resilience. This includes making sure they review the security policies of everyone in the chain.
Organizations will use automation to recover from ransomware attacks: Traditional recovery procedures after a ransomware attack are costly and time-consuming, so in 2023, we will see organizations turn to automation through infrastructure as code (IaC), to reduce downtime. Through IaC, organizations can develop scripts that enable critical self-healing infrastructures to return to action automatically. Ultimately, rebuilding a broken infrastructure from scratch is a much faster process than restoring it, thanks to automation.
Analysts’ increasing fatigue and resignation will cause them to shift from protecting the castle walls to detecting and responding: Attackers continue to breach the castle walls, leading to fatigue and potential resignations among cybersecurity professionals. Instead of working on preventing these attacks and avoiding employee burnout, we will see a shift needed to focus on reducing the impact of an attack. This means building resilience within the organization, spanning people, processes and technology, and focusing on early detection and robust response rather than protection and prevention. This will allow us to identify suspicious activities and the type of behaviours that an adversary will show as part of the development of an attack. The key is to detect attacks in progress so you can stop them before a breach occurs.
Multi-factor authentication (MFA) will continue to be one of the main targets of attackers: With identity attacks on the rise in 2023, attackers will continue to take advantage of vulnerable MFA methods. As enterprises continue to roll out MFA, attackers will continue to take advantage by inundating end users with brute-force login requests or through clever phishing campaigns. End users will be directly targeted by attackers, which means that organisations and consumers will need to be more aware than ever of the risks to their digital identities. In the meantime, organizations must ensure they have tools to detect suspicious login activity and stop it.
Quantum – attackers will start stealing and saving encrypted data to decrypt it in a post-quantum world: It’s easy to know the reason for a cyberattack in incidents like ransomware, but what about incidents that we don’t detect or that involve data that we’re sure is safe from decryption? Advances in quantum computing will force security managers in 2023 to start thinking about this encrypted sensitive data in a post-quantum world. However, this approach will also attract the attention of attackers. Instead of bypassing encrypted data that was previously protected, they will try to get hold of the data and keep it stored to sell or decrypt it later.
Proponents should not rest on their encryption laurels and start noting what NIST (National Institute of Standards and Technology) is doing this year on post-quantum encryption for action in the coming years.
As the war for talent escalates, security companies will need to develop creative ways to recruit and retain workers: In an increasingly globalized labour market where workers seek new opportunities, cybersecurity companies risk losing talent to traditional technology companies. As an industry that is no stranger to burnout and stress, cybersecurity companies must ensure that they can prove that they are an attractive team to work for.
This is to fend off competition from tech companies that can often offer lucrative salaries and superior work-life balance. To achieve this, cybersecurity companies need to take a more progressive approach, which could include offering flexible working arrangements, performance incentives, and health and wellness policies.
The public and private sectors will prepare for cyberattacks from nation-states: Cyber warfare will remain a real threat in 2023, from broader use of known Tactics, Techniques, and Procedures (TTP) to unknown zero-day capital waiting for the strategically right moment to deploy against enemies. Zero days carry great economic weight, costing many millions of dollars to develop, but the payoff is that they cause equally devastating losses when first deployed.
Leaders of public and private sector organizations will start paying real attention, investing more in incident response and the speed at which vulnerabilities are managed in the coming year to limit the blast radius of these types of weapons. Cybernetic Thus, Security managers will begin to accept that understanding the posture is critical to getting the risk of an unpatched or potential zero-day probability. Posture, detection and rapid response will be paramount next year.
Labelling: IoT device and software labelling take hold: Following a series of high-profile cybersecurity incidents in the software supply chain this year, the resulting frenzy of US executive orders will see most companies respond by 2023. One of these executive orders (14028) mandated NIST to put tagging programs in place on all programs and devices, from door locks to business software. Specifically, Section 4 of OE 14028 points in the same direction as food nutrition labels today.
The tags must indicate precise data about the privacy and security parameters of the information of the product and the organization. A key piece of information from the labels should be the length of time a company will support its software since a physical device can last longer than the support time of a product.
This is especially important in terms of vulnerability management. Beyond the United States, governments around the world are taking similar steps. And why would we want governments to act otherwise? These tags are good enough for one’s health, so why not use them for something equally important, our personal information? This will go from just guidance to gaining a foothold this year in consumer and enterprise offerings. And why would we want governments to act otherwise?
These tags are good enough for one’s health, so why not use them for something equally important, our personal information? This will go from being just guidance to gaining a foothold this year in consumer and enterprise offerings. And why would we want governments to act otherwise?
These tags are good enough for one’s health, so why not use them for something equally important, our personal information? This will go from being just guidance to gaining a foothold this year in consumer and enterprise offerings.