Expert Predictions For Cybersecurity in 2023

We’ve collected industry expert predictions on the future of cybersecurity in 2023.

 
2022 was a big year for cybersecurity, with cyberattacks and data breaches, innovative phishing attacks, privacy concerns, and of course, zero-day vulnerabilities.

We asked a panel of experts to provide their predictions on what the cybersecurity landscape will look like in 2023.

 

Ben Brigida, Director of SOC Operations at Expel 

 

 
“My prediction for 2023 is that we will witness an increase in MFA push notification fatigue attacks. Why? Because they’re working. More and more, organisations are turning to cloud access identity providers for single sign-on capabilities. Attackers know that if they can get their hands on credentials for these platforms, they’ll get access to critical business applications—not just email. So they’re sending multiple push notification requests to users and hoping the user will just approve one to make the notifications stop. Our Q3 2022 Quarterly Threat Report found that MFA and conditional access were configured for more than 80% of successful compromises, but the attacker simply wore down the user with MFA requests until they finally approved. A high-profile example of this is the recent Uber hack, in which the attacker disguised themselves as Uber’s IT team and told the target the only way to get rid of the unrelenting notifications was to accept one. 

“We can expect to see this continue into next year and businesses must be prepared. Security teams have a few options for preventing this tactic. They can disable push notifications and instead require users to enter a PIN or use a FIDO-compliant MFA solution. If that’s unrealistic, control push notifications using number matching—a setting that requires the user to enter numbers from the identity platform into their MFA app to approve the authentication request. Microsoft, Duo, and Okta all support this feature. When this happens, we expect to see a shift in MFA bypass techniques. But until then, this technique will continue to be used more and more in identity-based attacks.”
 

Ramsés Gallego, International Chief Technology Officer at CyberRes

 

 
“The past few decades have seen businesses invest in modern technologies such as IoT and cloud services, and emerging technologies like AI and machine learning. Those technology tools, however, have been created in silos, which brings to question how they are managed and governed. 

“So, as we look into the future, in 2023 and beyond, automation and orchestration will continue to be the name of the game. Orchestration can help unite disparate systems and tools, while automation can reduce human error and enhance and amplify humans’ skills in managing the digital ecosystem. 

“This is particularly important as we know technology alone isn’t enough and it’s not just a lack of human interaction that’s cause for concern. We need to trust in the entire ecosystem to enable people to embrace technology, and hopefully, in 2023, we’ll see a positive shift in this direction which we expect will be introduced by increased adoption of automation and orchestration tools. 

“Additionally, cybersecurity will continue to be a boardroom priority, and we’ll likely see application protection fall into the spotlight. Application security, for instance, is a hugely important pillar of any security strategy that has often been neglected. This is mostly because, over recent years focus has – rightly so – been on viruses and ransomware, redirecting cybercriminals to go after the source. This is forcing businesses to look at how secure and robust the code that hosts their data is. Often developers are based in far-away locations, making it difficult to have oversight as to whether they’re building the right code, at the right time, and using the right approach. In 2023, we’ll likely see these code developers under increased scrutiny and organisations demanding more transparency. 

“Moreover, AI and regulation will continue to be a hot topic of debate, but I won’t hold my breath for any concrete developments in the immediate future. While the willingness to regulate is there and proposals have been put forward, what this will look like in practice is yet to be agreed on worldwide, and it could be some time before we see solid legislation and regulation introduced.”
 

Bob Huber, Chief Security Officer and Head of Research at Tenable

 

 
“With the UK having the highest number of cyber crime victims per million internet users, it’s vital that organisations take into account the new threat vectors that could be used as well as the traditional tactics that could transcend into the metaverse. Progressive organisations that start by re-evaluating their current existing infrastructure today will be better equipped to navigate and build out their metaverse worlds”
 

For any questions, comments or features, please contact us directly.

 

Paulo Henriques, Head of Cyber Security Operations at exponential-e

 

 
“Hacking is now an industry in itself. Organised crime groups made up of thousands of cyber criminals – for whom ransomware is a full-time job – can now be found in all corners of the web. They tend to have deeply sophisticated networks and be highly intricate and rehearsed, thanks to the huge wealth of resources they have available to proactively seek vulnerabilities in businesses of all sizes. All of which means most tend to be pretty much 24/7 operations. 

“We expect to see concerted efforts to tackle and break the billion-dollar ransomware business model in the year ahead. Apathetic approaches to security have repeatedly been exposed in recent times, largely because so many companies have no remediation plan in place to reduce the number of days of downtime they could face following attacks. 

“We expect that to change in 2023 as the volume of breaches continues to rocket. Defence strategies are likely to be more geared towards proactively removing vulnerabilities,  anticipating cyber attacks, cutting off successful ones at the source. They’re essential changes too. Cybergangs will continue to lay the groundwork for carefully orchestrated attacks, so we all need to be ready.” 
 

Ulfar Erlingsson, Chief Architect at Lacework

 

 
“Cloud complexities are increasing as more applications and workloads are migrated. Being based on frequently-upgraded services and open-source software, moving to the cloud requires continuous development, adopting secure software practices and a shift left organisational change. 

“Shift left” describes how security can be incorporated into earlier stages of the software development lifecycle – so security and developers work as a team. This is important for cloud software because, even if your own developers never make any mistakes, there is always a chance that new vulnerabilities and security issues will be included into the latest software build. The sooner such risks can be mitigated, the better your security outcome. 

“Companies won’t be able to build out cloud security by themselves. To move quickly, but without undue risk, they will need to leverage technology partners and choose a security technology partner that can automate most of the heavy lifting.

“If you want to secure your cloud, you need comprehensive visibility into your cloud operations. Not just collecting unstructured piles of security-relevant records and logs about assets and behaviours, but aggregating a summary view of your cloud environment that can be understood by security and devops teams, to ensure no blind spots.”
 

Alia Mahmud, Regulatory Affairs Specialist at ComplyAdvantage

 

 
“From WeChat to Alipay, super apps are the norm in the East and this trend is now moving towards the West with the rise of all-in-one apps resulting in billions of people carrying out a large part of their mobile activities from a single app, from messaging friends, ordering products and services, ridesharing and banking. Although these super apps offer convenience to consumers, they are also convenient for fraudsters. With a platform to collude on and share information through, criminals can target super apps for account takeovers, to set up fake accounts using stolen personal details, abuse referral systems, and commit payment fraud.

“With talk of Meta, Twitter, and Uber going ‘super’ with the introduction of features like payment services, traditional fraud prevention methods might become ineffective. Any firm considering this route needs to ensure its processes, controls, and technology can effectively detect and prevent financial crimes. Otherwise, these apps will be vulnerable to criminals.”
 

For any questions, comments or features, please contact us directly.

 

Roger Walton, Chief Revenue Officer at Resistant AI

 

 
“Behavioural monitoring takes precedence over ‘whac-a-mole’: For years, large organisations have responded to threats on a case-by-case basis — essentially whacking each pest as it rears its head above the parapet. Behavioural monitoring, powered by AI and machine learning, will take precedence. 

“DeFi and Blockchain will accelerate the need for ‘ongoing trusted identity’: Decentralised finance and blockchain will become ever more prominent, however this will naturally lead to an increase in fraud and money-laundering using these platforms. As a result, an “ongoing trusted identity” becomes critical.” 
 

Oz Alashe MBE, CEO at CybSafe

 

 
 “Ransomware has dominated the threat landscape—and the headlines—for the past five years. And it’s not going anywhere. At least not in 2023. In the last few months alone, criminals realised they don’t need to steal or sell data. That just takes too much time and effort. Simply threatening to delete the data produces the same result—getting organisations to pay up.

“Criminals infiltrate an organisation’s network, and demand a pay-out. If they don’t get one, they delete the data and move on to the next victim. This “wiper malware” has been on the rise, and we’ll likely be seeing a lot more of it in the coming year.

“To be clear, ransomware, wiperware, and any other type of malware are preventable. It starts with some basic cyber hygiene: network segmentation, backups, regular patching, and vulnerability assessments.

“A key part of any organisation’s cybersecurity defence is also its people. When people feel empowered to identify and report security incidents—they do. 

“But that kind of culture change doesn’t come from security awareness training. It’s the product of management taking time to understand security behaviours—why people do what they do, or don’t do what they’re supposed to—and how to influence them.”
 

Steve Forbes, Government Cybersecurity Advisor at Nominet Cyber

 

 
“Cyber hysteria and the Ukraine crisis: Almost a year ago, there were stark warnings of unprecedented use of cyber warfare in the lead up to the war in Ukraine which thankfully did not materialise. The majority of organisations haven’t reported a rise in cyber-attacks as a direct result of the conflict and that trend is expected to continue throughout 2023.

“However, what we will continue to see more of this year are organisations and the wider public impacted as a result of supply chain attacks as threat actors – some of which have been known to be affiliated with the Russian government – increasingly take aim at software developers and suppliers that they perceive as low hanging fruit. The most recent example of this being the cyber incident that occurred at the Royal Mail last week. 

“Security and working remotely: When the pandemic hit and employees had to switch to remote working, some of the policies that were put in place at the start of the pandemic that put productivity above security are still running today and have yet to be updated. For example, many organisations removed certain types of VPN because they didn’t have enough capacity to enable secure remote access, thereby removing some of those security layers in favour of increased output.

“In 2023, cybersecurity professionals are going to have a greater focus on this issue of mobility, and how we enable the same level of protection that we had in centralised workspaces but with a hybrid working model and the multitude of devices and geographies that come with it.”
 

For any questions, comments or features, please contact us directly.

 

John Linford, Security and Open Trusted Technology Forum Director at The Open Group

 

 
“Zero Trust has been a high-profile topic in cybersecurity for well over a decade now, but in recent years it has suddenly bloomed from being a promising future approach to being a fundamental component in enterprises’ security toolkits. According to one report, active Zero Trust implementation more than doubled in the year to August 2022, reaching more than half of businesses.

“This growth has had two major consequences. First, information security for businesses has been considerably strengthened. We know that Zero Trust can reduce data breach incidents by 50%, and so its rapid widespread adoption is something to be celebrated.

“The second, less encouraging consequence has been an accompanying growth of competing definitions around what it means to comply with the Zero Trust model, whether for an organisation to implement Zero Trust or for a product or service to aid in this. While the principle of Zero Trust might seem simple enough to state in theory, applying it in a production environment demands countless subtle decisions which affect the ultimate nature of the solution. This fact adds a layer of conceptual overhead to an undertaking which can already be daunting, requiring in-depth planning and cross-company collaboration in order to succeed.

“This is not a new story in technology; in fact, the origins of thinking behind Zero Trust can be traced to the Jericho Forum® Commandments. Once the idea or approach has proliferated sufficiently, a period of blossoming innovation as ideas are brought to market is often followed by a period of rationalisation as new or additional standards are created to ensure holistic benefits. So it is with Zero Trust: initiatives like NIST® 800-207 and The Open Group Zero Trust Architecture Working Group will establish the clarity Zero Trust needs in order to grow from being present at the majority of businesses, to being at the heart of most business processes.” 
 

 Allen Downs, Vice President of Security and Resiliency Services at Kyndryl

 

 
“There is an easy prediction that we could make about cybersecurity this year. A few months ago, a group of major industry players announced the Open Security Schema Framework (OCSF), an initiative which aims to standardise cybersecurity information sharing around a common data standard. It’s a deeply promising move, and one that’s long overdue: the modern CISO can often be found grappling with how to transform a patchwork of hastily-implemented solutions into a cohesive security stance, and seamless data integration could be exactly what we need.

“The truth is, though, that a fully-fledged standard will take longer to achieve than many enterprises have. Gaps between systems exist today and, despite economic headwinds, the drive for digital transformation is still there, creating an ongoing expansion of security needs. If we can’t wait for reinforcements to arrive to unpick this problem, we need to start now by auditing, rationalising, and streamlining what we’re buying for and how we’re using it security and resilience.

“It can’t be overstated how chaotic structures across security solutions put organisations at risk. That’s why my real prediction is that, this year, we will see clearer evidence of a non-correlation between security investment and security performance. While global cybersecurity spending continues to skyrocket year-on-year, major organisations will still be caught out by mismatched systems, whereas those who achieve a holistic view of their security and resilience stance will fare far better.”
 

Anthony DiBello, Vice President, Strategic Development at OpenText 

 

 
“Cybersecurity challenges in 2023 will be driven by global recessions, cryptocurrency risks and fluctuations, workforce and supply chain challenges, and international conflicts destabilising economic conditions in various geographies.

“These conditions will lead to an uptick in financially motivated identity theft driven both by individual desperation, and isolated economies such as Russia and North Korea. With disruption in the cryptocurrency markets, expect to see a small decline in ransomware attacks as criminals pivot to more direct financial theft and fraud, such as tax and credit card fraud schemes. For organisations, expect to see investment focused on fraud and insider threat detection as a result.

“As enterprises prepare for a recession, expect to see organisations look to consolidate the number of cybersecurity vendors they interact with and push to get more from the technology they already have in deployment. On the vendor side, expect to see consolidation through M&A, particularly as sigh-high valuations begin to drop to more consumable levels. As a result, there will likely be less cybersecurity startups entering the marketing in 2023 and existing vendors will focus more on practical solutions to near and present cybersecurity challenges.

“Past concerns regarding fraud and insider theft, those challenges will be securing the supply chain (physical and digital), and critical infrastructure. Bolstering security in these areas will be a huge focus for security leaders within those industries in 2023. Expect to see entrenched security vendors extend existing technology to better secure and monitor manufacturing and critical infrastructure environments (IoT Security) and the software development supply chain (DevSecOps) for cyberattacks.”
 

For any questions, comments or features, please contact us directly.

 

Brett Beranek, General Manager, Security & Biometrics at Nuance

 

 
“Financial services organisations of all sizes have seen digital interactions and call volumes rise over the last two years. Like all brands, banks must offer great customer experiences to remain competitive. But the nature of their business means security must always be a top priority. Traditionally, adding security meant adding friction to the customer and agent experience, so financial institutions will prioritise investments in technologies that strengthen security and CX simultaneously.

“Traditional authentication methods – such as PINs and passwords – are archaic and no longer fit for purpose. Passwords are being sold on the dark web, exploited for fraudulent activity and have even cost unfortunate individuals vast sums of money in terms of recovery if lost or stolen.

“In 2023, an increasing number of banks will turn to modern technologies – such as biometrics – to robustly safeguard customers. We’re already seeing banks get immense value—including 92% reductions in fraud losses and 85% increases in customer satisfaction—from biometrics solutions that eliminate authentication effort for customers while making life very tough indeed for fraudsters. Over the next 12 months, I expect to see many more financial services organisations following in their footsteps.”
 

Liron Ben-Horin, VP of Systems Engineering at OneLayer

 

 
“Private mobile network security is likely to become a priority for CISOs in 2023. This is due to the increasing use of private LTE and 5G networks, as well as IoT devices, which are becoming more prevalent in industries such as utilities, manufacturing, healthcare and mining. These devices are becoming more central to organizations’ digital transformation and growth plans, but they are also creating new challenges for security teams.

“This has led to private mobile networks becoming the optimal choice for IoT connectivity, but it has created new challenges which security teams will have to learn to face.”
 

Zeki Turedi, CTO EMEA at CrowdStrike

 

 
“Unfortunately, it seems likely that European organisations will suffer as badly as anywhere else from cybercrime in 2023. While some countries have developed a mature understanding of the risks and available defences, in Europe, the picture is more fragmented, with low levels of cybersecurity understanding common across some areas of the region. Most notably, a proportion of organisations are still sceptical about cloud technologies — or feel their hands are tied when making the right technology choices due to miss-understanding or confusion on local or regional regulations and privacy requirements.

“These attitudes will change over time. In fact, there can be no privacy without security. Data that has been stolen or leaked is no longer private, no matter what laws or regulations might apply. In turn, modern technology is needed to solve a modern threat, only next-generation, cloud-based cybersecurity solutions, drawing on big data from across the globe, are equal to the task of keeping any kind of data secure.

“Many countries across the globe expect their economies to approach recession during the coming year. Cost-cutting will be discussed at many companies, and cybersecurity budgets, having risen – on average – for many successive years, will certainly be under scrutiny. Reducing and consolidating the number of licensed products in the area may well make sense, although maintaining the best levels of security is not negotiable at any company. 

“Notwithstanding, many companies have far more tools than they need. Our own discussions with CISOs suggest it’s not uncommon for companies to have multiple licensed cybersecurity products at their disposal. This isn’t rendering them immune to attack and, in fact, security levels and team performance are suffering at many organisations due to redundant or excessive notifications and checks. Working towards a consolidated single point of truth through a united platform will not only yield cost savings, but also productivity and performance gains for cybersecurity analysts.”
 

For any questions, comments or features, please contact us directly.

 

Camilla Winlo, Head of Data Privacy at Gemserv

 

 
“The EU-US privacy framework will be an ongoing struggle: The EU announced at the end of 2022 that it is starting a formal adequacy review of the EU-US privacy framework that has been developed to replace the invalidated Privacy Shield arrangement. We expect that the EU will find the EU-US privacy framework adequate, and Max Schrems (who launched the court battles that sank the previous two agreements) will immediately challenge the decision in the Court of Justice of the European Union (CJEU) through his organisation noyb. A resolution is unlikely in 2023.

“Broader impact of regulatory enforcement against Big Tech firms: 2023 started with the Irish regulator, the Data Protection Commission, announcing €390 million of fines against Meta for GDPR breaches. They were also instructed to stop processing personal data for advertising targeting without valid consent. This is a blow to Meta’s business model, but all organisations that rely on Facebook and Instagram for advertising will also feel this. In practice, it will disproportionately affect smaller organisations, who benefit most from targeted social media advertising. We expect more decisions with similar network effects in 2023.”
 

Nick Vigier, Chief Information Security Officer at Talend

 

 
“In 2022, organizations focused on cloud security, but in 2023, they will shift their focus to data security and up the stack into data movement, provenance, health and governance driven by an increasing focus on data sovereignty, upcoming data regulations and frameworks such as the European Health Data Space.

“The CISO will move from technologist to risk advisor to top-line contributor thanks to businesses realizing they are there to protect the business and enable informed decision making around holistic trade-offs. In 2023, the CISO needs to behave like the rest of the C-Suite, not just managing bottom-line impact but achieving top-line contribution.

“Understanding data will have a tangible impact on culture – but only if it’s guarded. Those in leadership and security departments should encourage employees to treat data like a currency, as it comprises key business information. To maintain security of this valuable resource, creating a data culture, including controlled access, to foster a greater sense of data responsibility will be imperative.

“Simplification and consolidation of security stacks will lead to more effective ongoing risk management. Businesses that need to closely evaluate their spending will seek to consolidate tooling and approaches to provide holistic end-to-end security and risk perspectives.”
 

Nick Hogg, Director of Technical Training at Fortra

 

 
“Organisations will be re-evaluating their security awareness and compliance training programmes to move away from the traditional once-a-year, ‘box-ticking’ exercises that have proven to be less effective. The goal is to deliver ongoing training that keeps security and compliance concerns front and centre in employees’ minds, allowing them to better identify phishing and ransomware risks as well as reducing user error when handling sensitive data.

“They will also use digital transformation and ongoing cloud migration initiatives to re-evaluate their existing DLP and compliance policies. The goal is to ensure stronger protection of their sensitive data and meet compliance requirements, while replacing complex infrastructure and policies to reduce the management overhead and interruptions to legitimate business processes.

“Finally, organisations will be looking to plug gaps in their Microsoft 365 defences to combat increasingly sophisticated phishing, ransomware and spyware attacks, while reducing the time spent by security teams triaging and responding to reports of suspicious messages. In 2023, it will be important to provide security teams with automated analysis of risks within reported messages, along with identification of other messages that have entered the organisation as part of the same phishing campaign, in order to reduce time spent on triage and remediation.”
 

For any questions, comments or features, please contact us directly.

 

Aaron Cockerill, Chief Strategy Officer at Lookout

 

 
“On the whole, we expect 2023 to be similar in terms of the volume and severity of data breaches. What will be different is how attackers will execute the attacks that lead to these breaches. Because of the widespread adoption of cloud services—which is, no doubt, a good thing— bad actors have shifted gears from attacking unpatched systems and have opted instead to attack cloud services by executing account takeovers and exploiting cloud misconfigurations. We’ve observed that the majority of bad actors are either purchasing credentials on the dark web or mounting social engineering campaigns to gain access to these cloud systems.

“This means that tools that rely on breach detection through the presence of malicious code are going to be less effective. Breach detection that relies on user and entity behaviour analytics will be more effective. If there could be a headline for 2022 it would be “The Year of Ransomware.” If you look at the successful ransomware attacks in recent years, almost every single one was oriented around data theft and double extortion. At this point, attackers don’t need to go through the trouble of encrypting data. It’s more effective for them to be able to demonstrate that they’ve stolen data and receive their pay out.

“While two factor authentication is critical in the fight against data breaches, it alone is not enough at preventing them. In the future, the best of both worlds will be to move FIDO tokens to mobile devices. This technology would allow for the use of biometric sensors and many other contexts that would help to establish whether the authentication is legitimate or not.

“The burning issue now is data protection. In the next year, CISOs will need to worry less about malicious code installing on systems and worry more about the potential theft of data. The two areas of focus should be on better continuous user authentication and data protection. Since attackers are primarily focused on data, CISOs need to be able to understand when data is being attacked, stolen, or misused. Additionally, because malicious code has been used less by attackers, we need to be able to identify data breaches through things like anomalous data use. This is how we turn the tide against data breaches.”
 

John Stock, Product Manager at Outpost24

 

 
“The economic downturn fuels more sophisticated cyber crime. The current inflation and tightening of purse strings mean no-one has any money, everything is too expensive, adding more fuels to the growth in online fraud from the most basic cyber scam all the way up to highly sophisticated ransomware extortion, as cybercriminals try to get more money (probably to cover the growing power costs of bitcoin farms).

“On the other hand, governments will get tougher on cracking down fraud as they don’t have the money to lose anymore. As cyber crime becomes more mainstream, public education of cyber fraud has become more prevalent to raise awareness of fraudster’s tactics and how to avoid them, which means criminals will have to come up with even more elaborate ways to trick people.”
 

Erfan Shadabi, Cybersecurity Expert at comforte AG

 

 
“The cost of compliance: Business leaders should be treating these trends and threats with a certain degree of urgency. Why? Because of the increasingly complex and expansive regulatory landscape. Gartner predicts that by the end of 2024, three-quarters (75%) of the world’s population will have its personal data covered by privacy regulations. Although following the lead of the EU’s GDPR, many new laws have even harsher penalties such as jail time for executives.

“It’s critical that organizations keep a close eye on developments and seek out technology that can help to reduce the scope and cost of compliance of such regulations, by keeping data secure but still usable. Gartner predicts that privacy-enhancing computation technologies like data masking and encryption will be used by 60% of organizations in this way by 2025, in use cases like cloud computing and analytics. Crucially they can also help to mitigate the risk of accidental leakage, such as via misconfiguration of cloud systems. And they could help to minimize legal risk as more legal action is taken next year in light of the “Schrems 2” judgement on EU-US data flows”
 

For any questions, comments or features, please contact us directly.

 

Shlomo Kramer, CEO at Cato Networks

 

 
“Just as COVID caused a massive acceleration in digital transformation projects, the recession will accelerate security consolidation. Numerous studies indicate that enterprises maintain dozens of security tools. And with so many security tools, controls are fragmented resulting in reduced visibility, operational overhead increases with the need for extra personnel and skills to master the various tools, and gaps between tools are created leaving the cracks through which attackers can infiltrate.

“Most companies — 75% — expect to reduce the number of security vendors they use, replacing them with one, converged security platform. Due to recessionary factors, IT staff will be pressured more than ever to do more with less, accelerating the move towards “as a service” models. Numerous reports indicate that this recession will be unusual, not marked by the unemployment typical of a recession. But if layoffs are not part of the recession-coping toolbox, organizations will need to find other ways to reduce costs. Adoption of as-a-service models enables IT teams to tap expertise and tools that otherwise would be difficult to onboard.

“Most attacks will exploit unpatched known CVEs. Resource-constrained organizations will lag in their patching of critical CVEs, increasing the attack surface. As an example, six months after the launch of Log4J, Cato’s threat research stopped over 37M Log4J exploitation attempts on our customers alone; the next most frequent exploit had just 739,000 attempts. As CISA advised last year, Malicious cyber actors will most likely continue to use older known vulnerabilities…as long as they remain effective and systems remain unpatched. Adversaries’ use of known vulnerabilities complicates attribution, reduces costs, and minimizes risk because they are not investing in developing a zero-day exploit for their exclusive use, which they risk losing if it becomes known.

“The challenge of timely mitigation for supply chain attacks will drive the adoption of virtual patching solutions. The attack on SolarWinds software highlighted the security risks within the supply chain, but Log4J, the exploit in the SolarWinds attack, exists in numerous other commercial and homegrown applications. Patching so many components against Log4J and the other supply chain exploits isn’t feasible. What’s required is a holistic mitigation to this problem, so-called “virtual patching,” where network defences, such as IPS, can be used to protect vulnerable resources within the network until they can be properly updated.”

“Crime-as-a-Service is here to stay. Throughout 2022, initial access brokers (IABs) have become a prominent threat creating ‘crime-as-a-service,’ a real economy for the criminal underworld selling access to company networks on the dark web. In 2023, we’ll see IABs strike again, ransoming organizations for pay out, on the one hand, but also selling stolen information on the dark web.”
 

Darren Guccione, CEO and Co-Founder at Keeper Security

 

 
“Our research shows the average UK business experiences 44 cyberattacks per year, and two of them are successful. Data breaches from cyberattacks have devastating impacts to any business’ operations, finances and reputation, but customers are the ones who often experience the most painful damaging downstream effects.

“Consumers must be aware that cyberattacks put their data at risk. To protect themselves, everyone should utilize strong and unique passwords for all of their online accounts. This will limit sprawl if their information is stolen and posted to the dark web.

“They should change their passwords immediately if they discover their information has been compromised in a breach and should always enable strong forms of two-factor authentication, such as an authenticator app, which provides a second layer of protection. A password manager is a critical tool to create high-strength random passwords for every website, application and system.

“These users should be on high alert for phishing attacks that use their leaked information.  If a message looks suspicious, avoid clicking any links or responding.  The key is to ensure the URL of the destination website matches the authentic website.  When a password manager is used, it automatically identifies when a site’s URL doesn’t match what’s contained in the user’s vault, which provides a critical extra layer of security.

“Finally, a dark web monitoring tool such as BreachWatch will alert individuals if their data is available online, so they can take immediate action to protect themselves.”
 

Gareth Barber, Managing Director at We Are Your IT

 

 
“As an IT Managed Service Provider to SMEs, we’re seeing owners and managers elevate cyber security as a key priority to their business. It’s a seismic shift in attitude from even a year ago. Why? Small and medium-sized businesses are just as at risk of cyber attack as larger corporate businesses.

“Cyber attacks are increasing at an alarming rate. The UK government’s most recent Cyber Security Breaches Survey showed that 4 in 10 businesses experienced a cyber attack in 2022. Since many attacks aren’t reported, this figure is actually thought to be significantly higher.

“Only 54% of businesses acted in the last year to identify cyber risks — a figure that’s far too low in my opinion, especially when the average estimated cost of a cybersecurity breach is reportedly £19,400!

“In 2023, all businesses should be adopting a robust cyber security strategy. As MSPs, it’s important we help those businesses achieve that. Thankfully, awareness is heightened. Our prediction for 2023 — record numbers of SMEs will adopt cyber security strategies to better protect their business.”
 

For any questions, comments or features, please contact us directly.

 

Matt Aldridge, Principal Solutions Consultant at OpenText Security Solutions

 

 
“Deepfakes are now a reality and the technology that makes them possible is improving at a frightening pace. Basically, deepfakes are no longer just a catchy creation of science-fiction, and as cybersecurity experts we have the challenge to produce stronger ways to detect and deflect attacks that will deploy them.

“Machine learning models have already been released into the public domain which can automatically translate into different languages in real time whilst transcribing audio into text, and we’ve seen huge developments in recent years of computer bots having conversations. With all this working in tandem, there is a fertile landscape of attack tools that could lead to very dangerous circumstances during targeted attacks and well-orchestrated scams. In the coming years, we may be targeted by phone scams powered by deepfake technology that could impersonate a sales assistant, a business leader or even a family member. In less than ten years, we could be frequently targeted by these types of calls without ever realising we’re not talking to a human.

“These developments pose an escalating threat and to address it, we’ll need to open a new chapter for cybersecurity and evolve innovative approaches to dealing with deepfakes and generative AI threats.”
 

Jonathan Miles, Head of Strategic Intelligence and TI Risk Modelling at Mimecast

 

 
“The email and collaboration space, especially for the more disparately located organisations and teams, is their primary work surface, will see an increase in attacks, with TTP’s and Malware delivered across multiple platforms. But increasingly, this primary work surface is increasingly becoming the primary risk surface.

“Data is increasingly becoming used, moved, and retained for longer periods within these virtual environments. With this concatenation of people, communications, and data there are increased vectors and vulnerabilities that attackers will exploit. This convergence of technology, users, and the need to communicate and exchange data, provides a direct and accessible path to the mind, machine, and network of targeted victims. Malicious actors know that with this concentration of email address, multiple platforms, and technology assets have the potential to be accessed, and exploited.”
 

Ilan Barda, CEO at Radiflow

 

 
“In 2023 we predict 2 different paths due to the global situation: 1 for the public sector and 1 for the private sector.

 “In the public sector, CNI (Critical National Infrastructure) operators will accelerate their investments in OT security as the geo-political tension increases and drives concerns from state-sponsored cyber attacks. This will be driven by the governments using a mix of new OT cyber security regulations (EU NIS-Directive v2, Singapore CCOP, etc.) and by governments grants to support such operators in implementing OT security projects.

 “In the private manufacturing sector there will be a conflict between the pressure to reduce budgets due to the global uncertainty in the financial outlook while on the other hand the risk of cyber attacks on such enterprises is constantly growing and they can’t afford the financial loss and the reputation damage in case their critical production sites will be hit by such a cyber attack.

“It looks like pressure from boards and C-level executives to reduce costs is something that will affect organisations across the board in 2023. It will therefore be the year of smart, cost-effective strategies to ensure company infrastructure stays secure within a budget.

“Organisations will be reviewing their cybersecurity strategies to ensure that absolutely no resources go to waste. They can do this by using cybersecurity practices such as running OT-BAS (Breach and Attack Simulations) to understand what has a higher priority to defend combining business impact and the attack surface to prioritise security controls according to the tolerable business risks.

“In both the public sector and the private sector it will be important that the stakeholder will remember that the security landscape is very dynamic so their plans should also be constantly re-evaluated against the latest threats. Those responsible for cyber plans will need to focus on mapping out up-to-date vulnerabilities in order to present necessary prioritisation of threats and defences to key stakeholders, ensuring company safety while meeting budgeting demands.”
 

For any questions, comments or features, please contact us directly.

 

Mark Hughes, President of Security at DXC Technology

 

 
“The cybersecurity arms race will accelerate: With cybercriminals and cybersecurity experts both using technologies like AI to breach and protect connected systems, the cyber-race is getting ever more sophisticated. 2023 will allow us to put more trust in our automated security controls, helping to respond faster and more accurately to cyberattacks. While AI can automate this process, cybercriminals will use new forms of attack, forcing companies to innovate their defence.

“Geo-political cybersecurity attacks will increase: Russia’s invasion of Ukraine presented us with the reality that warfare is hybrid and the risk of geopolitically motivated cyberattacks is very much real. With continuing geopolitical tensions and more than 70 countries due to hold government elections in 2023, cybersecurity defences will face a challenging year – though lessons can be taken from Ukraine’s cybersecurity ‘exemplary’ response to Russia.

“Cybersecurity attacks will target critical national infrastructure: Operational technology (OT) cyber security will become an emerging battleground, with cyberattacks on systems controlling critical civilian infrastructure, such as power stations and dams. With many of these systems now connected to the internet and relying on increasing numbers of microchips, they are becoming increasingly prone to external malicious attacks at a time of growing geopolitical tensions.”
 

Adrian Nish, Head of Cyber at BAE Systems Digital Intelligence

 

 
“Over the last few years, ransomware attacks have risen in both sophistication and frequency. We’ve seen targets move from individual consumers, to small businesses, to large enterprises. In 2022, we even saw entire countries being held to ransom, including attacks on Costa Rica and Montenegro that crippled multiple government services. 

“Today’s ransomware criminals are getting bolder, homing in on large organisations that deliver critical value to society. As this landscape evolves, it is not outside the realm of possibility that 2023 could be the year that cyber criminals hold ‘the whole world to ransom’; from exploiting flaws in widely-used operating systems, to supply chain attacks in software used globally, to targeting international critical national infrastructure.

“Getting ahead of attackers is therefore paramount. This will involve collaboration between public and private sectors, sharing knowledge and working together to detect and respond to potential threats.”
 

Yoran Sirkis, Co-Founder & CEO at Seemplicity

 

 
“As digitization continues to skyrocket across all industries, organizations are adopting new technologies like never before, leaving them exposed to a wider variety of risks. To offset this, security teams run a wide range of robust security tools to monitor their companies’ ever-growing attack surface including cloud security, AppSec, Vulnerability Management, and more. But these tools are siloed, creating an enormous and often chaotic workload that’s challenging for even the most seasoned of CISOs. The current method of managing risk deduction doesn’t allow security teams to scale and hinders their ability to build a resilient security program focused on prevention, which will be essential in the coming year. 

“In 2023, a well-rounded security strategy will need to introduce automation into the day-to-day security processes. Automation can bridge fragmented processes and disparate security tools. With better management of resources, security teams will be able to focus more on security strategy rather than administration, work more efficiently and contribute to an improved security posture.”
 

Nick Bowling, Service Desk Manager at Central Networks

 

 
“A perfect storm for cybercriminals: As many organisations try to make cost savings in 2023, their focus will likely shift more towards prioritising the projects and products that seemingly offer more immediate and tangible value, as well as benefit within the tough economic climate. Those that deliver on security can sometimes be difficult to justify in budgets, meaning they get pushed aside. But with hybrid working now the norm and firms using more technologies to stay connected with staff and customers, cybersecurity and risk management measures need to take centre stage.

“If cybersecurity isn’t prioritised in 2023, cybercriminals will capitalise on poorly trained users and weak security within businesses’ ICT systems, and at a more accelerated rate than ever before. This could be paving the way for the worst year on record for cyberattack volumes. Also, for organisations that have cyber insurance, we will likely see increased policy prerequisites. And given that policies are often the driver for any security improvements, businesses won’t have the option to ignore implementing a robust cybersecurity strategy.

“‘Insider risk’ could grow: While there is a focus on implementing technologies like multi- and two-factor authentication to plug gaps and improve security, it’s possible that 2023 will see ‘inside jobs’ increase. This means more employees may be targeted by online scammers, in a bid to obtain key business-critical information or gain low-level access to ICT systems. If successful, this data could then be used by an attacker to access often weaker internal systems.

“Given statistics show that over 70% of global organisations were vistimised by ransomware attacks in 2022, these will likely continue to rise — with attackers showcasing even more intelligent and dangerous tactics. Regular training and penetration testing will therefore be an unnegotiable part of organisations’ security strategies.”
 

For any questions, comments or features, please contact us directly.

 

Chris Clinton, CTO and Cybersecurity expert at Naq Cyber

 

 
“Enhanced due diligence by enterprise and government: Supply chain security will be a crucial focus for enterprise and government organisations worldwide. Due diligence and certification requirements will be increasing in number and complexity, meaning all businesses, from freelancers to start-ups and larger organisations, will need to have a strategy in place for handling this burdensome exercise without impacting their business growth. 

“Focus on data sovereignty: Governments worldwide, particularly within the EU, are clamping down on ensuring data remains sovereign (i.e. data is not going to America). When choosing vendors to work with, it is imperative that all businesses perform proper due diligence on the company’s location and how they handle data under legislation like the UK and EU GDPR and the EU Data Act. 

“Script kiddies jumping on the AI bandwagon: Examples from tools like ChatGPT continue to be spread all over the internet, including in the creation of viruses and hacking techniques. As AI tools continue to increase in capability (including the release of GPT4 by OpenAI sometime this year), non-expert criminal hackers’ ability to produce dangerous hacking tools with minimal effort will increase, requiring all businesses to pay attention to the basics to protect themselves.”
 

Daniel Lewis, Executive Chairperson at Awen Collective

 

 
“Cyberattacks will continue to rise: From the smallest businesses to critical national infrastructure, 2023 will see public and private sector cyber defences tested to their limits. High profile incidents such as the recent Royal Mail disruption are just the tip of the iceberg – smaller, lower profile businesses and organisations are being hit by cyberattacks everyday and we’d expect to see increases in incidents as the year progresses.

“The current landscape underlines the need for businesses to ensure that they are investing in cybersecurity expertise. In Wales, we have a flourishing, devolved government-backed cybersecurity community that has a significant role to play in UK’s first line of defence against cyber attackers.

“Cyberattacks will become more sophisticated: 2023 will usher in more complex intrusions as cybercriminals continue to expand their capabilities. We’re seeing more sophisticated attacks as cybercriminals become empowered to take advantage of the often limited cyber-awareness among businesses – especially those that aren’t traditionally seen as digital-first businesses. For instance, manufacturers relying on internet-enabled operational technology may not always appreciate the cyber vulnerabilities that their tech poses. Working with experts to close these opportunities off to criminals is more important than ever.

“Cybercriminals will target financial and retail sectors as the Cost-of-Living crisis deepens: With the Cost-of-Living crisis deepening, cybercriminals will also use 2023 to attack financial and retail sectors to make the most disruptive impact. They tend to follow the latest trends in order to magnify their intended effects – we saw this during the pandemic, when the number of attacks on hospitals and pharmaceutical companies increased. Ultimately, businesses and individuals need to become as focused on cybersecurity as they are on their physical home security – you wouldn’t leave your front door open would you?”
 

Camellia Chan, CEO and Founder at X-PHY

 

 
 “In the year ahead, the cyberthreat landscape will continue to expand and diversify, while cybersecurity solutions providers race ahead to try and finally gain the upper hand. It is my hope that this will be the year that we finally find ourselves one step ahead, instead of playing catch up.

“It should come as no surprise that cyberattacks will not slow down this year, hastened by a multitude of factors such as a depressed economic climate, political instability, and a rise in cybercrime business rings such as RaaS providers. Beyond this harsh reality, we must also recognise that the greatest technological tools that we have at our disposal such as Artificial Intelligence (AI) can also be weaponised against us. Take ChatGPT for instance, which is already witnessing bad actors utilising the platform to generate copy for social engineering attacks and codes to launch simplified attacks.

“In 2022, I have advocated strongly for cybersecurity mindsets to shift towards a multi-layered approach that marries both more commonplace software solutions with hardware-based defences that adopt a Zero Trust framework. I believe that 2023 will be the year that we start to see a shift in this direction that takes us back to the core of data protection – a major shift in industry perception and standards that will necessitate collaboration between private and public sector organisations to roll out and accomplish effectively.”
 

Lauri Almann, Co-Founder at CybExer Technologies

 

 
“The War in Ukraine: The war in Ukraine will continue to shape the cyber security picture, particularly in Europe, in 2023. The less successful that Russia is in the battlefield, the more aggressively they will start targeting civilian infrastructure, resulting in spill-overs to international cyber-attacks. We saw this last year against Estonian, Latvian, Lithuanian and Polish targets, as well as the sophisticated cyber-attack by a pro-Kremlin group on the EU Parliament the day after it named Russia a state sponsor of terrorism.

“The relationships between the criminal underground in Russia and the government’s special services may spill out of control as the central authorities face increasing pressure from the battlefield. As sanctions start to bite deeper, technical shortcomings may drive actors to espionage, while a lack of cash may drive ransomware waves.

“Smart cities to be targeted: Cities are getting smarter, with a number of digital tools already being deployed to deliver services, and computer-controlled devices operating critical infrastructure surrounding hospitals, energy, traffic control and more. Wherever there is a digital footprint there is capacity for cybersecurity vulnerability, so it’s very likely that in 2023 we will witness more cyber-attacks against municipalities that have not yet addressed these weaknesses.

“The potential impact on citizens that results from disruption of these digital city services and critical infrastructures, potentially leading to reduced access to healthcare for example, or the loss of sensitive personal information, is too great a risk without commensurate protection of systems and data across the board. There needs to be broader awareness of the cyber threats facing our digital cities, and targeted investment schemes focused on creating both protection and effective response strategies.

“Arming cyber security and IT-specialists with the updated knowledge and training in cyber security will be crucial if we are to build a truly ‘smart’ city, embedding practical pre-emptive strategies into its blueprint, and instilling trust amongst end-users.”
 

For any questions, comments or features, please contact us directly.