What's in Store for Cybersecurity in 2023

2022 has been a busy year for cybersecurity professionals and cybercriminals alike. When we pulled out our crystal ball at the end of last year, we anticipated several trends that would influence the cybersecurity landscape.

For the most part, our projections came to pass. Before we speculate on 2023, let’s take a look back at the year that’s coming to an end. Threats like ransomware continue to plague organizations of all kinds, from government agencies to commercial enterprises. Many of these attacks involve double extortion schemes—where the attacker threatens to leak data in addition to encrypting it. As organizations sought to keep pace with ransomware gangs and other attacks, they often faced challenges posed by a complex environment that included cloud services and a distributed workforce. Maintaining visibility and control over users, applications, and data could hardly be said to have ever been more complicated.

In our 2022 trends, we foresaw the growth in ransomware affecting critical industries (check); talked about the challenges organizations would face maintaining visibility across distributed, increasingly cloud-focused environments (check); and that firmware-based attacks would make the news headlines (check). We also projected that the user experience of employees would drive job satisfaction as well as attrition (yes) and that application resilience adoption would pick up (check).

As the year enters the rearview mirror, it is time to look forward. Here is what we think will be in store for cybersecurity in 2023.

Work-from-home cybersecurity becomes a priority for businesses

To support the sudden shift to remote working, many organizations had to adopt a “move first, plan later” approach and leave their network-centric security bubble behind that allowed IT teams to own and control most of the network. As it has become increasingly clear that work-from-anywhere is here to stay (with corporate device locations steadily on the rise),  organizations have started to switch from short-term tactics to a long-term strategies that are centered around overcoming IT teams’ inconsistent visibility and control of endpoint devices and network access, which in turn impacts their ability to diagnose end user issues and remediate looming risks. Addressing this will also require organizations to take steps to enact strong access controls. Which brings us to our next trend.

Increase in adoption of software-defined perimeters leveraging Zero Trust Network Access

As 51% of organizations have seen evidence of compromised endpoints being used to access company data through remote access connections, Zero Trust has become a critical strategic focus for many organizations already. In the coming year, we foresee this trend will continue. As overlay networks, software-defined perimeter architectures help enable Zero Trust because of the segmentation of traffic. According to Gartner, the benefits of Zero Trust Network Access are immediate and “deliver significant benefits in user experience, agility, adaptability, and ease of policy management.” 

Economic conditions create more risk of insider threats

Tense elections and sticker shock at retail stores have put the public’s attention on the economy. In the new year, these conditions will create an environment ripe for cybercriminals looking for rogue employees willing to make extra money selling data or access to corporate resources. Guarding against this possibility will require an emphasis on strategic preparedness against insider threats. This entails finding ways to increase visibility and control over employees’ devices, particularly for organizations with a significant portion of their staff working remotely. IT and security practitioners need to understand at any given time if their employees’ endpoints contain sensitive data that would expose their organizations to any insider risk.

Ransomware attacks continue to wreak havoc

If something is working, why change? The ransomware business is going strong for attackers, and the Ransomware-as-a-Service model has made launching attacks that much easier. We expect these attacks to continue to affect organizations across the public and private sectors. It will be vital for enterprise IT leaders to focus on ransomware preparedness, especially the ability to recover endpoints and critical infrastructure such as Active Directory in the event of an attack.

Cyber resilience becomes a new KPI for organizations

Despite the long-standing belief that deploying more security solutions will result in greater protection against threats, the truth of the matter can be very different. That’s because every security application added to an endpoint device has the potential to increase complexity and risk exposure, contribute to application decay and collision, as well as affect the overall health of the device. At the end of the day, it’s not the number of security controls that counts but their efficacy. This holds especially true under tough economic conditions in which organizations will more likely minimize their defense arsenal. In turn, we foresee cyber resilience emerging as a new key performance indicator for organizations. MITRE defines cyber resilience (or cyber resiliency) as “the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on cyber resources.” By focusing on being proactive and being able to weather and recover from attacks, cyber resiliency represents an extension of how organizations often think about cybersecurity. It is more than simply protecting systems and data—it is also about reducing the risk of business disruption due to cyber-attacks.

The threat landscape facing businesses is unlikely to shrink, and it will remain up to IT leaders and security practitioners to keep users and organizations safe. Just like in 2022, it will require a combination of comprehensive visibility, effective access controls, and a shift from defensive cybersecurity strategies to the management of disruption through resilience. As a New Year’s resolution, let’s all agree to be mindful of security and follow the best practices that will keep ourselves, our data, and our systems safe.

For more information on what’s in store for cybersecurity in 2023, watch our latest webinar on the subject.