Major security trends for 2023

Vikas Singh Yadav

Cybersecurity is a difficult area to come up with predictions and trends due to unknown adversaries and high-impact events. However, like any risk, it is essential to understand it by studying the ongoing events, likely threats and technological advancements to tackle and mitigate them.

In this article, I will aim to cover the key events of 2022 and how they affected the cybersecurity industry. Then it will cover the likely trends for 2023 based on events in 2022 and the ongoing efforts to tackle cybercrime. I will end with some key pointers for cybersecurity professionals on how to tackle cyber threats and maintain an effective cybersecurity posture and secure their organisation.

Key Cyber Events in 2022

Cyber attacks continue to rattle organisations with organisations from diverse industries of varying sizes being victims. Affected parties include nations such as Costa Rica which declared a national emergency, the first country to do so because of a ransomware attack, and hotels such as Marriott. Closer to home in India, Akasa Air suffered a data breach in the first month of operation and Oil India suffered a ransomware attack. The most common attack vector remains credential theft, phishing, misconfigured cloud, and vulnerabilities in third-party software. The key drivers for cybersecurity continue to be cyber attacks suffered by organisations, fresh regulations and laws, and the adoption of new technologies. Some of the key events are

  • Regulatory guidelines continue to drive the cybersecurity industry. In India, the long-awaited Data Protection Bill was again withdrawn to have a freshly updated version and despite claims, most people do not see it being tabled before the parliament soon or a diluted version of it would be shared. In a surprising move CERT-IN the central computer emergency team of India.
  • Several significant breaches continue to affect organisations with several large organisations being involved. Uber’s recent breach showed us that even the most well-funded and technologically strong organisations could be affected by cyber-attacks. Oil India’s ransomware attack showed that cyber-attacks can affect national infrastructure. Closer to home in India, we saw the new airline Akasa Air hit by a data breach in the first month. It also showed the effect of CERT-IN guidelines as the airlines reported the issue immediately.
  • Cloud Adoption – Technological change continued this year when more organisations adopted cloud for running their applications. This is leading to the complete dissolution of network perimeters and new strategies like Zero Trust see more adoption.
  • The IT perimeters continue to dissolve and the change in the way of working continues post-COVID as most employees are reluctant to return to office and adopt a hybrid approach to work. offices continue to open, but the hybrid way of working continues and the usage of video conferencing solutions continues to proliferate. This will necessitate security teams to deploy more Cloud- based tools and security solutions.
  • Russia’s invasion of Ukraine was the key geopolitical consideration affecting the cyberworld. Cyber activists on both sides launched several attacks on each other and the level of cyber preparedness in western countries increased significantly in anticipation of Russian-sponsored cyber attacks.

Key trends we will see in 2023

  • Ransomware will continue to be the biggest threat facing companies across the world. The key reason for this is the ability to monetise the attack and the untraceable nature of payments makes it the most common vector of cyber attacks. There were unknown attacks in the first three quarters of 2022. Organisations need to prepare for ransomware with a miX of mitigation, detection and response strategies. These include effective patching, periodic security testing, hardening, backups, and effective restore strategies.
  • Third-party risk should remain a concern for organisations and the biggest challenge for CISOs as organisations integrate with multiple partners. It is essential to maintain a list of all vendors categorised by business criticality and risk levels based on data and system access. These vendors need to be assessed effectively on onboarding and tracked regularly.
  • Zero Trust as a strategy will continue to be a driver for the adoption of risk-based identity, authentication and authorisation mechanisms. However, a good understanding would determine the effectiveness of the solutions implemented with almost all vendors adding Zero Trust as a part of their portfolio. Multifactor authentication (MFA) will see wider adoption post understanding various cyber attacks including credential thefts, account takeovers and social engineering. Attacks like Uber also raise concerns about an absolute reliance on MFAs as a security strategy.
  • Security logging and incident reporting should be a driver for companies in India. However, low levels of enforcement and checks may not persuade smaller companies to adopt CERT-IN measures.
  • Patching and basic cyber hygiene controls will continue to be neglected due to the effort involved in the implementation and continuous monitoring. It will be up to security and IT teams to prioritise this important activity to protect their organisations.
  • Talent shortages in a trained and skilled workforce will be the biggest challenge for organisations and security leaders. Key areas of security engineering, cloud security and incident response would remain understaffed. Savvy security leaders would be wise to adopt alternate methods of staffing including lateral hiring from within their own organisations and also leveraging interns and remote staff.

Key lessons and takeaways

For security leaders and security vendors, the aim should be to resolve cybersecurity problems faster and quicker with simple solutions. Cybersecurity continues to gather major attention due to significant breaches and the impact they have on businesses.

Some key suggestions are shared below:

  • For cybersecurity leaders and CISOs, it is imperative to focus on improving the overall maturity of the organisations while tackling immediate threats and mitigating cyber attacks on a daily basis.

Also Read | Six trends that will change the cybersecurity landscape in 2023

  • Leveraging new yet mature technologies such as Endpoint Detect and Respond (EDR) and Secure Web Gateways and Cloud Data Leak prevention solutions will help CISOs tackle new cyber threats and help protect their employees while they work from remote environments.
  • ZTNA or Zero Trust Network Access would help protect internal applications and internal networks better than conventional VPNs.
  • Security leaders would also be wise to use brand monitoring tools for protecting against online abuse and bringing fake websites and apps down. Strategies for risk mitigation such as Cyber Insurance would be well received by Finance teams. This coupled with incident response preparedness and retainer services would help protect the organisations against high-impact cyber attacks.

cybersecurity is a challenging field and this makes sure that there is never a dull moment. Security leaders need to make sure their teams are not overworked and overwhelmed. Therefore, they must have a shared vision and an effective plan to protect their organisation and its customers.

Views expressed by Vikas Singh Yadav, Industry Expert.