Application Security , Blockchain & Cryptocurrency , Business Continuity Management / Disaster Recovery

A Look Ahead: Cybersecurity Trends to Watch in 2023

Emerging Threats, Zero Trust, Regulatory Action and CISO Changes Top Trends List
Watch this video on the year ahead hosted by ISMG's Anna Delaney.

Another tumultuous year in cybersecurity. The Russia-Ukraine war pitted state-sponsored groups against hacktivists in digital conflict affecting numerous countries outside of the battlefield. Cryptocurrency markets imploded and billions of dollars were stolen from investors. Hackers penetrated tech giants Microsoft, Cisco, Twitter and Uber, and ransomware continued to ravage healthcare and a swath of industries.

See Also: OnDemand | Understanding Human Behavior: Tackling Retail's ATO & Fraud Prevention Challenge

Information Security Media Group asked some of the industry's leading cybersecurity experts about the trends to watch in 2023. Responses covered a variety of emerging threats and evolving trends affecting security technologies, leadership and regulation. Here is a look at the year ahead.

Cybercriminals Will Step Up Attacks on API Vulnerabilities

The API economy is growing as organizations rely more heavily on open-source software and custom interfaces to bridge cloud and legacy systems. API attacks resulted in several high-profile breaches in 2022, including one of Australia's largest breaches, at telecommunications firm Optus. Experts expect cybercriminals to step up their attacks on API vulnerabilities in the new year.

Richard Bird, CSO at Traceable, says Gartner has been warning about API vulnerabilities for years and expects them to become a primary attack surface. "We're going to hear more about this, and there will be in 2023 a massive U.S.-based API exploit-related breach," Bird predicts.

Tom Kellermann, CSO at Contrast Security, says most companies don't do a good job at securing APIs. "The developers and many organizations are more powerful than security teams," he says.

Attackers Will Target Power Grids, Oil and Gas Suppliers, and Other Critical Infrastructure Targets

Critical infrastructure, a prime target of nation-state actors, relies on IT and OT systems to keep plants running smoothly. Many industrial control systems are decades old and vulnerable to attack. In fact, last year IBM X-Force observed over a 2000% increase in adversarial reconnaissance targeting TCP port 502, which could allow hackers to control physical devices and disrupt operations. Our experts warn: Be prepared for attacks against power grids, oil and gas suppliers, and other critical infrastructure targets.

"While CISA has a huge responsibility and each of those critical infrastructure divisions has a lot of work to do, areas like energy production are very, very vulnerable right in the middle of the winter for much of the Northern Hemisphere," says Sam Curry, CSO at Cybereason.

Attackers Will Increase Multifactor Authentication Exploits

Multifactor authentication was once considered the gold standard of identity management, providing a crucial backstop for passwords. All that changed this year with a series of highly successful attacks using MFA bypass and MFA fatigue tactics, combined with tried-and-true phishing and social engineering. That success won’t go unnoticed. Attackers will almost certainly increase multifactor authentication exploits.

"Headline news attracts the next wave of also-rans and other bad actors that want to jump on the newest methods to exploit an attack," Bird says. "We're going to see a lot of situations where MFA strong authentication is exploited and bypassed, but it's just unfortunately a reminder to us all that tech is only a certain percentage of the solution."

Ransomware Attacks Will Hit Bigger Targets and Exact Bigger Ransoms

Ransomware attacks have proliferated across public and private sectors, and tactics to pressure victims into paying ransoms have expanded to double and even triple extortion. Because of the reluctance of many victims to report the crime, no one really knows whether things are getting better or worse. Expert say to expect more of the same, with ransomware attacks hitting bigger targets and exacting bigger ransoms.

"Ransomware continues unabated and the environment is honestly more malicious than ever," says Lisa Sotto, partner and chair of the global privacy and cybersecurity practice Hunton Andrews Kurth LLP. "We say that every year, but this year it does seem more malicious than it's ever been. We continue to do battle with the threat actors for companies and every industry sector. And the threat actors really, really have been busier than ever."

Attackers Will Target the Major Cloud Hyperscalers

Digital transformation is prompting a mass migration to public cloud. This trend began in the corporate sector and expanded to large government agencies, creating a hodge-podge of complex hybrid and multi-cloud environments. Containerization of applications has facilitated malware infections, and this year we saw the introduction of serverless malware aimed at the AWS cloud. With so much more data moving to cloud, watch for attackers to target the major cloud hyperscalers.

"I really think this is the moment where either I'd say the Russians or the Chinese choose to commandeer an entire public cloud environment and use it as a launch pad for systemic wiper attacks or ransomware attacks as a manifestation of geopolitical tension, whether it's what's going on in Ukraine or what's going on in Taiwan," Kellermann says.

Zero Trust Will Be More Widely Adopted

The principles of zero trust defenses have been around since 2010, but only in the past few years have cybersecurity organizations and the vendor community embraced the concepts of least privilege and continuously verified defenses. This approach received a major boost just last month when the U.S. Department of Defense announced its zero trust strategy. As hackers move laterally across IT environments with ease, expect wider adoption of zero trust as organizations look to modernize their defenses.

John Kindervag, creator of zero trust and senior vice president of cybersecurity strategy at ON2IT Group, and Chase Cunningham, "Doctor of Zero Trust" and CSO at Ericom Software, say they're optimistic about the number of federal agencies adopting zero trust. "We are starting to see this resonate up to the C-suite and the C-suite changing the incentive structure inside of organizations to do better security. Better security is based upon proper incentivization," Kindervag says.

Chief Security Officers Will Negotiate Contracts With Greater Personal Protections

The conviction of former Uber CSO Joe Sullivan in October for covering up a 2016 data breach sent shock waves through the cybersecurity community. The prospect of criminally liability has senior security leaders rethinking their roles in the organization. Look for chief security officers to negotiate contracts with greater personal protections.

"I think it is about, first of all, when you're starting a position, when you've got some bargaining power, making sure that your contract is robust - that you've got the protections you need there. I think it might involve looking at reporting lines. So, who reports to who? Who is going to report a data breach? And again, rehearsals are important so that individuals know their own roles and responsibilities in the team and you're clear what you will do, what you won't do," says Jonathan Armstrong, partner, Cordery Compliance.

Availability of Cyber Insurance Will Continue to Dry Up, Increasing Financial Risk for Businesses

The first cyber insurance policy was written more than two decades ago, but the cost of recovery and business losses from ransomware attacks has grown exponentially. In fact, losses by hospitals typically exceed $100 million. As a result, cyber insurers are raising their rates or exiting the business altogether. The availability of cyber insurance will continue to dry up, increasing financial risk for business owners.

"Anecdotally, a lot of us are hearing the payouts on massive breaches that have occurred over the last 24 months have been somewhere between zero to 30% on the dollar that was agreed to in the premium and on the payback, and the reason is because not only is the entire cyber insurance industry reevaluating what they're doing, they're now beginning to calculate their risk based upon what they've found," Bird says.

Government Agencies Will Place Tighter Controls on Cryptocurrency Firms

A series of breaches, major losses in market value and the FTX crypto exchange scandal sent the cryptocurrency world into a tailspin in 2022. Look for government agencies to place tighter controls on cryptocurrency firms to protect investors, fight money laundering and improve security.

"I'm hopeful that over the next really few years, we'll see a comprehensive framework, but I think for the moment, we're going to see sort of piecemeal action," says Ari Redbord, head of legal and government affairs, TRM Labs.

Organizations Will Change the Way They Deliver Education and Certification Programs

Most large corporations have offered cybersecurity awareness training for years, but it doesn’t seem to be working. Even worse, skilled cybersecurity resources are getting harder to find. Look for organizations to change the way they deliver education and certification programs, with an eye toward more engaged learning, career paths and upskilling CISOs.

"Our mission is to reduce complexity through understanding and through learning paths," says Steve King, managing director of CyberEd. "I don't see any of that happening today, so we're looking forward to that," he says.


About the Author

Anna Delaney

Anna Delaney

Director, ISMG Productions

An experienced broadcast journalist, Delaney conducts interviews with senior cybersecurity leaders around the world. Previously, she was editor-in-chief of the website for The European Information Security Summit, or TEISS. Earlier, she worked at Levant TV and Resonance FM and served as a researcher at the BBC and ITV in their documentary and factual TV departments.

Cal Harrison

Cal Harrison

Editorial Director, ISMG

Harrison helps ISMG readers gain new perspectives on the latest cybersecurity trends, research and emerging insights. A 30-year veteran writer and editor, he has served as an award-winning print and online journalist, mass communication professor and senior digital content strategist for DXC Technology, where he led thought leadership, case studies and the Threat Intelligence Report for the Fortune 500 firm's global security, cloud and IT infrastructure practices.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.