We’ll be honest: this list of 9 cybersecurity trends for 2023 will probably feel like déjà vu. It’s not only a question of “where have I read this before?”, but also of “when exactly and how often have I been reading about this in the past?”
“And why am I still hearing about this?”
These 9 cybersecurity trends of 2023 are deeply rooted in the (recent) past
Let’s make a brief tour through some of the 2022 highlights in infosec: last year saw a number of BIG companies falling victim to costly data breaches, with the average data breach going up to almost $10 Million. On top of that, according to the World Economic Forum, cybercriminals became more sophisticated while cybersecurity measures businesses, governments, and individuals had in place were becoming increasingly ineffective. Ransomware was all over the news, with the number of reported attacks on the rise. Ethical hackers have reported over 65,000 vulnerabilities in 2022 – and keep in mind that companies are, to this day, trying to cope with older, high-risk vulnerabilities, such as Log4j.
In the middle of all this chaos, there’s still an almost one year old war in full swing that conveniently sets up the scene for a next-gen warfare.
With such occurrences and considering other shifts in tech, economy, politics and society as a whole, it is only fair to assume that a series of cyber threats are poised to persist and others to evolve (but never to go away) throughout 2023 and even further than that.
Here are the top 9 trends in cybersecurity to be aware of in 2023
1. MFA Fatigue attacks could escalate
Multi-factor authentication (MFA) has been branded by cybersecurity professionals as the go-to, easy-to-use and most efficient credential authentication method, especially during the widespread work-from-home phenomenon of 2020. Unfortunately, nothing is ever bulletproof, as the human mind is creative enough to bypass any obstacle.
MFA fatigue attacks are considered to be social engineering attacks, where cybercriminals – who have previously used the target’s stolen credentials in the first-factor authentication step – send multiple second-factor authentication requests to the victim’s device, prompting them to confirm their identity via a simple notification. The attacker will afterwards be authenticated in the victim’s device or account.
This tactic has earned its place in the spotlight after last year’s Uber breach, propelling businesses worldwide to reconsider their strategy to secure (privileged) identities.
MFA fatigue attacks are a budding trend, but there are a few tactics that can slow down their progress:
- Get specialized training and learn to detect social engineering attempts;
- Strengthen the MFA parameters – e.g. set a large number of factors in order to grant access;
- Find alternatives to MFA – e.g. passwordless authentication, the zero trust approach etc.
2. Geopolitics will continue to influence state sponsored activities
The term “cyberwarfare” has been on everyone’s minds in 2022 – but the phenomenon actually dates back roughly 10 years ago. The ongoing Russian-Ukrainian conflict only acted as a reminder on the severe impact of global conflicts on cybersecurity.
However, according to ENISA, the conflict also reshaped the threat landscape during the period of July 2021 and July 2022, causing increases in:
Naturally, financially motivated cyber actors sought to exploit the international context to ensure compromising computer systems as part of ransomware campaigns. Recent Microsoft research shows that nation state attacks against critical infrastructures went up from 20% to 40% during the above mentioned period and infosec professionals expect state-sponsored cybercrime activity (espionage, sabotage, misinformation etc.) to increase this year. Due to such significant challenges, the worldwide cybersecurity market is expected to rise from $125.5 billion in 2020 to $198 billion in 2025.
Some measures that could diminish the impact of such activities include, among others, adopting a zero-trust attitude to protect critical systems, setting up business continuity plans, implementing endpoint detection and response solutions in systems and networks, backing up data and so on.
3. Critical infrastructures will require extra cybersecurity protection
Operational technology (OT) and IT have grown increasingly intertwined in the past years, allowing for interconnected systems – industrial IOT, more automation opportunities, better visibility, lower costs, overall new and improved services – and, of course, a higher probability to become the main targets in cyber attacks. A 2020 report, for example, was highlighting that 78% of OT organizations had experienced at least three intrusions in the past 12 months. Going further, 2022 was a year of discovery and even comeback of OT-specific pieces of malware.
Given the recent history of malicious Russian cyber operations before the 24th of February 2022 – e.g. the Colonial Pipeline attack (2021) – and as the Ukraine / Russia conflict persists into 2023, we can expect critical infrastructure suppliers and governments to be put under heavy pressure to cooperate and strengthen the security posture to keep damaging cyber threats at bay. Taking basic steps in this direction would be having a proper segmentation between IT and OT networks, implementing a comprehensive system monitoring program and a proper evaluation of assets’ exposure, risk, and vulnerabilities.
4. Supply chain attacks are set to remain popular
In one of our previous articles, we cited a Symantec report showing that supply chain attacks had increased by 78% in 2019, as we were expecting the global COVID-19 crisis at the time to enable this trend to increase. A few months later, in December 2020, multiple government agencies were breached through SolarWinds’ Orion Software, affecting over 33,000 customers. Not only was this a major breach affecting a nation’s critical infrastructures, but it is deemed as one of the greatest (software) supply chain attacks in recent years.
As we advanced to 2021, reports showed that the telecom industry had, for the first time, recorded a prevalence of high severity incidents, which prompted cybercriminals to maintain interest in targeting said industry in 2022 in order to reach its customers.
The interconnectedness of the global economy & technology that we’ve become so accustomed to may, indeed, come, with both pros and cons. But behind the constant popularity of supply chain attacks is what organizations choose to do: avoiding to regularly monitor and risk assess their vendors’ cybersecurity practices. For instance, in 2021, only one-third of organizations were optimistic that, in the event of a supply chain attack, they could react quickly and successfully.
Moreover, recent data shows that over the previous three years, there has been a startling 742% average yearly growth in software supply chain attacks and chances are that 2023 malicious activity will bring significant hikes in these numbers. Given the circumstances, it might be best if you start monitoring your systems, devices and apps from one end to the other.
5. The cloud will be just as tempting in 2023 as in the past years…
… both for companies who move into cloud based technologies – in 2022, 94% of companies used cloud services – and for malicious actors who will be tempted to follow.
The promise of greater efficiency and productivity has boosted the rapid adoption of the cloud by businesses in the past years. Yet, security issues still arise as a result of the lack of clarity regarding who is responsible for implementing and maintaining security when it comes to cloud deployments. Doubled with an expected increase in software supply chain attacks this year and with the fact that, in 2022, 45% of breaches occurred in the cloud, organizations should stay vigilant and put all their efforts in creating strong security protocols for their cloud services.
6. Threats on IoT and 5G are here to stay
The world is getting increasingly interconnected. The communication landscape is taking advantage of what 5G technologies have to offer – the alternative of high-speed data networking option – while the Internet of Things (IoT) is set to connect an unprecedented number of devices, estimated to go over 30 billion by 2025.
On the downside, a new era of technology will bring about a new era of risks, as the attack surface continues to grow. It can be challenging to detect and limit new exploitation opportunities due to the complexity of 5G and IoT networks or smart devices. Threats and attacks are expected to get equally sophisticated, therefore organizations should consider implementing strong security practices, processes and strategies.
7. Recession will play an important role in the threat landscape and will change the perspective on outsourced cybersecurity services
As the worldwide economic situation looks far from rosy, we should expect the ongoing recession to affect cybersecurity as well. The impact could be observed on multiple fronts:
- businesses could be tempted to shrink their cybersecurity budgets;
- security wages could plateau, making it difficult to retain talent amid an already strained labor market in the industry;
- attackers might drop down their hacking tools prices, making cybercrime even more accessible.
What is even more worrying is that studies show fraud attempts increasing during times of recession. Moreover, the two years following the peak of the 2008-2009 recession registered a 40% rise in cybercriminal activity.
The good news is that these are the times when security automation, outsourced services and solutions and the zero trust security model best come in handy to maintain your organization’s cyber resilience. The motto of this recession just might be “analyze, prioritize & optimize”.
This will be extremely relevant for small to medium sized companies in particular, who do not afford large cybersecurity budgets, but at the same time cannot afford the cost of a data breach either. Experienced third party providers will help businesses develop proper security processes, bring new tools or offload the effort of their existing team to let them focus on other key areas.
8. The cybersecurity workforce gap will continue to grow
The “Cybersecurity Workforce Study” published by (ICS)2 at the end of 2022 presented a series of intriguing results. The current global cybersecurity workforce is at its highest – 4.7 million people, an 11.1% increase over 2021 – and it’s still not enough. What the world needs right now is another 3.4 million specialists, a 26.2% year-on-year increase.
With this gap rapidly expanding in recent years and given the impact the ongoing recession will have on staff retention (and, why not, potential hiring freezes), we expect the need for cybersecurity professionals to persist as we go further into 2023. Career growth and professional development opportunities for already working specialists, community support or even early training programs for those who are just starting off in infosec could be essential in reducing the workforce gap in cybersecurity.
9. ChatGPT will make businesses rethink their approach to security
Just in the past few months, a series of new AI tools have sparked heated debates about data, privacy and/or originality (remember Lensa?) and automation. ChatGPT, however, was the one to steal the spotlight, due to its “jack of all trades” nature. It answers any question, quickly and extensively, according to your specific needs, and it can write code and poetry alike.
Recently, it was also proven that it can create polymorphic malware. As a great content generator, we can expect ChatGPT to write the most realistic and convincing phishing emails.
Bonus: at the time of writing, Google has just launched BARD, an experimental conversational AI service, powered by their Language Model for Dialogue Applications.
To put it shortly, the possibilities are endless.
That is why organizations could learn to make use of AI technology as a great defense tool in order to detect vulnerabilities early on and respond efficiently and faster to threats and potential breaches. At the same time, companies can invest in the education of their staff to be cautious when interacting with AI-supported solutions, implement strong authentication processes and monitor network activity.
Considering the overall impact AI has on cybersecurity and cybercrime, we will thoroughly analyze the subject in a dedicated article, coming soon.
With this many challenges down the road and considering that the cost of a breach is greater than the cost of working with well-trained cyber security professionals…
… cybersecurity should remain a top priority for businesses in 2023!
Of course, this list of 9 cybersecurity trends for 2023 is not exhaustive – and most likely it will remain evergreen for years to come. It stands as a clear lesson that the efforts to ensure and build up overall cyber resilience are long-term, and that the willingness to understand and adapt to the ever evolving threat landscape will be an important asset in every company’s cybersecurity arsenal.