Making cybersecurity predictions is easy („Cybercriminals will become more inventive“). Making actionable ones for IT security leaders is much harder. We’ve assembled what we hope is a useful list of predictions from cybersecurity vendors – people who know what threat actors talk about on dark web forums, as well as the strengths and weaknesses of
Making cybersecurity predictions is easy (“Cybercriminals will become more inventive”). Making actionable ones for IT security leaders is much harder. We’ve assembled what we hope is a useful list of predictions from cybersecurity vendors – people who know what threat actors talk about on dark web forums, as well as the strengths and weaknesses of their customers’ IT infrastructures.
There’s no promise that all/most/some of these predictions will come true. The bottom line is, there will be no let-up in attacks. So this advice from Dave Orban, senior manager of product marketing of Commvault is vital:
“Prepare — and be recovery-ready. Your approach needs to be proactive and multi-pronged. Assess your risks and mitigate them upfront; protect your assets and harden your infrastructure; continuously monitor to identify possible threats; respond rapidly; and recover and restore as quickly as possible to minimize business disruption.”
And here, according to vendor experts, are some of the things they think we must be prepared for.
Jon France, CISO at (ISC)²
Demand for cyber insurance is going to increase, but it’s going to become harder to get. In Q1 2022 alone, premiums for cyber insurance rose nearly 28 per cent compared with Q4 2021. This is largely due to heightened awareness of the financial and reputational risks of cyber incidents such as ransomware attacks, data breaches, vulnerability exploitation and more. At the same time, underwriters are also making requirements for obtaining cyber insurance much more strict, requiring things like two-factor authentication and the adoption of specific technologies like EDR, XDR and more. In fact, these documents used to be two-page questionnaires…now they’re full audits and 12+ pages long. So, increasing cyber insurance premiums and stricter requirements to obtain insurance will be interesting hurdles to watch in 2023.
On the flip side, we will likely also see an increase in demand stemming from the rising incidence of supply chain issues. Because of these issues, companies will likely start requiring more and more that any vendor or third party they work with must have cyber insurance. As we’re already starting to see, with geopolitical issues spilling out across borders, in addition to the cyber threats companies are constantly facing, companies are going to prioritize protecting their most critical assets (including their reputations). In 2023, demand for cyber insurance will continue to increase, as will prices and requirements for obtaining these policies.
Also in 2023, industries will continue to underestimate the importance of securing OT infrastructure. Securing these systems doesn’t mean forcing “new” technology onto the systems – it’s not about zero trust or having more regulations or more patching requirements. It’s about increasing visibility into assets, implementing mitigating controls, and building resiliency plans so that if the worst comes, downtime and impact can be mitigated. In 2023, we’re likely to see the industry continue to misconceive what is needed to secure these systems, and we’ll likely see a major attack on critical infrastructure because of it.
Tyler Moffitt, senior security analyst, OpenText Security Solutions
— Small and medium-sized businesses (SMBs) will need to do more with less, and cyber resiliency will be more important than ever. Cybercriminals will increase ransomware attacks on SMBs as prime targets in the wake of heightened geopolitical tensions, such as the war in Ukraine, and rising inflation in the U.S. This will force SMBs to do more with less, while already having smaller cybersecurity teams and budgets to defend against attacks, and it will make cyber resiliency more important than ever. Our recent SMB survey found that 52 per cent of respondents felt more at risk of a ransomware attack due to heightened geopolitical tensions, and 57 per cent were also concerned about their security budgets shrinking due to inflation.
John Fokker, head of threat intelligence, Trellix
— Teens and young adults will engage at increasing levels in cybercrime – everything from large-scale attacks on enterprises and governments to low-level crimes that target family, friends, peers, and strangers. Attacks against Windows domains will scale. More domain privilege escalation vulnerabilities will be discovered, as well as more real-world attacks against Microsoft Windows with the explicit goal of complete network takeover. As groups of loosely organized individuals fueled by propaganda align for a common cause, they will ramp up their use of cyber tools to voice their anger and cause disruption across the globe.
Charles Henderson, global managing partner and head of IBM Security X-Force
— Cybercriminals look for organizations or industries teetering at the edge and then make their move to tip them over. Last year, we saw that with manufacturing — a strained industry viewed as the backbone of supply chains. With the distinct possibility of a global recession on the horizon, we expect to see ransomware attacks spike in 2023. However, larger organizations in regions heavily impacted during the ransomware boom are the most prepared for this wave, after investing time and money in fighting back.
Kevin Bocek, VP of security strategy and threat intelligence at Venafi
— The ransomware cash cow may stop mooing in 2023, forcing hackers to pivot to other revenue generators – like selling stolen machine identities. We’ve already seen a high price for code signing machine identities on dark web markets, and groups like Lapsus$ regularly use them to launch devastating attacks such as the Lapsus$ theft of data from Nvidia.
