By Christopher Prewitt, Chief Technology Officer, Inversion6
Technology never stops moving forward. Each new year brings changes which create downstream effects on how we are attacked and how we defend against those attacks.
As the IT and cybersecurity industry pushes to be less reactive, predicating what’s coming in the next year has become more and more popular. Here are my top 10 trends that will be most important in 2023.
- Active response will likely become the default defense posture.
The industry has learned proper preventive controls, yet there is still room for improvement. Some responders have not been as timely as needed, which should lead to more automation, self-assessments and more real-time responses. Account lockouts, password resets and network contained systems will likely be some of the methods used to reduce the impact of a data breach.
Should responders continue to waste time, we will see a shift from default configurations to more auto-responses. Our end customers will have to change with the times and understand the value of the disruption.
- Zero trust models are going to have a massive impact on security.
We’ve seen a shift in organizations migrating to the cloud and abandoning their internally hosted data centers. With the shift will come an increase in the reliance on zero trust models to improve security.
This could change how we perform penetration testing, secure our networks and may even remove the need for significant network security for some organizations. The perimeter network edge is all but dissolved, zero trust may help to finish it off. We will still have a need for internal segmentation in many industries that rely on local computer resources.
- Government regulations are going to balloon.
We can predict there will be changes to the current international privacy requirements. These new security regulations will likely come from the SEC. On top of these changes, additional executive orders and Congressional committee meetings will be coming down the pipeline next year.
I expect most of these regulations to lack real teeth. The fines and penalties likely won’t be sizable enough to implement real change. The FTC stands out with some regulations that have significant teeth to them.
- Hacktivism is increasing.
The ongoing conflict in Ukraine has been the first war to prompt large scale cyberattacks from nonmilitary citizens of other nations.
The Ukrainian army’s offensive cyber-operations are now attacking Russian infrastructure as both a hobby and a political statement. We can foresee these types of offensive operations across borders to become more conventional in the coming year.
- Governments will be more direct on attribution.
This past year we saw multiple public reports of US espionage efforts in China. This does not come as a shock given our government’s recent trend of outing its own cybersecurity enemies by name.
As China, Iran, North Korea and others continue to increase their defensive capabilities, we will hear further communications about attribution of attacks and our own cyber operations.
- Attackers will continue to stay away from the weaponization of artificial intelligence and machine learning.
Effortless attacks are here to stay. Attackers have no use for advanced methods. Look at the recent attacks against Uber, Twitter and others for proof. While there are ways to generate attacks against multi-factor authentication, simple supply chain-based approaches still get the job done. Now that we are locking the door more consistently, it’s almost as easy to walk right in when you have the keys.
- 5G won’t help decrease cyber attacks.
5G can allow for private networks, which can prevent direct internet access to their fleet of devices. This amplifies technology providers’ security abilities, by reducing the attack surface. The increase in bandwidth is still no match for the skills of cyber criminals.
Given the influx of new devices, 5G will likely provide an even larger opportunity for attacks with most providers not taking advantage of private secured networks.
- The next big hack likely won’t target a hyperscaler/cloud-provider.
As organizations migrate workload and servers to the cloud, these providers may indeed be hacked. I don’t anticipate it to be large-scale, more so an increase in risk. There are considerable risks for organizations, especially if an attacker can gain tenant level access to your assets. While we may see large outages, it is unlikely that we’ll have some catastrophic level security breach.
- Cyber insurance won’t help more companies cope with uncertainty.
We saw a rise in cyber insurance rates in 2022. With carriers becoming more restrictive, many customers will likely face more coverage requirements in 2023.
The cyber insurance market will continue to provide some options to small and medium-sized businesses. The downside to these heightened measures is the increase in organizations abandoning their policy renewals for 2023 and choosing to self-insure.
- Mobile devices still could be targeted by attackers.
In this space we see and hear about the expensive zero days that few companies and many nation states have access to. Attacks against these platforms aren’t occurring the way experts have predicted. While phishing, smishing and other social engineering attacks are still present, they don’t traditionally attack the phone’s operating system.
Apple and Google do a great job securing their devices. Individuals that upgrade to a new phone every two years limit the exposure risk that comes with running an old device. So, much of the risk here is limited to social engineering unless you are one of a very few nation states.
About the Author
Christopher Prewitt s CTO at Inversion6, responsible for helping develop security-related products and services for customers. Over the past 20+ years, he has acquired extensive experience in end-to-end planning and execution of robust, large-scale security, privacy, compliance, and risk management systems/solutions in Fortune 500 and 1000 environments, supported by strong customer service and technical issue resolution. He excels in designing and optimizing cutting-edge enterprise security systems and data center architectures. Chris can be reached online at https://www.linkedin.com/in/cprewitt/ and at our company website www.inversion6.com.