Organizations no longer ignore the business risks introduced by cyber threats and vulnerabilities. Let’s explore year 2023 considerations against the backdrop of an expected recession. Despite expected economic headwinds, organizations cannot afford to allow cyber risk and associated cyber investments to slow down. Focusing on solutions to these six challenges can help leaders ensure they’re positioned for recession resilience.
Stringent Data Privacy laws will keep evolves
With new data privacy laws set to go into effect over the course of next 12 months, now is the time to assess your current procedures and systems to make sure they comply. These new state-specific laws are just the beginning; companies would be wise to review their compliance as more states are likely to develop new privacy laws in the years to come. Already in 2022, we have seen much of fines and penalizations on leading organizations like Google, Facebook. Data privacy laws often require changes to how companies store and processing data and implementing these new changes might open you up to additional risk if they are not implemented carefully.
Ransomware-as-a-service will evolve and will skyrocketed when combined with supply chain
The pulse of the ransomware threat is pull it up as a search term in the news on any given day of the week. Ransomware attacks happen in one of two ways: by opportunistic means, or by targeting someone or something. Targeted attacks are way more sophisticated and specific, and we have seen an increase in reports that indicate custom ransomware has been launched against an organization’s specific technology stack. Large organizations that are multi-national, and through the definition of its services cannot endure a prolonged outage. SMB’s, health sectors, educational institutions should secure the environment, have a plan to elegantly recover from a breach, and an ongoing assurance plan of security and compliance.
Zero Trust will be trusted more
The pandemic in 2020 given birth to a much evolving defence solution. Zero trust is a relatively new security paradigm that evolves classic castle-and-moat perimeter security models to a more granular “never trust, always verify” model. Zero trust defines a vision for holistic identity-centric security across networks, data, and applications. While the details of implementing zero-trust principles can seem daunting at first, it is a sound approach to securing networks soon
Geopolitical Tensions to step-up
Last year when Russia invaded Ukraine. I don’t need to say what happened after that; the consequences were terrible. we have covered exclusive writeups on the attacks that has happened. Likewise more to be expected this year, with attack surface expands outside Europe.
AI and ML in Cybersecurity will get a new dimension.
Late last year ChatGPT is buzz word and a transformational tool for many security use cases, it will continue to evolve in 2023. The technology has more Cons, but the anticipation is threat actors will try to abuse and initiate larger attacks
ICS Systems will be abused more
ICS/SCADA systems are essential for industrial manufacturers. Due to their importance, these systems are a top target for attackers. Yet while the tactics and techniques required to social engineer ICS systems differ from IT, the impact can be even more detrimental going so far as the possible loss of life. Social engineers are already beginning to advance their techniques and tactics to gain access more successfully to these vulnerable systems.
Cyber insurance – not insurable.
Many organizations have previously viewed cyber insurance as an adequate safeguard against cyberattacks. However, with the economics increasingly upside down for underwriters, expect cyber policies to no longer be freely written. Costly data breaches, ransomware and other security attacks are also behind an increased cyber insurance policy cost trend, with the average premium increasing organizations with low cyber maturity may find cyber insurance to be cost-prohibitive or even find themselves uninsurable.
API Security/ Breaches – Credential abuse on large scale
This year could be that API security sees more traction. The growing number of APIs within and between corporate infrastructures has made API security one of the biggest challenges for CIOs today. Conversely, it also means that APIs are a growing target for cyberattacks. Consider promoting API security on your organization’s security roadmap. Otherwise, it could be the Achilles’ heel that provides attackers with unfettered access to your sensitive data.
The above forecast for 2023 is just a prediction but foremost fixed, the current wild card is a potential looming recession and how the uncertain economy will affect cybersecurity spending – and attackers’ motivations. Coming months should provide insight into the direction the economy is likely to take. But no matter what the economy does, organizations that continue to prioritize cybersecurity will continue to reduce their risk of business disruption and reputational loss from major breaches.