The most prominent 2023 predictions in the cybersecurity industry for the year ahead are from Miri Marciano, Associate Director, Cybersecurity Expert at Boston Consulting Group.

Miri discusses what organisations should be on the lookout for in an increasingly volatile environment where attackers are constantly finding new ways to access sensitive information and take control of vital systems. The wider issue will be to make sure the recovery system of an organisation is fool-proof ensuring they can bounce back from an attack in an instant.

  • Cyber will continue to be a big business

Cyber will always be a huge business and as seen in 2022, as long as new technologies are being developed, there will always be more hackers.

Effective cyber protection is regarded as a significant competitive advantage and security has become a major focus at the board level of public and private organisations as an area of ongoing strategic investment, this is a key learning for next year.

  • There will be an increase in attack surface expansion

The extensive use of cloud applications by remote staff, and third parties has multiplied the attack vectors

The extensive use of cloud applications by remote staff, customers, suppliers, and third parties has multiplied the attack vectors and vulnerabilities across complex, interconnected tech supply chains.

There has also been exponential growth in connected low-security IoT devices, adding to the rapidly growing attack surface. BCG also continues to feel the impact of geopolitics on the cybersecurity threat landscape.

  • Geopolitics will impact the cybersecurity threat landscape

Governments are starting to attack countries or critical infrastructure and this will grow more in 2023.

The attacks won’t be to gain anything of monetary value but will be more so an act of terrorism. Or an additional weapon when having a kinetic confrontation of parties.

  • Ransomware will continue to rank highest in terms of types of threats

In terms of types of attacks, ransomware has grown as a threat in 2022 in the shape of double extortion, including data exfiltration, ransomware as a service, and massive DDOS attacks.

With these increasing threats, there must be an increase in talent and businesses are having to outsource to MSSPs as the job market is highly competitive in the cybersecurity sector.

  • An increase in supply chain attacks

Threat groups will increase their interest and capability in supply chain attacks and attacks against Managed Security Services Providers (MSSPs).

  • AI and machine learning will be made use of

AI can strengthen SIEM capabilities to allow security teams to detect threats faster

Attackers will increase their use of AI, machine learning, and other technologies to launch increasingly sophisticated attacks. Social engineering-based attacks will be strengthened by AI and ML. It is simpler and faster to gather data on businesses and employees using these capabilities.

It is an effective tool for cybercriminals because of its ability to anticipate what's happening now and what might happen in the future. On the other hand, AI can strengthen cybersecurity–powered systems such as SIEM capabilities to allow security teams to detect threats faster and respond to incidents quicker. Higher capabilities create correlations, automation, and more.

  • There will be a talent shortage

There will continue to be a highly competitive labour market for cyber talent. Organisations are increasingly investing in automation and orchestration to address cybersecurity tasks.

They will outsource to specialised services providers (MSSPs) rather than on-premise deployment.

  • The government will need to act

Nations will need to ensure the protection and safeguarding of critical national infrastructure and services.

Governments need to look at adapting regulations, data protection policies, and compliance requirements and invest in building a culture of security awareness across organisations.

  • The main focus will be on recovery

Organisations will shift towards additional investing in recovery and restoration to prepare for managing a crisis, they will need to understand that a crisis is just a matter of time.

Download PDF version Download PDF version

In case you missed it

Global regulations of AI: the role and impact on the physical security industry
Global regulations of AI: the role and impact on the physical security industry

The artificial intelligence revolution in physical security has arrived, transforming how we protect people, assets, and infrastructure. From smart buildings that automatically ad...

How does security innovation impact the skillsets operators need?
How does security innovation impact the skillsets operators need?

Technology automates tasks, streamlines processes, and improves efficiency in various fields, including physical security. But the success of today’s latest technologies depe...

How can manufacturers and integrators mitigate the risks of port forwarding?
How can manufacturers and integrators mitigate the risks of port forwarding?

Port forwarding is a networking technique that allows incoming traffic on a specific port number to be redirected to a particular device or application on a local network. Open por...

Quick poll
What's the primary benefit of integrating access control with video surveillance?