Industry executives and experts share their predictions for 2023. Read them in this 15th annual VMblog.com series exclusive.
Emerging cybersecurity trends to watch for in 2023
By Ryan Lasmaili,
Co-Founder and CEO of Vaultree
This year has
seen a massive uptick in ransomware attacks and data breaches, with both
private and governmental sectors scrambling to close the cybersecurity gap. The
Executive Order on Improving the
Nation's Cybersecurity
dates back to May 12, 2021, but its implementation has been the most impactful
cybersecurity development in 2022. This order marked the first time that both
encryption and authentication were mandated by the executive branch.
The roll-out
has just begun this year, and will take many years to fully take effect, but
it's already making waves throughout corporate America - beginning with larger,
regulated industries and corporations, and rippling out to smaller enterprises.
Bolstering this governmental focus on cybersecurity, the US Cybersecurity and Infrastructure Security Agency (CISA) announced on July 6, 2022 the
establishment of a Post-Quantum Cryptography Initiative, a project designed to
streamline and drive agency efforts to address threats posed by quantum
computing.
Here are five
cybersecurity predictions that I believe will rise to the forefront of the
industry in the coming year:
Mega data breaches won't stop in 2023
Mega data
breaches will persist as attackers continue to have the upper hand and outpace
victims' attempts to stop them. The breaches will contribute to increased
digital supply chain risk. A supply chain attack can breach otherwise strong
security measures, and hackers are increasingly aware of this.
Industries
with the most antiquated infrastructure, and the least funded cybersecurity,
including utilities, energy, manufacturing, construction, wholesale/retail,
banking and healthcare, will continue to be the most vulnerable to attacks. We
can also expect to see major libraries and code bases compromised in the near
future.
Innovative encryption technologies will gain
traction
Privacy
Enhancing Technologies (PETs),
including homomorphic, searchable and data-in-use encryption, will gain more
visibility in the media globally, pushed through higher investments in the
field and broader market adoption and general use cases in the private sector.
Effective innovations, such as fully functional data-in-use encryption, offered
by specialized solution providers will drive interest in a market saturated by
ineffective technologies and tools.
Initial post
quantum cryptography (PQC) implementations and early solutions will make some
headlines, as will quantum key distribution (QKD) solutions. One QKD that is
poised to be particularly impactful is the Qrypt solution, which generates identical symmetric
keys at multiple endpoints without any distribution of the keys themselves over
an insecure channel.
CISOs will embrace PETs
Forward
thinking CISOs will need to cut through the noise and avoid being flooded with
sales attempts of inadequate tools. Implementing new software aimed at
protecting data can take years, and can be a very costly endeavor, requiring
time-consuming changes to the infrastructure.
The most
effective option for CISOs to prevent data leaks, is to leverage modern PETs in
the form of a practical, performant, applicable, nimble and simple toolkit like
the one Vaultree has developed. With data in a persistent state of encryption -
even when breaches happen and firewalls and other tools in the first line of
defense fail - leaked data is
undecipherable and therefore useless to hackers.
The rise and fall of consolidation
Companies
will become increasingly disillusioned and frustrated with the complicated
cloud and enterprise security solutions. This will accelerate the nascent trend
of consolidation. Standalone solutions, especially those without a sustainable
business model, will begin to collapse and get swallowed by bigger vendors,
who, on their end, will build integrated "one-stop-shop" security service
platforms.
Consolidation
may not have lasting power however, as consolidated systems inevitably become
too broad and complex and begin to break down to independent pieces. This
process is a perennially sinusoid cycle in our industry.
Zero Trust makes gains
Zero Trust
cloud security architectures have become more mainstream and will be
increasingly popular in 2023. The pandemic accelerated the concept's adoption
by many organizations and 2022 saw it become more popular as a security
architecture for a modern remote workforce.
Conclusion
There are
still plenty of threats to cybersecurity on the horizon in 2023, but new
policies and innovative encryption technologies - such as fully functional
data-in-use encryption - are emerging to fight the good fight against data
breaches and leaks.
##
ABOUT THE AUTHOR
Ryan Lasmaili
is Co-Founder and CEO of Vaultree, the world's first Fully
Functional Data-in-Use Encryption solution that solves the industry's
fundamental security issue: persistent data encryption, even in the event of a
leak. Vaultree enables enterprises, including those in the financial services
and healthcare / pharmaceutical sectors, to mitigate the great financial,
cyber, legal, reputational, and business risk of a data breach in plain text.
Ryan's background is in financial mathematics with a passion for astrophysics
and economics. Ryan is always looking for ways to solve major cybersecurity
problems with his biggest undertaking to date solving today's and tomorrow's
data encryption and protection challenges.