Industry executives and experts share their predictions for 2023. Read them in this 15th annual VMblog.com series exclusive.
Cybersecurity Predictions for 2023: The Good, The Bad and The Opportunities Within
By Jessica Hetrick, Senior Cyber Strategy and
Resilience Leader at Optiv
It's easy for predictions season to turn into a "doom and
gloom" affair. At Optiv, however, we believe that while it's important to be
cognizant of looming threats, we shouldn't entirely focus on the negative
impacts they can have on our business - we also need to find the opportunities within
each that help us better our cybersecurity and cyber resilience postures. And,
we also need to focus on a few areas that we think will better our industry,
our people and our world in the new year. So, with that said, here are five
cybersecurity predictions for 2023, along with key takeaways for each.
1) The integration of information technology (IT)
and operational technology (OT) in attack methods will become more common.
In 2023, we'll
see the threats to the OT space grow exponentially - a glaring issue that most
organizations are not yet prepared to handle. We're seeing this happen already
as a result of the Ukraine/Russia conflict. Bad actors are softening their
targets before kinetic attacks. This has a lot to do with the impact an attack can
have on the OT space - often causing a catastrophic
level of damage. The weaponization of operations against the OT space will
continue, and we'll see an uptick in the number of physical attacks leading to
cyber disruptions and vice versa.
Key Takeaway: Knowing IT and OT
threats will continue to be on the rise in 2023 presents us with the
opportunity to prepare now - before the frequency picks up. Organizations can
do this through a healthy mix of physical security foundations and digital
detection technologies - for example, by implementing and maintaining a
thorough and proactive asset inventory and by aligning and maturing IT and OT
cybersecurity strategies.
2) Insider threats will rise to the forefront,
once again.
Amid
headlines of large-scale ransomware, phishing and supply chain attacks, it can
be easy to forget about those already with access inside the organization. The
transition to a remote workforce in the wake of the global pandemic has brought
this overlooked threat vector back to the forefront. In fact, whether it's a disgruntled
employee looking to inflict damage, a distracted employee trying to multi-task
at home, an imposter pretending to be an employee, or an unaware employee who
doesn't know how to be cyber safe, the insider threat landscape will grow
bigger than ever next year.
Key
Takeaway: Comprehensive security programs account for all types of security
threats - external and internal. The insider threat reminds us to make sure we
have a robust security plan in place that addresses both internal and external
threats to the business and puts the right measures in place to defend against
each of them. Make sure your security team is looking for anomalous data
activities - such as activity at unusual times, unexpected changes in traffic
volume and privileged access abuse - and always protect your most critical
assets.
3) There will be increased focus on the risks
introduced by artificial intelligence (AI) and automated technologies.
Adoption of
AI, robotic process automation (RPA) and other automated technologies designed
to decrease reliance on employees skyrocketed following the onset of the COVID-19
pandemic, but now there's rising concern that these technologies can be used
for malicious activities, companies have removed humans from processes too
quickly and data can be manipulated and fooled. Threat actors already are taking advantage to gain
enormous scale in their activities, and it's a problem that will get worse in
2023.
Key
Takeaway: To gain the benefits of these innovations without the associated
risks, organizations will need to leverage AI to support and balance the
cybersecurity tasks across an environment. Teams should look to AI to: 1) fill gaps
in the organization, while not replacing the people who can review and
validate; 2) continuously monitor for changes and anomalies reducing alert
fatigue, while not being the only "eyes on" in the company; and 3) improve
response times by enabling the team, without having full and unaudited control
across the environment.
4) Board-level cybersecurity awareness will
continue to grow.
Cybersecurity
expertise at the board of directors' level has been on the rise in recent years,
but, in 2023, we expect this trend to spike as organizations have evolved to
understand that cybersecurity is a business risk and must be accounted for at
all levels of leadership. This has taken on new meaning following the SEC's
proposed cybersecurity disclosure rules, and we expect to see more C-suites add
board members with a cybersecurity background. Additionally, boards will begin
to be more demanding of their companies to answer for security preparation,
strategies, processes, issues, etc.
Key
Takeaway: Increasing board involvement presents organizations with an
opportunity to fine-tune their cybersecurity speak by translating it into a
language the board can understand and by building preparedness and awareness
across leadership. Cybersecurity teams should prioritize partnership and
alignment across the enterprise, which almost always involves upleveling the
conversation to focus on risk quantification, business impact and the financial
consequences of an attack. By upleveling the language to demonstrate that
cybersecurity is a business enabler, it becomes engrained in the culture and
mindset of everyone at the organization.
5) Great strides will be made to close the cybersecurity
training gap.
The
cybersecurity training gap and unfilled jobs across the world is reaching
crisis levels, and as a response, we may see an effort to reduce the cost of
cybersecurity training, so awareness and education are prioritized and
conducted continuously. We'll also see an increase in public-private
partnerships designed to share products, services, people and other resources
with the ultimate goal of getting qualified candidates into the field and
making a difference as quickly as possible.
Key
Takeaway: We've been hearing about the cybersecurity skills and training gap
for quite some time, but the industry has finally learned that collaboration is
needed to tackle it. Now, we just need to make strides in that direction, and
we're poised to do that in 2023. Look for avenues to cross train your employees
and push to drive transparency across your key vendors and partners to ensure
we move in this direction.
Going into 2023, we shouldn't focus on the fear of new or existing
threats and the risks they pose to the business. Instead, we need to turn our
awareness of these threats into action - and we can do this by using these
challenges as opportunities to enhance our security posture. When we do this,
we can prepare for anything in our path - known or unknown - to enhance our
cyber resilience.
##
ABOUT THE AUTHOR
Jessica Hetrick is a senior cybersecurity leader with more than a
decade of experience in crisis management, incident response and security
operations. Prior to joining Optiv, Hetrick worked criminal and national
security cyber investigations at the FBI, supported operations for digital
innovation at the CIA, and directed global incident response teams at Cisco. As
a strategic leader at Optiv, she creates, manages and leads cybersecurity
programs for global companies, while partnering with the business to reduce
risk and achieve business objectives.