Organizations
are increasingly cautious in regard to navigating the economic downturn.
Increased inflation and reduced expenses are causing many to take a close look
at the budgets for cybersecurity in the face of growing complexities of the
cyber attack landscape.
As
a preventive measure, more organizations heavily invested in prevention,
detection and response tools to combat ongoing cyber threats in 2022. However,
as threat actors continue to develop new tactics and become more sophisticated,
these tools may not offer complete protection. Coming into the new year,
organizations need to look to more innovative technologies to ensure the safety
of their systems and digital assets.
With
the economic situation constantly evolving several tech leaders have gathered
to discuss the invaluable insights and torrent of innovations that we should
expect in 2023. Read below for their advice and insights.
++
Neil Jones, director of
cybersecurity evangelism, Egnyte
"For the first time in a long
while, cybersecurity is being viewed as a strategic investment rather than a
budgetary line-item. I anticipate this trend to accelerate in 2023. By
following effective cybersecurity practices like the implementation of ongoing,
company-wide cybersecurity training, maximizing endpoint security, and limiting
access to data on a ‘business need to know' basis, organizations can alleviate
downtime and improve employee productivity. Over the long haul, cyberattack
prevention is almost always less expensive than passively waiting for an attack
to occur. At a time when businesses are managing expanding data volumes,
cybersecurity must be an always-on company priority."
++
Aaron Sandeen, CEO and co-founder, CSW
As
organizations struggle to navigate an unsteady economy with increasing
inflation, higher interest rates, and a potential recession, many are
undergoing significant layoffs and hiring restrictions. Companies are
substantially reducing expenses in an effort to survive the uncertainty,
including IT and cybersecurity budgets, which will ultimately have an impact on
the cybersecurity industry.
As
a result of the weak economy, organizations will lack the people and resources
to maintain their cybersecurity defenses, which will provide bad actors an
opening. With a wider range of attack vectors available in 2023, cyberthreats
will advance in sophistication and harm.
Alongside
dwindling resources, there is a mass amount of increasing data, with experts
expecting 94
zettabytes of data worldwide by the end of the year. Making sense of the data
you have is becoming more and more crucial at a time when enterprises must deal
with a flood of sensitive data. Because of this, I believe the driving force
behind cybersecurity initiatives in 2023 will be predictive intelligence
coupled with actionable insights. Better cybersecurity is achieved by combining
raw data with contextual threat intelligence that is updated continuously using
automation, AI, and ML, as well as expert validation.
++
Tim Prendergast, CEO, strongDM
Looking
into next year, I think we will see the security market continue to build toward
practical applications of zero trust philosophies, as the industry gets its
feet under itself in terms of figuring out how to talk with customers about
what 'zero trust' means and how it is supposed to work. For their part, I think
customers are reaching a tipping point of being very well-educated in this
market, and I think that will cause established companies to reposition product
portfolios into a focused 'zero trust' messaging platform, to address the
customer opportunity.
In 2023 the talk will continue around a pending
recession, but we remain hopeful that things will turn around by 2024. People
will begin investing in startups again that are innovating in this space. We
may see a lot of private equity or mergers and acquisition continue to drive the
security space. There will be a definite shift in how people are looking at
this chessboard.
I want to offer simple advice for businesses in the new year,
especially in a downturned economy. Be a good steward of the capital you have
in front of you. I think many companies got into the habit - due to investors
and plentiful cash at low-interest rates - of thinking that you can always get
another round of funding. In a bear market, you realize that's not a
possibility, so you must go back to the fundamentals of business. Be
profitable, and focus on incrementally growing the business. Support the
investments you've made and focus on optimizing your processes that can keep
the pipeline busy without over-complicating it all. For example, with
free-flowing cash, a lot of people were like, 'Let's go, attack 25 different
markets!' Instead, focus on the core markets your business does really well. I
think people were really getting a bit over their skis and trying to do too
much at once.
In 2023, the market will see businesses taking more of an
iterative approach to building out the business, its markets and products.
Every year is a good year to build on solid fundamentals, and 2023 will be a
year for organizations to be smart, and not get over their skis. One of the
biggest trends that will absolutely continue into 2023 is the decentralization
of the traditional corporate headquarters. We have emerged from the pandemic
into a new working reality which is that the best people live where they want
to live. This has led businesses to the compromise of creating a place where
they can work and be contributing to the company's goals but also, they can be
happy and have a fulfilling personal life. I think that the cliche work-life
balance that so many people have struggled with for so long has finally gotten
to a place where it feels attainable with a decentralized workplace. No one
wants a job where they occasionally get to have a life, too. I think that's a
fair expectation.
There are also other benefits to being decentralized,
especially when you look at the distribution of people in city centers, traffic
is horrible and it's not great for the environment. People being able to work
from wherever they happen to be, but still have opportunities for occasional
on-site or human interaction is the future. People want their time to be spent
in meaningful ways, not just filling seats in the office between eight and 6
p.m. I don't think that's a reality. We have the technology to have productive
conversations and get a lot of work done. In the end, I think that's better for
the economy and the planet. It's why we've always been a remote-first business
- because as a company that sells a SaaS solution, we don't need to physically
be in the same location to build our product.
++
Surya Varanasi, CTO, StorCentric (www.storcentric.com):
1.)
The ransomware threat will continue to grow and become increasingly
aggressive - not just from a commercial standpoint, but from a nation-state
warfare perspective as well. Verizon's
2022 Data Breach Investigations Report, reminded us how this past year illustrated, "... how one key
supply chain incident can lead to wide ranging consequences. Compromising the
right partner is a force multiplier for threat actors. Unlike a financially
motivated actor, nation-state threat actors may skip the breach altogether, and
opt to simply keep the access to leverage at a later time." For this reason,
channel solutions providers and end users will prioritize data storage
solutions that can deliver the most reliable, real-world proven protection and
security. Features such as lockdown mode, file fingerprinting, asset serialization,
metadata authentication, private blockchain and robust data verification
algorithms, will transition from nice-to-have, to must-have, while immutability
will become a ubiquitous data storage feature. Solutions that do not offer
these attributes and more won't come even close to making it onto any
organization's short-list.
2.)
Consumer attitudes towards online security and privacy will heighten. A
key driver here will be that while enterprises getting hacked and hit by
ransomware continue to make the headlines, cybercriminals have begun to hit not
just enterprise businesses with deep pockets, but SMBs and individuals. SMBs
and individuals/consumers are actually far more vulnerable to successful
attacks as they do not have the level of protection that larger enterprises
have the budgets to employ. As work from home (WFH) and work from anywhere
(WFA) remain the paradigm for many across the data/analytics field, they will
require data protection and security solutions that can also protect them
wherever they are.
In
the coming year, The ideal cybercrime defense will be a layered defense that
starts with a powerful password, and continues with Unbreakable Backup. As
mentioned, backup has become today's cyber criminals' first target via
ransomware and other malware. An Unbreakable Backup solution however can
provide users with two of the most difficult hurdles for cyber criminals to
overcome - immutable snapshots and object locking. Immutable snapshots are by
default, write-once read-many (WORM) but in the coming year, sophisticated yet
easy to manage features like encryption where the encryption keys are located
in an entirely different location than the data backup copy(ies) will become
standard. And then to further fortify the backup and thwart would be criminals
in the coming year we will see users leveraging object locking, so that data
cannot be deleted or overwritten for a fixed time period, or even indefinitely.
++
Brian Dunagan, Vice President of Engineering, Retrospect (www.retrospect.com):
1.)
Freedom and flexibility will become the mantra of virtually every data
management professional in the coming year. In particular, data management
professionals will seek data mobility solutions that are cloud-enabled and
support data migration, data replication and data synchronization across mixed
environments including disk, tape and cloud to maximize ROI by eliminating data
silos. We will likewise see an uptick in solutions that support vendor-agnostic
file replication and synchronization, are easily deployed and managed on
non-proprietary servers and can transfer millions of files simultaneously -
protecting data in transit to/from the cloud with SSL encryption.
2.)
Ransomware will remain a huge and relentlessly growing global threat, to
high profile targets and to smaller SMBs and individuals as well. There are
likely a few reasons for this continuing trend. Certainly, one is that today's
ransomware is attacking widely, rapidly, aggressively, and randomly -
especially with ransomware as a service (RaaS) becoming increasingly prevalent,
looking for any possible weakness in defense. The second is that SMBs do not
typically have the technology or manpower budget as their enterprise
counterparts.
While
a strong security defense is indispensable, we will see that next year security
leaders will ensure additional measures are taken. Their next step will be
enabling the ability to detect anomalies as early as possible in order to
remediate affected resources. Large enterprises, SMBs and individuals alike will
need a backup target that allows them to lock backups for a designated time
period. Many of the major cloud providers now support object locking, also
referred to as Write-Once-Read-Many (WORM) storage or immutable storage. Users
will leverage the ability to mark objects as locked for a designated period of
time, and in doing so prevent them from being deleted or altered by any user -
internal or external.
++
Justin McCarthy, co-founder and CTO, StrongDM
In
2023 I believe we'll see rebellion against systems that aren't respectful with
our time. Systems that generate ample noise and minimal signal. When it comes
to the demands on our attention in 2023 and beyond, less is more.
Security
technology is one area that has been requiring too much of our attention and
energy for too long. It's frustrating because there's so much friction where it
isn't necessary. There's a better way but consumers of security technology will
have to demand it and developers and engineers have to work on it.
One
small example: authentication. As we move into 2023 we'll look to WebAuthN,
Passkeys, and other passwordless systems to improve the user experience and
reduce the burden on IT teams. That's where we'll really start to feel the difference.
And with this feeling will come elevated expectations that then get transferred
to every other aspect of our IT systems and security environments. Hopefully,
it will push us to ask why it can't be simplified?
++
Richard Bird, Chief Security Officer, Traceable
In
terms of trends we need to shine a light on, 2023 will be the year that
the leaders in the majority of companies, organizations and agencies
around the world wake up on any given morning and think, ‘Whoa, I have a
security problem!' As we close out 2022, most enterprises either don't
realize the size of the risk they currently face with their unsecured and
largely unmanaged API ecosystem or they are willfully ignoring the risks
by believing that API gateways and web application firewalls are
protecting them. We should be very happy that the current state and
maturity of API security affords us the opportunity to get it right in
2023. API security is a greenfield within most companies and organizations
today, which means we are in a moment where we can choose tools, processes
and frameworks that will deliver huge improvements in security and risk
mitigation. The alternative, if we don't capitalize on this moment, is
that in 2024 and beyond API security tactics and performance will be
dictated and demanded of us by regulators and we will no longer have the
flexibility and agility to meet these challenges without the overhead of
compliance pressures.
2023 will be the break-out year for API security as a focus area
for many of the Fortune 1000 companies. The lack of control, security and
governance around APIs isn't just exposing companies to serious risks, but also
to massive amounts of operational inefficiencies caused by APIs being developed
and deployed independently across multiple devops teams. This means that there
are huge numbers of "zombie" APIs, abandoned, but never removed from a
company's systems. There are costly redundancies due to the inability for
companies to enforce and inform DevSecOps on internal standards for API
creation and deployment. Without visibility into the API ecosystem at a
company, you can bet that money is being wasted on the creation of redundant
APIs happening nearly every day. That redundancy comes at a cost, inefficiency
isn't free.
In 2023, API security will drive realizations and revelations by
enterprises that go beyond the threat and risks of APIs. API security is
dependent on the discovery and collection of the APIs that a company is exposed
to. Once organizations take that step, they quickly realize that the entire
operational framework of their API management is problematic. There is very
little in the form of standardization and governance for APIs in most
companies, which means that there are huge amounts of inefficiency and costly
redundancy across those same APIs. API security in 2023 will create a broader
understanding of not only the risks a company is facing, but also the costly
consequences of a broadly unmanaged function within their organizations.
The pathway to self-awareness and self-learning about API
security starts with taking a simple step; exercising intellectual honesty. API
security and operations isn't something new. It is an extension of the best
practices that have always been demanded in the digital world. If you believe
you don't have an API security problem because you don't use a lot of APIs or
because you leverage an API gateway or web application firewall, you're not
being intellectually honest. Every day, in highly publicized events, the attack
surface and vulnerabilities of APIs is being clearly communicated to the
market. Believing that APIs won't be opportunistically exploited by bad actors
just isn't supported by data, evidence and the history of technological
evolution. The time to learn and move on API security is now, not two years
from now when the seriousness of the risk is fully understood.
++
Steve Moore, chief security
strategist, Exabeam
The most significant
observable trend to note as we move into 2023 is the increased use of
credentials in cyberattacks for both initial and persistent access. Currently,
more than half of all attacks happen through stolen credentials. This number
will increase for initial access and remain higher for persistence. Adversaries
are experiencing continued success without using malware to gain access and
sign-in. From there, they can use internal credentials and tools against the
defender.
Additionally, with geopolitical
changes in the world, we will see an uptick in individual businesses falling
victim to nation-state attacks. As information and attack techniques are
shared, we can expect the lines to blur between espionage and criminal
activity. Loyalists to certain nations will continue cooperating with these
international hacking efforts.
As a result, I think we'll see
more governments attempting to create publicly known offensive capabilities to
tear down criminal groups physically and technically. These takedowns of
criminal networks take great diplomacy with speed and patience and active
coordination of local and federal law enforcement.
++
Tyler Farrar, CISO, Exabeam
Nation-state attacks/geo-political matters:
Nation-state
actors will continue cyber operations in 2023; whether these attacks increase,
decrease, or stay the same ultimately depends upon the strategic objectives of
each campaign. Based on the current geopolitical climate, I think we can expect
these cyberattacks to increase across the major players. For example, Russia's
failure in Ukraine exposed its weaknesses to the world, but its attacks are
likely to continue against Ukraine, including operational disruption, cyber
espionage, and disinformation campaigns. It would be unsurprising for the attacks
to expand beyond Ukraine too, as Russia's leader attempts to prove Russia is
not weak. Likewise, cyber espionage is a key tactic in China's strategy for
global influence and territorial supremacy, and I think we can expect these
operations to increase, particularly across private sector companies.
In
2023, state policies will directly influence cybercriminal and hacktivist
communities to obfuscate sources and methods, increasingly blurring the lines
between nation-states, cybercriminals, and hacktivists. Cybersecurity teams
would be wise to remain flexible with respect to threat actor attribution.
Impact of economics on security:
The
economic downturn, and in particular inflation, has - and will continue to have
- a significant impact on security spend, likely forcing reductions and
leveling impacts to organizations and to threat actor behavior. The key
to defense for these organizations is doubling down on cyber talent and
security tools. Meanwhile, security organizations should aim to consolidate
legacy technology platforms, decreasing redundant tooling, in addition to
controlling cloud spend, to manage high operational costs and complex
integrations.
I
think this is a good time to remind organizations that zero trust is simply a
security framework, not a tool. It is not a ‘single solution,' but rather a
framework used to secure data in a modern digital enterprise. Zero trust is
also not overhyped, despite some opinions to the contrary. It has become a
critical step towards mitigating cyber risk, detecting malicious behavior, and
responding to security incidents. By requiring users and devices to be
authenticated, authorized, and continuously monitored for a ‘trusted' security
posture before access is granted, zero trust can contain threats and limit
business impacts when a breach does occur.
Credential-based attacks and evolving threats:
We've
seen the classic Cat and Mouse Game before: as credential-based attacks evolve,
so too do cyber defenses. Threat actors will continue to leverage tried and
true methods like social engineering, initial access brokers, and information
stealer tools to carry out their objectives. Where multi-factor authentication
stands in the way of compromising an account with stolen credentials, we can
expect cyberthreat actors to implement new techniques to bypass this particular
layer of defense. I think this will lead to an expansion of passwordless authentication
solutions, to combat the attackers.
We
can also expect to see more malicious attacks, as anyone can play this game. A
broader set of threat actors will join in to conduct cyber operations in 2023.
They have financial motivation, government mandates to justify their cause, not
to mention bragging rights that increasingly attract a younger group of threat
actors.
Protecting brand as much as infrastructure:
During
the past year, we witnessed several high-profile breaches, where organizations
suffered severe brand damage. This resulted in a shift from data recovery to
reputation management when faced with a ransom. I expect to see threat actors
shift their strategies to exploit this fear through extortion vs. ransomware in
the year ahead.
Further,
threat actors will continue to take advantage of weaknesses in the software
supply chain, which will become the number one threat vector in 2023.
Organizations should create a vendor risk management plan, thoroughly vet
third-parties and require accountability, to remain vigilant and align to cybersecurity
best practices. This is critical too, as cyber insurance claims have exploded.
We can expect to see insurance companies lowering their risk appetite and
reducing client coverage in 2023. If your organization is in the market for a
policy, expect to pay a hefty premium, or face a rigorous review of the
organization's security posture, as insurance companies increase their due
diligence to avoid liability.
++
Arti Raman, CEO and founder, Titaniam
In
2022, we saw a continuous flood of ransomware attacks, which spawned the
increasing adoption of Ransomware as a Service (RaaS). The threat actors behind
these attacks have honed their skills in ransom negotiations and extortion
processes, creating a playbook they can use to go after nearly any
organization. Because of this, the number of ransomware attacks we'll see in
2023 will only continue to rise and move downstream.
To
combat these attacks, organizations in 2021 and 2022 heavily invested in
prevention, detection and backup technology. However, in 2023 that may not be
enough. As threat actors get more creative and innovative with their malicious
attacks, data security professionals also need to embrace newer, more
innovative and effective technologies to defend their systems.
In
fact, a recent report found that more than 99% of
security professionals are searching for better data protection tools to
protect themselves from ransomware and extortion. Similarly, 70% of
participants in a different report indicated they experienced
data theft at some point during the previous 12 months. Of those respondents,
98.6% believe a more modern data security solution could have prevented their
data theft.
While
no prevention technology can guarantee 100% protection, new technology must
focus on assumed breach concepts and providing more guardrails. By analyzing
what made successful breaches successful, we as a cybersecurity community can
take the first step toward a technological shift that will revolutionize how we
fight back against ransomware."
++
Gal Helemski, CTO and co-founder, PlainID
In
2023, identity-first security will gain more focus and adoption. Already we see
increasing growth in the identity space as the importance of identity as the
new security perimeter is sinking in. Identity solutions would expand their
support, especially in the cloud, and provide deeper levels of control. An
essential part of that would be understanding Authorizations and the link
between the identity world and the security of data and digital assets.
Authorization
manages and controls the identities' connection to digital assets (such as
data). That is a fundamental part of identity-first security. It starts with
the authenticated identity and continues with the controlled process of what
that identity can access. Full implementation of identity-first security can't
be achieved without an advanced authorization solution that can address all
required technology patterns of applications, APIs, microservices and data.
I
believe most security leaders are still focused on the perimeter of their
digital enterprise, which needs to change. Identity-first security can't end at
the gate. Identities and their access should be verified and controlled on all
levels, access points, network, applications, services, APIs, data and
infrastructure.
Already
we are seeing that an increasing number of technologies and cloud vendors are
offering the policy option in addition to the traditional entitlement and
role-based method. This is a very positive step towards simplification of this
challenging space.
++
MarKeith Allen, Senior Vice President and GM, Mission-Driven
Organizations, Diligent
Digital Transformation is continuing to make its way into the boardroom in a strong way
and the process will continue to accelerate in 2023. The new reality of work is
a mix of virtual and in-person, and the move to digitize will continue to be a
priority in the new year.
Instead
of being considered an add-on to a digital strategy, modernizing governance, risk and compliance
capabilities should be seen as a core
component. Establishing the clarity and accountability necessary for a
successful digital transformation strategy is key. The need for technology that
provides more than just basic online board data repositories is growing as both
the digital and governance landscapes are evolving quickly. Board portals must evolve into comprehensive
governance, risk, audit, and compliance platforms that promote connectedness
and transparency among executives, boards, and staff.
In 2022 we saw
increased adoption of modern governance initiatives like ESG and tools that
support better decision-making. An example is the rise of organizations-public
and private-focusing on environmentally sound and sustainable solutions in order to
satisfy ever-changing demands. Moving into 2023 we'll see increased demand and adoption of
governance, risk and compliance solutions that provide innovative leaders with the insights to drive
greater impact and lead with purpose.
##