Virtualization Technology News and Information
Mimecast 2023 Predictions: Threat actors set their sights on collaboration tools and take social engineering to the next level plus much more!


Industry executives and experts share their predictions for 2023.  Read them in this 15th annual series exclusive.

Threat actors set their sights on collaboration tools and take social engineering to the next level plus much more!

By Brian Pinnock, VP SE EMEA, Mimecast

The cyber threat landscape is complex and continuously evolving. Each year, the tactics, techniques and procedures of threat actors become more difficult to defend as cybercrime grows in sophistication and funding. However, a common theme still exists - email remains the primary attack vector. In fact, the Mimecast 2022 State of Email Security Report found that eight in 10 companies are bracing for the fallout from an email-borne attack, while 96% acknowledge that their organization had faced a form of phishing attack in the past year.

Beyond these basics, what else should you look out for in 2023? I would pay attention to the evolving threat landscape as we are likely to see many repeat victims in the coming year. The victims of relatively unsophisticated initial attacks often lack risk appreciation or cyber skills at the board and executive level which, in turn, drives insufficient investments in adequate tools and execution.

From a big picture standpoint, I see geopolitical cyberattacks increasing in 2023. Cybercrime groups are likely to fracture along lines drawn by the emerging geopolitical environments in Russia, North Korea, Iran - and maybe China. Eastern Europe will likely see the most change with Ukrainian and pro-NATO eastern European nations targeting Russia and its allies. However, it's likely these groups will still target western countries as well, unlike Russian gangs who will likely continue to solely target western nations.

In addition to thoughts of my own, below is a diverse collection of thought leadership predictions from a few of my colleagues across the Mimecast global team.

David Raissipour, CTPO  

Hybrid Business Collaboration Channels Will Remain Top Target 

The past year has taught us that threat actors are increasingly exploiting societal shifts to hybrid work environments as an opportunity to deploy brand impersonation attacks on a wider and more dangerous scale. In turn, the collaboration channels that are now fixtures of our new way of working - Slack, Microsoft Teams, Zoom, Sharepoint, etc. - have joined email as a primary attack vector for stealing sensitive data, employee network credentials, and customer P.I.I. archives. That won't change any time soon. To work protected in 2023, organizations will need to leverage AI-enabled automation tools and technologies that can extend beyond email security to effectively safeguard the intersection of hybrid business communications, people, and data. 


Dirk Jan Koekkoek, VP Product Management

Multi Layered Attacks are Just Getting Started

In 2023, we will see more multi-layered attacks where both technical and human elements play a role. The new digital work environment provides more opportunities for attackers to gain initial access and increases possibilities to move laterally and elevate privileges.  

Last September's cyberattack on Uber is one example. Allegedly, breached credentials, multi-factor authentication (MFA) fatigue, and social engineering allowed the threat actor to obtain access to several critical IT systems. It's expected that we will see more of these ahead. 

Organizations need to look at the bigger picture, taking a viewpoint from the individuals who work with the technology is key. User behavior across all tools, communication channels and devices must be considered to protect in 2023. 


Elaine Lee, Senior Engineering Manager - Data Science Labs

The skills gap in Cybersecurity, particularly in AI/ML expertise, will probably be felt more acutely in 2023.

 In 2022, newsworthy attacks were typically very targeted, methodically planned, but still very manual in nature (e.g. a hacker undertaking multiple manual steps in the September Uber breach). Customers will be looking for cybersecurity products that can effectively protect against a multi-stage attack like this.  But to detect these attacks, the existing detection systems need to be harmonized effectively and turned into a meta-system. As a result, cybersecurity companies will be looking for [more] AI/ML expertise to design and implement these meta-systems, in an already tight labor market.


Duane Nicol, Sr. Product Manager - Awareness Training

Phishing will become less prevalent as a primary source of data to quantify risk.

Most corporate email gateways do a great job of blocking out malicious emails, so testing will become somewhat superfluous because of the improbability of employees ever receiving an actual phishing email. In 2023 most employees will likely receive more simulated phishing emails than real ones in corporate email, but that of course doesn't stop threat actors from relentlessly attacking their personal machines. This still involves inherent risk as many users admit to using their corporate devices to transact personally. If a user, not entirely aware of the risks, open a malicious email in their personal inboxes this could still have a significant effect on the business.

It is thus why businesses need to continue driving basic awareness principles to users, so that at any stage of the communication journey when faced with a suspicious email, they apply the same knowledge irrespective, thus keeping themselves safe. A user that keeps him/herself safe has an incredible +1 effect on the businesses strategy to mitigate risk.


Kiri Addison, Senior Product Manager, Threat Detection & Efficacy

Threat actors will take social engineering to the next level. As AI voice cloning technology becomes more powerful and readily available, we will see an increase in impersonation attacks that utilize audio deepfakes. These will be used in combination with compromised email and collaboration accounts.


Jose Lopez, Principal Data Scientist

Threat actors will use accessible Large Language Models to create campaigns using natural language and automatic social engineering to aim at the most vulnerable persons in companies. This way, they will be able to manage more attacks while at the same time improving their success ratio.



Brian Pinnock, VP SE EMEA


Mimecast empowers more than 40,000 customers to help mitigate risk and manage complexities across a threat landscape driven by malicious cyberattacks, human error, and technology fallibility. As Vice President of Sales Engineering at Mimecast, Brian manages an international team of sales engineers across Europe, Middle East and Africa, providing technical sales functions to Mimecast's sales staff, reseller partners and customers in each region. Before joining the company in 2016 he headed up innovation at Internet Solutions. When Brian joined Mimecast, he was appointed regional manager for sales engineering for Middle East and Africa. In 2020 was promoted to look after Europe as well. Brian has over 20 years' experience in pre-sales, sales, R&D and product development in network communications, messaging and information security. His current focus is driving the expansion of Mimecast cloud-based email and web security as well as threat intelligence by helping organizations leverage their existing security investments. For more insights on how to Work Protected by securing your business communications, people and data, stay tuned to the Mimecast blog Cyber Resilience Insights.

Published Monday, December 19, 2022 7:41 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<December 2022>