Industry executives and experts share their predictions for 2023.  Read them in this 15th annual VMblog.com series exclusive.

The Need for Predictive Intelligence in Cybersecurity for 2023

By Aaron Sandeen, CEO of Cyber Security Works

The cybersecurity industry is looking shaky for 2023. The deteriorating economy, lack of resources, an overload of data, as well as more sophisticated cyber attacks are all contributing to a rise in cybersecurity risks. I believe that predictive intelligence will be the future of cybersecurity as it will allow organizations to make quick and impactful decisions to keep themselves safe.

The macroeconomic outlook for 2023 is extremely questionable right now, which is affecting the cybersecurity sector. Even now organizations are going through major layoffs and hiring freezes as they try to navigate an unsure economy with rising inflation, increased interest rates, and a possible recession. Companies are trying to stay afloat by cutting costs drastically, including slashing cybersecurity and IT budgets.

Reduced staff and tight budgets can lead to more opportunities for cyber attacks. When the economy gets bad, hacking gets worse. Organizations are going to struggle to protect themselves with their remaining resources and bad actors are going to take advantage of that. Cyberthreats will become more sophisticated and damaging in 2023 with a bigger selection of attack vectors to choose from.

If organizations are worried about cutting their budgets or reducing and replacing staff it's going to slow down security decisions. It's going to slow them down from scheduling a penetration test, how often they're doing vulnerability management, or from adopting attack surface management. This stall in decision making will decrease an organization's ability to keep a strong defense from a cybersecurity attack.

When it comes to cybersecurity, organizations are already having a hard time hitting the mark. They are being required to improve security and conform with regulations set by the Federal Communications Commission (FCC) and Cybersecurity and Infrastructure Security Agency (CISA). Regulatory requirements, such as General Data Protection Regulation (GDPR) and ISO compliance, will make the landscape even more complex.

With the poor economic conditions and staff reduction organizations are lacking the manpower and tools to uphold their cybersecurity defenses. The shortage of security-savvy talent and skills as well as staff's inability or unwillingness to act on security alerts will intensify future cybersecurity threats. This makes it extremely difficult for organizations to get cybersecurity insurance and poses challenges that organizations have never faced before.

As if that wasn't enough, "There is too much data" is a common complaint in the cybersecurity industry, and it's true! In an age where organizations have to deal with a flood of sensitive data, it's becoming more and more important to make sense of what you have. People need to work smarter, they need better intelligence. Sorting through raw data like logs, reports, findings, and lists of vulnerabilities to find what is important and relevant is simply overwhelming and time consuming.

Cybersecurity teams need to focus on how they can sift through and prioritize all that data. In order to do that, I believe predictive intelligence combined with actionable insights will be the driving factor for cybersecurity programs in 2023. Raw data combined with contextual threat intelligence continually updated through automation, artificial intelligence (AI), machine learning (ML), plus expert validation, equals better cybersecurity.

Having solid cybersecurity intelligence means an organization can make decisions quickly and act quickly. Cybersecurity is a cat and mouse game. Technologies advance and new exploits are found. Security teams try to adjust and patch, but the current ways are not working. Every time patches are made, cybercriminals find ways around them. We need to stop an attack before it even happens. To stay ahead, security teams need to invest in early warning security intelligence.

It's clear that cybersecurity will become even more important over the next year. It always is, but with the poor economic outlook, lack of resources, and attacks on the rise, I feel that this will be a critical time as cybersecurity barriers begin to fall. The need for predictive intelligence to sift through copious amounts of data and provide actionable insights will be an integral factor in cybersecurity for 2023.

##

ABOUT THE AUTHOR

Aaron Sandeen, CEO of Cyber Security Works

Aaron is a visionary leader with more than 17 years of experience in technology. Aaron has served as the State Chief Information Officer and the Deputy Director of the Department of Administration for the state of Arizona and spearheaded Arizona's technology vision and strategy. Prior to this, Aaron helped drive technology growth in Intel, Microsoft, Syntellect, and the UnitedHealth Group. In 2015, he co-founded Zuggand, a technology consulting and services firm specializing in Cloud, IoT, and security. Under his leadership, Zuggand quickly made its mark in the cloud computing sector as an Amazon Web Services (AWS) consulting partner.