Virtualization Technology News and Information
Article
RSS
SonicWall 2023 Predictions: 2023 will bring more shifts to the cybersecurity landscape - Make sure you're prepared

vmblog-predictions-2023 

Industry executives and experts share their predictions for 2023.  Read them in this 15th annual VMblog.com series exclusive.

2023 will bring more shifts to the cybersecurity landscape - Make sure you're prepared

By Immanuel Chavoya, Threat Detection & Response Strategist, SonicWall

We have seen a drastic shift in the cybersecurity landscape over the last several years, driven by the COVID-19 pandemic, remote and hybrid work, and rising international conflicts. 2021 saw record ransomware, and this year brought the first escalation of global malware volume in more than three years. In the first half of 2022 alone, SonicWall observed 2.8 billion malware attacks, a 45% increase in never-before-seen malware variants, and 77% increase in IoT malware attacks.

With 2023 around the corner, many are wondering what cybersecurity threats and trends the new year may bring. To answer that question, I have a few trends and predictions to share from myself and colleagues at SonicWall to help businesses prepare for the new threat landscape.

Cybercrime-as-a-Service fuels bad actors

Vying for dominance in the billion-dollar cybercrime industry, threat actors are going to use the tactics of cybersecurity intelligence providers to begin flooding the market with false flags, diluting actionable intelligence, pointing the finger at competing criminal syndicates. With the rise in sanctions and global takedown coordination, threat actors will become savvy to the practices of threat intelligence providers and begin using BAS to plant false flags. In other words, we will see threat actors adopt cutting edge tactics such as Breach and Attack Simulation (BAS), to simulate other threat actors' TTPs.

Immanuel Chavoya, Emerging Threat Expert at SonicWall

Remote and hybrid work brings threats home

The days of 2-hour commutes and endless traffic are history. Remote and hybrid workforces are here to stay, bringing a huge societal shift that will impact everyone. But in addition to more freedom and time at home, this shift will also bring new challenges and threats - welcoming threat actors into the home. We have already seen an uptick in attacks targeting remote and hybrid environments over the past year, but in 2023, this may come to a head as threat actors target weak MFA and other vulnerabilities in the home office.

Derek Maggiacomo, Vice President, North America Sales at SonicWall

CISOs will be held personally responsible for security breaches

In 2002, the United States passed the SOX (or Sarbanes-Oxley) law in response to a number of major corporate and accounting scandals, including Enron and WorldCom. Under title III of this law, principal officers (commonly agreed to mean CEO and CFO) of public companies have to take individual responsibility for the accuracy and completeness of corporate financial reports. The law enforces specific limits on the behaviors of corporate officers and describes forfeitures of benefits and civil penalties for non-compliance. Now, 2022 brought the first criminal prosecution of a tech company executive over a data breach. Going forward, we will see CISOs being held personally responsible for security breaches on their watch and for ensuring that appropriate compliance policies are followed after breaches.

Sarah Choi, Senior PMM for SonicWall Capture Client and SonicWall TZ products

The good news is that there are steps businesses can take now to ensure they are protected from evolving cyber threats. With a hybrid workforce, a successful cybersecurity strategy starts with employees, taking steps to improve password security, implementing a strong form of multi-factor authentication, and training all employees to recognize the signs of common social engineering attacks. Patching vulnerabilities in software is also key but is something organizations often forget, with a recent survey finding 78% of organizations don't patch critical vulnerabilities within 24 hours of patch availability. Ultimately, those who prepare now will fare better no matter what shifts the cybersecurity landscape may bring in the new year.

##

Published Monday, January 02, 2023 10:02 AM by David Marshall
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<January 2023>
SuMoTuWeThFrSa
25262728293031
1234567
891011121314
15161718192021
22232425262728
2930311234