Industry executives and experts share their predictions for 2023. Read them in this 15th annual VMblog.com series exclusive.
The Forecast for Security Teams
By Jeremy
Ventura, Director, Security Strategy, Field
CISO, ThreatX
2022 has seen a year full of security challenges impacting everything
from infrastructure, to IoT, to financial systems, and more. Supply chain
attacks surged and the increased use of AI continued to expose sensitive data. As
we look ahead, it's safe to assume that 2023 will be no different - cybercriminals
are getting smarter, and attacks are evolving rapidly. But with the right
security strategy and tools, organizations across all industries can combat the
growing attack landscape. Here is my list of 2023 predictions for security
teams to consider as they map out another year of cybersecurity strategies.
Security teams will need to do more with less
CISOs are transitioning away from adopting the "next big thing" in
technology, and instead focusing on ensuring that the tools they currently have
are adequate. In 2023, organizations will
have to prioritize and re-evaluate their solution strategy so that it's mapped
to the areas that provide the greatest ROI for the businesses. Teams will have to double down on the
investments they have already made and choose how and where to spend funding
wisely. To remain protected, these teams will have to shift investments to
ensure fundamental cyber hygiene is met - ultimately doing more with less.
As we have seen in the previous year, cybersecurity is not immune to the
macroeconomic climate. Budget cuts and reallocation of funding are expected. We
continue to see layoffs in some of the largest tech companies in the world. There
will be extra scrutiny on how well our teams implement the tools they purchase.
With the looming economic recession, organizations are going to restructure
their systems, and we'll also see investment in longer-term partnerships with
vendors. To justify to stakeholders why they need certain tools, companies should
consider implementing two to three-year relationships with vendors, rather than
the previously typical one-year.
The velocity of cyberattacks will stay the same, but get more
sophisticated
While many attack strategies will stay the same, cybercriminals are
likely to increase their focus on specific industries when deploying attacks.
Education, manufacturing and healthcare organizations are still increasingly
being targeted due to the sensitive information they hold but also because
traditionally they are struggling for resources. In addition, 2022
saw an increase in bot activity and attacks on the
supply chain, and these should continue into the new year. To combat this, organizations
need to revisit the fundamentals of cybersecurity. Conducting security
awareness trainings, staying on top of simulations, testing to make sure
internal teams are prepared when an attack hit- all of these processes are the
basic procedures that will help protect systems from attacks. Organizations need
to double down on the infrastructure and people within their company to ensure they
are prepared for the next threat.
A rise in managed service
security programs
Investing in and establishing
strong relationships with MSSPs is going to be more essential than ever. Organizations
should spend time ensuring these services are secure and determining the value that
these programs add to an organization. Instead of attempting to manage security
threats coming from every direction, organizations should invest in a security
partner that can give security professionals the time to focus on mitigating
the larger attacks. Remember, these partnerships are an extension of the
organization.
Conclusion
While there is no way to predict what the next big cyberattack will be,
historical trends show that the first half of the year is when attacks are at
their most intense. Organizations should ask: how do we prepare the business
for that inevitable breach? Do we have visibility into our endpoints? Are we
regularly updating and patching our systems? Do we know who owns/has access to
which assets?
In addition, security leaders need to do their due diligence in keeping
policies and procedures up to date, conducting security training, and making
sure their organization is prepared for the next thing that can and most likely
will happen.
##
ABOUT THE AUTHOR
Jeremy Ventura is a cybersecurity professional,
specializing in advising organizations on information security best practices. He
has years of experience in vulnerability management, email security, incident
response and security center operations. At ThreatX, he is responsible for the
development and presentation of thought leadership across all areas of
cybersecurity. Ventura is an industry leader that can regularly be seen in
media, blog posts, podcasts and at speaking events. Previously, Ventura has
worked at Gong, Mimecast, Tenable and IBM, among other security organizations.
Ventura holds a Master's Degree in Cybersecurity and Homeland Security.