CyberInsurance Murkiness to Shape Shifting Ransomware - What 2023 holds for us in terms of Cybersecurity ?

Well, we all love predictions, don’t we? The new year rings in and there is a flood of predictions from all ends - financial trends, fashion trends, puppy trends, climate trends, and whatnot!! How can cybersecurity be far behind? Google “Cybersecurity Trends 2023” and you will find myriad results on this. What does this blog post offer then? 

Well, I thought it to write it from my perspective, rather than making it to upsell the services which these companies offer while writing such articles. An antivirus company’s security trends are all focused on malware and how that company can help you overcome it. A SIEM company wants you to use the new tools and so forth…

Here is a set of predictions from my perspective:

CyberSecurity Talent Supply Issues will continue to rise and the payouts will increase drastically

While tech companies may be laying off employees, cybersecurity will continue to thrive and companies will have a hard time finding talent. The attrition levels will rise along with burnout which professionals suffer due to heavy workload. 

Artificial Intelligence will play a big role in defensive as well as offensive cybersecurity.

Artificial intelligence and machine learning continue to be leaps and bound ahead in terms of sophistication. Deep fakes will become more real with disinformation being the norm. The bad guys will use it for offense while the good guys will use them for defense. The cat and mouse game will continue with AI as the new tool in this game.

5G will give rise to more sophisticated attacks and they will be more prevalent than ever before.

When has technology ever been put only for good use? Faster internet speeds mean the faster deployment of sophisticated malware. Attacks that can be carried out quickly from the comfort of a mobile phone. 

Cyber insurance will become more and more translucent than transparent.

Insurance has always been based on historical trends and predictive analysis. With cybersecurity, your predictions can be thrown out of the window in the blink of an eye. You never know when a zero-day vulnerability pops up and brings a big business to bankruptcy. Cyber insurance will be a risky business and the best bet for companies in this business will be to make the terms and conditions so murky that legal will have a hard time recommending one of them.

Passwords will die a slow death and the final countdown has begun for it.

Passkeys / Touch Ids and whatnot will be the norm going forward. Passwords are already on a ventilator and they will be switched in favor of other options.

Cloud adoption will rise along with cloud costs and attacks on the cloud.

There is no doubt that the cloud will be used by more and more organizations around the world. When something is so popular, it is bound to be the next target of cybercriminals. 

Metaverse will add to the attack surface with new threats coming in.

Let Apple launch the VR in 2023 and we will have a new entrant in the wearable category, with the Chinese companies bringing in a cheaper version of it within days. More the devices, the more the attack surface and the merrier!!

Ransomware will come up in more flavors!!

Well, ransomware is always the flavor of the season for cybercriminals and the cloud will be the next target of cybercriminals. While cloud providers have been able to evade the attacks, the shape-shifting ransomware will be the next big service ( SAAS, pun intended).

Complex supply chain risks will continue to rise.

Today’s hyperconnected global economy has driven organizations to heavily depend on their supply chains — from the components within their physical and digital products to the services they require to run their day-to-day operations. 

This critical interdependence makes supply chain security and risk transformation an imperative for today’s globally connected businesses. 

Finally, more regulations and audits, and standards to the rescue (or pain in the @rse) for organizations around the world.

ISO 27001:2022 has arrived and has brought in a bit of change. New regulations and standards will surely be knocking on our doors and organizations will have to adhere to a lot of them.  

At the same time, wishing all the readers a very happy, healthy, and cyber-safe new year. May all your dreams and wishes come true !!

What are your thoughts on this? How do you think the cybersecurity landscape will pan out in 2023?


You may also like to read...

Identification, Authentication, Authorization, and Accountability

Access Control Models - DAC, MAC, RBAC , Rule Based & ABAC

How to Pass SSCP Exam in the First Attempt

Understanding Security Modes - Dedicated , System high, Compartmented , Multilevel

Cloud Computing - The Logical Model