2022 was another record year for cyberattacks. Despite efforts to deter ransomware groups, large brand names and governments continued to fall victim to ransomware attacks, with Uber, Twitter and the Costa Rican government being some of the largest attacks of the year.
As with the turn of each new year, predictions for the months ahead are popular for helping companies determine where they should be focused next. As an IM and PR agency with a strong security focus, we partner with brands that stay on the cutting edge of the industry — so we asked several of our clients for their thoughts.
While many 2023 security predictions are related to ransomware, some call for more employee training and security best practices, as well as how the relationship between data protection and consumer trust will influence organizations’ business practices in the future.
Here’s what experts from our clients Veeam, Menlo Security, Devo, Bitdefender and Thales had to share for their 2023 security predictions:
“Using AI and machine learning to combat ransomware attacks can help strengthen a company: Ransomware, phishing attacks, and data breaches have become all too familiar among organizations, and while these attacks are not new concerns, it has and will consistently take its toll on industries. What’s more, bad actors show no sign of stopping. To combat these ongoing and evolving attacks, AI and machine learning will be beneficial and organizations look towards these tools as we approach another hyperactive cyberthreat landscape in 2023. When implemented, AI can protect individual projects and core ecosystem services, while identifying deployed open-source programs and applying an automated security analysis.”
“Ransomware attacks will continue to rise in 2023. In today’s threat landscape no one’s systems are safe and there’s no signs of cybercriminals slowing down these efforts. Humans are the weakest link when it comes to security. Our research found that employees ignoring corporate security advice topped the list of IT security decision maker’s biggest concerns and 39% worry about ransomware attacks evolving beyond their company’s security capabilities. It’s no surprise that cyber attackers are becoming increasingly intelligent as we continue to see an emergence in techniques that can evade typical security stacks, like Highly Evasive Adaptive Threats (HEAT) attacks.”
As an IM and PR agency with a strong security focus, we partner with brands that stay on the cutting edge of the industry — so we asked several of our clients for their 2023 security predictions.
“There’s a lot of misconception today around who owns security. There’s a CISO — who is accountable for setting the strategy — but they cannot implement that strategy if there is no buy-in from other areas in the organization. It is up to those in each department to apply the controls that the security team recommends or mandates. This disconnect between the expectations of the security team and the actual implementation is where we see things fall through the cracks. 2023 will be the year that organizations seek to solve this problem and place more departmental emphasis on implementing security best practices.”
“IoT vulnerabilities will continue. An area that will continue to plague IoT vendors in 2023 is their slow response (or lack thereof) to security researcher contact for vulnerability disclosure and patching. Some mitigation is expected by new regulation such as the EU Cyber Resilience Act, however that will introduce mandatory cybersecurity requirements for products sold in the bloc, but the law isn’t expected to have authority until 2025 at earliest.”
“The relationship between data protection and consumer trust will continue to drive how organizations approach business practices in the New Year. The trending lack of consumer trust in 2022, will continue into 2023, along with an increased attention around data provenance. Simplifying the process of identifying the origin of data and providing an extra lens to view data’s trustworthiness will drive the need for enhanced data provenance. While the U.S. currently has no national framework around data privacy, there will be a push for businesses to provide compliance guarantees that are consistent with other global standards. In general, consumers will be asking large organizations, including Governments, to take data provenance more seriously and share details more openly to build their trust. This will drive customer buying decisions and will be critical in mitigating the consumer lack of trust.”