2022 turned out to be another year in which cybercriminals kept security professionals on their toes. While more organizations appear to be taking the necessary steps to combat cyberattacks, the battle continues.
What can organizations and technology leaders expect in terms of cybercrime this year, as ransomware and security vulnerabilities and other threats pose a seemingly endless threat? Here are 10 predictions from cybersecurity experts.
Ransomware attackers will focus more on data exfiltration
“The threat of ransomware will persist even as the number of attacks decreases,” said Matt Hull, Global Head of Threat Intelligence at Cyber Threat Advisor NCC Group. “However, we are seeing an evolution in how groups operate, not only through law enforcement intervention, but also through collaboration between governments and regulators to address the problem.”
Hull believes ransomware gangs will continue to diversify their activities, focusing less on encrypting data and more on exfiltrating data and conducting distributed denial-of-service attacks.
“If recent years have been marked by ransomware attacks from organized hacking groups, we are now entering an era where an increasing number of threats will come from state-sponsored actors seeking to disarm global economies,” said Asaf Kochan, co-founder and president from cloud security provider Sentra. “This poses a direct threat to specific industries, including energy, shipping, financial services and chip manufacturing.”
According to Kochan, these attacks do not stop at stealing intellectual property or demanding ransoms. Instead, they aim to disrupt, compromise and even shut down critical operations and infrastructure on a national level.
Cyberattacks via personal communication cause tension between employees and employers
“Social engineering attacks originating from employee-owned communication channels make headlines every week,” said Steven Spadaccini, vice president of threat intelligence for security provider SafeGuard Cyber. “Cybercriminals target valuable employees on LinkedIn, Telegram and WhatsApp to infiltrate companies.”
In response, employers try to enforce security policies, Spadaccini said, but they must weigh the risks against the rewards. A conflict between personal privacy and company visibility could bring its first class action lawsuit in 2023 to test the boundaries.
SEE: Physical IT Security Policy (TechRepublic Premium)
Security compliance from third-party vendors is coming
“Today’s enterprises rely on a web of third-party providers for microservices and other outsourced solutions,” said Kochan. “While these third-party service providers can be more efficient and cost-effective than in-house tools, they often serve as unprotected conduits for malicious activity.”
This was revealed in a study by Gartner more than 80% of the risks from third-party suppliers are discovered after the initial onboarding and due diligence process, showing that traditional due diligence methods fail to uncover the risks, Kochan added. As a result, organizations are already implementing stricter standards for third-party suppliers, a trend that will become even more formal in 2023.
Local environments become more vulnerable to security threats
“The future is in the cloud and the world’s most talented engineers and developers are highly motivated to work on this breakthrough technology,” said Kochan. “This puts organizations operating on legacy on-prem systems – including a significant number of Fortune 500 companies and other industry leaders – at a competitive disadvantage when seeking new talent.”
As more IT professionals turn to cloud-centric work, organizations will struggle to keep their best engineering and security teams, Kochan added. In turn, on-premises environments will be more vulnerable to compromise as cybercriminals exploit unpatchable legacy technology.
Continued transition to the cloud will increase security needs
“Organizations are leveraging cloud-first technology to move faster in their domain while improving cost and time efficiency,” said Dan Garcia, chief information security officer for software vendor EDB. “While both hybrid and multicloud approaches provide more options for accessibility and workload balancing, these environments can also exacerbate security gaps.”
To address the risks and vulnerabilities of cloud environments, organizations will need to ramp up education and training of their employees, Garcia said. Organizations that do not have the in-house resources to effectively manage cloud environments should consider third parties with the appropriate expertise in cloud privacy, security, and deployment.
SEE Security Awareness and Training Policy (TechRepublic Premium)
Data storage solutions must provide proven protection and security
“Channel solution providers and end users will prioritize data storage solutions that can provide the most reliable, field-proven protection and security,” said Surya Varanasi, chief technology officer of enterprise storage vendor StorCentric. “Features such as lock mode, file fingerprinting, asset serialization, metadata authentication, private blockchain, and robust data verification algorithms will transition from nice-to-have to must-have, while immutability will become a ubiquitous data storage feature.”
Consumer attitudes towards online safety and privacy will increase
“As businesses that get hacked and affected by ransomware continue to make headlines, cybercriminals are starting to target not only deep-pocketed enterprises, but also SMBs and individuals,” said Varanasi.
SMBs and individuals are more vulnerable to cyberattacks because they don’t have the level of protection or large budgets of large enterprises, Varanasi noted. However, with remote work and remote access – the model for today’s employee and consumer – people will need and demand data protection and security that can protect them wherever they are.
Software-defined perimeters will begin to surpass VPNs
“I predict that by 2023, SDP will finally surpass VPNs as the dominant technology for connecting people and devices remotely,” said Don Boxley, CEO and co-founder of enterprise security provider DH2i. “More and more IT professionals are already successfully using it to connect to cloud or on-premises applications wherever they are, and they’re talking about it.”
Boxley also believes that VPNs will decline in popularity due to bugs and performance issues. In the past, a small number of people depended on VPNs, but with the move to a remote workforce, the risks of VPNs have multiplied, many of which are mitigated with SDPs.
The responsibilities of CISOs will continue to expand
“CISOs are already responsible for ensuring business compliance, hiring the right people, implementing strong threat management, and getting vulnerabilities under control,” said Ulfar Erlingsson, lead architect of cloud security platform Lacework. “CEOs and boards of directors are increasingly giving CISOs an even bigger mandate, asking them to reduce the chance of intrusions, data exfiltration, ransomware, etc. to zero.”
To handle the increased responsibilities of preventing security breaches and other threats, CISOs may not have the time to build their own in-house solutions, Erlingsson added. Instead, they should consider third-party technologies, largely based on automation, as a way to complement the skills and resources of their internal teams.
Read next: Security risk assessment checklist (TechRepublic Premium)