Industry Expert Provides The Top 5 Cybersecurity Predictions For 2023

I can already see that 2023 is shaping up to be one crazy year on a number of fronts. When it comes to cybersecurity, that’s going to absolutely the case. To that end Christopher Prewitt, CTO, Inversion6 provides his top five cybersecurity predictions:

1. Government regulations are about to balloon.

Even with the new understanding between the U.S. and the EU, there will continue to be changes in international privacy requirements. Meanwhile, new security regulations will surely come from the SEC. We’re also likely to see more executive orders, more Congressional committee meetings and a lot more talking overall from politicians in the coming year.

And yet, for all their growth in number and complexity, most of these regulations will probably lack real teeth. We haven’t seen any real shakeups since the birth of the “accept all cookies” button. This is unlikely to change in 2023.

2. Hacktivism is on the rise.

From a cybersecurity perspective, the ongoing conflict in Ukraine is notable as the first war to prompt large-scale cyberattacks from nonmilitary citizens of other nations.

The Ukrainian army has largely outsourced their offensive cyber operations to hackers across the globe, who are now attacking Russian infrastructure as both a hobby and a political statement. I would expect these types of offensive operations across borders to become more mainstream in the coming year. The results could prove very unpredictable.

3. Zero-trust models are about to have a massive impact on security.

As more and more organizations abandon their internally hosted data centers and migrate to the cloud, they will increasingly rely on zero-trust models to improve security and prevent lateral movement.

In the near future, this new reality will fundamentally change how we perform penetration testing and how we secure our networks. Together, a cloud workload and a zero-trust model will essentially eviscerate the network edge and may even remove the need for significant network security for some organizations.

4. Active response will become the default defense posture.

Historically, the industry has evolved from preventive to detective controls. Still, alerts and timely response have done little to slow the threats. As a result, we may well see systems begin to self-assess and respond to attacks in real-time using locked accounts, forced password resets, network contain systems or other methods to prevent data from egressing.

If things get bad enough, we can expect to see these features become default configurations, and we will begin experiencing auto-responses from many of the platforms we use and operate.

5. Governments will be more direct on attribution.

In 2022, we saw multiple public reports of U.S. espionage efforts in China. This falls in line with the U.S. government’s recent trend of outing its own cybersecurity enemies by name.

As China, Iran, North Korea and others continue to develop their defensive capabilities, we’ll likely hear more and more about attribution of attacks. We can also expect to hear more about the U.S.’ cyber operations, whether we like it or not.

Leave a Reply

%d bloggers like this: