2023 Cybersecurity Trends We’re Tracking

December 16, 2022 CyberArk Blog Team

Cybersecurity doesn’t happen in a vacuum. Evolving attack trends, world events, regulatory changes, shifting organizational priorities and many other factors influence enterprise programs. With 2023 just around the corner, cybersecurity teams are considering them all carefully as they chart their course.

We asked members of the CyberArk team to weigh in on top trends influencing 2023 cybersecurity strategies. Here’s what they had to say about new (or reemergent) challenges and opportunities ahead.

First up, a look at how rising geopolitical risk is impacting cybersecurity leaders’ bottom lines.

 “As big banks predict a gloomy economic outlook for 2023, CISOs are being asked to do even more with less. Security leaders’ need to manage ever-growing business risk while flat-lining (or even slashing) operational spending will likely drive further consolidation across the cybersecurity market and accelerate cloud adoption to maximize efficiencies.” – David Higgins, Senior Director, Field Technology Office, CyberArk

During this turbulent economic time, major cloud service providers (CSPs) and their partners are focusing on interoperability to help customers cut costs and minimize friction.

“As evidenced at last month’s AWS re:Invent event, major cloud service providers (CSPs) are investing heavily in making services more flexible. This enables organizations to extend existing tech investments, such as their own security tools, throughout their hybrid cloud environments. From a practical standpoint, this means security teams don’t have to learn another system, toggle between another interface or hire specialized experts to bridge skills gaps. More security interoperability translates to more effective risk reduction in the cloud.” – Sam Flaster, Product Marketing Team Lead, PAM, CyberArk

Zoom back from the major CSPs to consider the much larger (and constantly expanding) cloud security ecosystem, and there’s likely to be at least one major shakeup ahead.

“Billions of dollars have been invested in cloud security, creating numerous unicorns along the way. However, despite the plethora of acronyms (i.e., CSPM, CIEM, CWPP, CNAP), we are still in the very early innings. As cloud security requirements come into sharper focus and investors lose patience with companies who generate massive losses, there will be at least one high-profile cloud security vendor implosion in the coming year.” – Clarence Hinton, Chief Strategy Officer, Head of Corporate Development, CyberArk

From the cloud to the CI/CD pipeline, cyberattacks continue to surge, but underlying attack motivations are changing. As we’ve learned from history, times of economic uncertainty bring more financially driven criminal activity. Thanks to commoditized ransomware, the bar to entry is lower than ever, and even unskilled attackers can make cash fast.

“2022 was the worst year for ransomware to date and we can expect more of the same in 2023 – except motivations will shift from ideological to financial, causing a spike in hit and run-style attacks made possible by readily available RaaS and access as a service.” – Daniel Schwartzer, Chief Product Technologist, CyberArk

Meanwhile, the ongoing Ukraine conflict continues to drive increased threats and cyberattacks on critical infrastructure, creating heightened urgency for collaboration. For instance, just this month more than 1,000 global cyber professionals from NATO member countries came together to conduct cyberattack simulations on critical infrastructure to test response capabilities.

“More concerned countries are banding together to combat cyberterrorism and strengthen defenses to protect critical infrastructure and citizens. This push will extend to the private sector in the coming year, with enterprise organizations answering the call to help bring systems back online after attacks and fending off future threats to our modern way of life. As global cyber collaboration increases, the stakes will become higher for those unwilling to join the fight.” – David Higgins, Senior Director, Field Technology Office, CyberArk

As it becomes more difficult to keep attackers out of critical infrastructure environments, governing bodies and insurance carriers are stepping up specific cybersecurity requirements that emphasize threat detection and response capabilities inside the network. To meet these requirements and defend against attacks, organizations must find ways to verify, manage and secure identities continuously.

“More organizations are falling within the scope of heightened cybersecurity requirements for the first time, signaling major compliance changes ahead. For example, Australia’s expanded Security of Critical Infrastructure Act (SOCI) now encompasses 11 sectors and places stringent cybersecurity requirements on critical infrastructure owners/operators as well as the businesses who have a direct interest in critical infrastructure assets. And many businesses operating in Europe are assessing their cybersecurity activities and evaluating their governance frameworks as they prepare to meet significantly expanded requirements outlined in the NIS2 Directive.” – David Higgins, Senior Director, Field Technology Office, CyberArk

Rising regulatory requirements don’t stop at cybersecurity. Environmental sustainability is becoming a strategic imperative for businesses and guidelines for corporate disclosures are coming into focus.

“Corporations’ net zero commitments are set to double between 2022 and 2023 – and the pressure is on to back up these pledges with real action. Expect to see value chain emissions reporting requirements intensify in the next 12 months, with mandates for proof of carbon footprint labels and other validation methods becoming more mainstream for both consumer and enterprise products and services.” – Daniel Schwartzer, Chief Product Technologist, CyberArk

One thing that won’t change in 2023 is remote work. It’s here to stay, which may force some security teams to backtrack to address cybersecurity debt.

 “In the rush to support work-from-home requirements, many organizations got VPN access up and running and ‘checked the box’ during the pandemic. But did they really check it? Three years later, workers are still logging on from home using corporate devices (and risky habits like using default wireless router passwords persist). What impact will the recent wave of corporate layoffs and departures have on all those corporate assets sitting in people’s bedrooms? We may start to understand in the months ahead. – Chris Maroun, Senior Director, Field Technology Office, CyberArk

Are organizations ready to face these cybersecurity challenges in the months ahead? Many C-level executives are optimistic as they map security spending decisions to key 2023 priorities. They recognize an identity-centric security approach isn’t just about protection, it’s about business enablement. Yet recent CyberArk Identity Security Maturity Model research reveals some skepticism from other business stakeholders, suggesting a need for more communication and program insights.

“C-level executives are increasing spend on Identity Security tools and services as part their overall cybersecurity budgets. These investments are expected to improve identity-related security capabilities such as identifying anomalous behavior, reducing security incident response time and increasing agility. Our research shows that 15% more C-level respondents believe these investments have improved nearly all identity-related security capabilities than other (VP, Director, etc.) respondents. In the near future, C-level executives will recognize this ROI perception gap between investments and implementation and demand a regular review of identity-related security metrics to validate investments.” – Amita Potnis, Director, Brand and Thought Leadership, CyberArk

Are you tracking other 2023 cybersecurity trends? Share your thoughts on Twitter @CyberArk – we want to hear them.

 

Previous Article
What I Learned from Analyzing a Caching Vulnerability in Istio
What I Learned from Analyzing a Caching Vulnerability in Istio

TL;DR Istio is an open-source service mash that can layer over applications. Studying CVE-2021-34824 in Ist...

Next Article
Decentralized Identity Attack Surface – Part 2
Decentralized Identity Attack Surface – Part 2

Introduction This is the second part of our Decentralized Identity (DID) blog series. In case you’re not fa...