Cyber security: trends 2023

While 2023 seems to be shaping up as a “rinse and repeat” of the cybersecurity challenges of recent years, there are a number of notable new trends and variations that will undoubtedly keep security professionals on their toes. Some developments we are watching closely in the coming year include:

Securing the distributed workforce

As the world continues to recover from the pandemic and employees finally return to the office, the majority of organizations are maintaining policies that allow full or part-time work from home. Therefore, the need to adapt infrastructures to support a hybrid workforce will continue to have a major impact on security strategies.

A key difference is that instead of the massive rush to remote working in the early days of the pandemic, we expect to see general improvements ranging from secure access policies to control and visibility of asset inventories. The latter will be extended to end users, BYOD, mobile devices, servers, applications and other elements. Asset discovery and management will also enable improved verification of asset IDs, health checks, vulnerabilities, patch levels and other security aspects.

The hybrid workforce will continue to drive a number of key technology adoptions such as cloud and SaaS that improve agility and flexibility. At the user access level, Identity and Access Management (IAM), Zero-Trust Network Access (ZTNA) and Secure Access Service Edge (SASE) will gain traction. Another emerging product category, Security Service Edge (SSE), will grow together and become more concrete – and therefore more effective as a strategy.

Overall, the transition from the traditional edge-based security model to the new hybrid/distributed workforce model is a seismic shift that will occur gradually over a period of time.

OT/IoT security moves into focus

Operational Technology (OT), the Internet of Things (IoT) and the Industrial Internet of Things (IIoT) have become established in many sectors as part of Industry 4.0, also known as digital or smart manufacturing. This fourth industrial revolution is based on the generation, analysis and communication of data in order to automate processes and support better decision-making.

However, recent attacks have shown that large samples of many OT/IoT networks often have little or no protection. Geopolitical risks also underline the importance of securing critical infrastructure to protect these elements from attack and misuse. In addition, new technologies such as connected cameras, cars and other devices bring new security issues.

In 2023, security professionals will need to focus more on continuous monitoring of these assets through asset inventory processes, ideally with automated detection given the rapidly changing standards of Industry 4.0. In addition, mechanisms must be in place to identify and defend against anomalies that may be indicators of compromise (IOC), as well as to ensure accurate threat detection and mitigation. Most importantly, an appropriate security incident response plan must be developed to ensure a rapid response when OT/IoT/IIoT devices are compromised.

Cloud and security investments

Among the many impacts of the COVID pandemic has been the acceleration of cloud adoption as organizations focused on maintaining continuous operations in a challenging environment. Unfortunately, the increase in cloud adoption has only led to an increase in cloud-related security incidents, both in terms of the type and frequency of attacks.

The IBM Cost of a Data Breach Report 2022 found that 45 percent of data breaches occurred in cloud environments, with average costs in the millions. As such, awareness and demand for cloud security has also intensified, which will continue into 2023 and beyond. However, the focus will strategically shift to supporting hybrid cloud environments that include private data centers and public clouds.

This evolution will also require a change in management strategies – the scale of hybrid cloud deployments will make a piecemeal approach impractical. As part of cloud operations management, it will become essential to be able to manage security seamlessly.

Trends in security operations

As mentioned above, data center ecosystems have changed in recent years. We will likely see a renewed focus on better integration between security operations (SecOps) and security infrastructure in 2023. This will finally bring everything together and provide better visibility and a “single pane of glass” view into SecOps.

Like many industry analysts, we expect the adoption of Extended Detection and Response (XDR) to increase. This will be driven primarily by XDR’s ability to provide better analytics, which in turn will help security personnel understand and respond appropriately to incidents.

Another trend we’re seeing closely is better automation to handle certain incidents. Automation allows security professionals to set up playbooks to trigger automated mitigation and remediation actions for common security scenarios. This frees employees from routine incidents and allows them to prepare for complex or high-risk attacks and breaches.

Overall, we also expect that organizations will increasingly see the value in having a response plan in place for different types of security incidents, which has become critical to business operations.

CONCLUSION

In summary, the coming year will bring new challenges but also new opportunities for security practitioners. Only a thoughtful and strategic approach will lead to a safer and more sensible cyber security environment.

I look forward to your questions!

Frank Frommknecht

Key Account Consultant