what are the trends for 2023?

The time has come to review the past months and try to predict what awaits businesses in 2023.

While some technologies are running out of steam or even close to the end of their course, others – such as quantum computing or blockchain – must be given special attention by companies to fully exploit their potential. or, on the contrary, guard against nature. risks.

Because whoever says new trend or new technology, also says new breaches where hackers can pounce.

So-called “basic” attacks will still be the most effective and profitable in 2023

Compromised business mailboxes, attacks targeting identities or multi-factor authentication systems (MFA), ransomware or even phishing, will certainly be among the classic attack techniques that continue to will be effective and a source of income for cybercriminals. And for good reason, new flaws in cybersecurity systems are inevitable and the human factor continues to enter the equation. Phishing and emerging MFA coercion systems are more sophisticated than ever, making cybersecurity knowledge essential but more complex than ever.

In 2023, enterprise security teams must continue to consider human error. With this in mind, using a more offensive than defensive security posture is a good strategy. In fact, customers of MDR services may be more inclined to ask their suppliers for functionalities that focus on proactivity rather than just reaction.

Attacks will be faster

The use of automation and concepts of machine learning or artificial intelligence will continue to increase the effectiveness of computer attacks. The proof of this is the decrease in time between the first step of a ransomware is the ransom demand, which has decreased by 15 in the last three years. Time for detection and time for response continue to be key elements of the defense system, which must be met by both the principles of automation and artificial intelligence. To this must be added the accuracy of the defense, which must adapt to the real threat environment and the implementation of appropriate protection measures.

VPN is dead

Clearly, the trend toward telework is not going to run out of steam. Securing employees, who are scattered in different areas, will continue to improve. By 2023, the Zero Trust approach will gradually replace that based on VPNs. And for good reason, the boundaries of corporate networks are not what they used to be: employees now access most professional applications through Cloud applications (SaaS) and IT teams are not inclined to risks inherent in employees’ private networks. Therefore, considering each device and user account as a potential threat is the key to supporting and securing employees who work remotely.

Why force entry when you can bribe?

In 2023, cybercriminals will take advantage of the negative economic situation, particularly fueled by inflation, to penetrate company systems. Weakened in this situation, the company’s employees will be more actively used by cybercriminals to achieve their goals. Hackers will put aside their hacking skills and instead target vulnerable employees working for third-party vendors, such as transportation companies, supply chain players, internet services providers and software solutions providers.

Therefore, companies must remain vigilant and secure not only their own network perimeters, but also ensure that their suppliers are secure.

Do we continue to use passwords?

The recent security breach affecting Uber highlights the vulnerability of the so-called MFA authentication system. However, even as password technology declines, passwords are unlikely to disappear completely in the next year.

However, they should be used less and less in the future. The coming months should be marked by securing accounts by all possible measures, including stronger passwords. Password managers will be in particular demand, and will in turn appear on the list of hackers’ interest targets.

Security strategies will not suffer from inflation

Companies of all sizes and in all sectors are likely to reduce their budgets and staff to cope with the economic situation, but these cuts should not have a direct impact on teams dedicated to security .

Current and future European standards also indicate that boards of directors and company managers need to be more attentive in their compliance and in their strict security.

In addition, initiatives such as the establishment of security labels – such as “cyberscore” in France – will highlight the importance of the role of security teams within companies. They also need to work smarter and sometimes change their strategy to deal with the changing economic and technological landscape.

The blockchain will need more control if it wants to get through 2023 without chaos

Blockchain technologies have had a difficult 2022 from a security perspective. 2023 will be a tumultuous year unless blockchain moves away from code as law. Currently, too much trust is placed on developers and their coding skills. Blockchain security teams need to consolidate more security control and have stronger detection and response skills to thwart malicious actors.

The many hacks that took place in 2022 greatly shook users’ confidence in the security of blockchains. Fortunately, blockchains know that customers are as concerned about the security of their choice as they are about its features. As a result, industry players are likely to devote appropriate resources to improving their security in the coming months. Along with cryptocurrency theft, availability and stability should be a priority in 2023. If losses and slowdowns continue, users may be lost and some blockchains may collapse.

Quantum computing is on the starting line

Measures to prepare for the advent of quantum computing will certainly not be used extensively next year. However, professionals should keep this topic in mind for 2024. The level of risk inherent in the use of quantum computing does not fully compensate for the particularly large investment it requires. That said, companies that will need quantum computing the most (financial services, defense-oriented companies or that use highly sensitive data, etc.) should start evaluating the risks now.

In conclusion, it is very likely that 2023 will be an extension of 2022. The events of the past months remind us, if necessary, that cybersecurity is a global issue.

The continuous digitization of all actors greatly increases the number of entry points for hackers, so awareness must be more intensive. Because if technology does not stop developing and, with it, the room for maneuvering cyberattackers, we must learn from 2022 that safety in terms of cybersecurity will undoubtedly go through a complete awareness of all audiences.

Leave a Reply

Your email address will not be published. Required fields are marked *