Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Monday, 6 February, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

2023 Predictions

As we leave 2022 in our wake, we thought it was time to find out what the year ahead might hold for the cybersphere...

by Guru Writer
January 10, 2023
in Featured
2023 Predictions
Share on FacebookShare on Twitter

2022 has been another huge year for cybersecurity. The teenage cybercriminal gang Lapsus$ wreaked havoc on some of the world’s largest corporations, the Russo-Ukrainian conflict brought the prospect of all-out cyber warfare terrifyingly close to fruition, and hackers stole an unprecedented amount of cryptocurrency. In spite of this – or, perhaps, because of this – the cybersecurity industry has enjoyed significant growth over 2022, bucking a global trend of economic deterioration. With this in mind, we spoke to some of the industry’s leading thinkers to find out what they think 2023 has in store for us. 

Vendor Consolidation

Speak to any cybersecurity expert for long enough and the topic of consolidation is bound to come up. Recent Gartner research even revealed that 75% of organisations are seeking consolidation. But what exactly is driving this? According to Shlomo Kramer, CEO at Cato Networks, economic deterioration is to blame. 

 “Just as COVID caused a massive acceleration in digital transformation projects, the recession will accelerate security consolidation. Numerous studies indicate that enterprises maintain dozens of security tools. And with so many security tools, controls are fragmented resulting in reduced visibility, operational overhead increases with the need for extra personnel and skills to master the various tools, and gaps between tools are created leaving the cracks through which attackers can infiltrate. Most companies — 75% — expect to reduce the number of security vendors they use, replacing them with one, converged security platform,” he said.

But while many welcome consolidation, some experts are concerned that it will leave some organisations with sub-par security tools. 

“Typically, organisations attempt to consolidate their required capabilities often by stitching together 10 or more tools from multiple vendors. Let alone how costly this can be, it usually fails to deliver the integrated and holistic security approach necessary to protect cloud-native applications. So, logically, industry analysts are now advising customers to seek vendors that can help them converge these capabilities into fewer tools – or ideally a single platform,” said Stanimir Markov, CEO at Runecast. 

Stanimir also points out that many vendors have attempted to address these issues by combining a number of products, some through acquisitions, into what he believes is a loosely integrated platform.

“But organisations will be savvy to this and will seek out vendors that can provide capabilities that are all organically part of the same product and not put together from separate tools. The benefits for this will not only come in terms of better visibility and control for vulnerability management, security compliance and ITOM, but as well for IT procurement teams in achieving cost reductions,” he continued.

Looking beyond pure cybersecurity consolidation, Nadir Izrael, CTO and co-founder at Armis believes that “in 2023 we’ll see a push, including increased investments, to completely integrate security and technology. We’ll see this especially in increased adoption of connected assets, from medical devices to operational technology robots in manufacturing. The perimeterless hybrid world will keep growing, making unified security control and scalable process management top priorities for the C-suite.”

Ransomware 

2022 is already being heralded as the “year of ransomware”, but cybercriminals are unlikely to abandon the technique come 2023. According to Greg Day, VP and global field CISO at Cybereason, the ransomware problem will get even worse, as the “fifth generation of ransomware emerges. A recent report by Cybereason found that 73% of organisations suffered at least one ransomware attack in 2022, compared with just 55% in 2021. As the world reaches saturation of ransomware, adversaries will explore new methods to get money from the same victims. This will be the fifth generation of ransomware.”

This opinion was echoed by Erfan Shabadi, cybersecurity expert at comforte AG , who said: 

 “It’s difficult to think of anything other than ransomware continuing to be the number one risk to businesses in 2023. The Putin regime will continue to harbour some of the world’s most prolific ransomware actors, and as long as their tactics, techniques and procedures (TTPs) continue to bear fruit, little is likely to change. Growth in the volume of attacks might not hit the 93% year-on-year rise we saw in 2021, but for network defenders the relative success of ransomware-as-a-service will mean more attempts to steal, encrypt and hold to ransom their most business-critical data. We may even see the emergence of more groups like the infamous Lapsus$ collective. These will not even bother to deliver a ransomware payload, and instead simply seek to extort their victims with the threat of releasing sensitive internal and customer data.”

Regulation

The UK government’s recent telecoms security proposal has been lauded by experts as a harbinger of wider security regulation for the UK’s CNI. The issue of regulation is a particularly contentious one, and many experts are concerned that they will put unnecessary pressure on an already overstretched industry. 

“There have been many regulations, standards and orders released in the past few months. These will put pressure on industries as well as consulting organisations to enhance their efforts in compliance and controls in all sections of cybersecurity. A common element in all these regulations are requirements on periodic penetration testing of applications, incident response, supply chain and Open source security,” said Lekshmi Nair, Managing Principal, APAC, Synopsys Software Integrity Group. 

APIs 

The use of application programming interfaces (APIs) exploded in 2022. A recent study even revealed that overall API traffic grew by 168%, while attack traffic grew by 117%. In light of this, and the nuances inherent with API security, 2023 is being heralded by some experts as “The Year of the API.” 

“In 2023, industry awareness about the capabilities modern businesses require to fully protect their API ecosystems will continue to grow. With millions of API users and calls, companies need to automatically and continuously monitor APIs to quickly detect and block API security threats. Having deep context into API behaviours – to spot normal versus abnormal behaviours – will be essential for companies to safeguard their critical data and services from API attacks,” said Nick Rago, Field CTO at Salt Security. 

Lekshmi Nair, Managing Principal, APAC, Synopsys Software Integrity Group, also felt this way, arguing that in 2023 we will see an “increase in API attacks resulting in investment in API Security strategy APIs are enabling the distributed infrastructure driven by modern requirements. There are recent attacks such as Optus, which occurred due to API security flaws creating a renewed awareness of the need for secure architecture, robust testing and continuous monitoring of APIs.” 

 

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Cato Networks Strengthens Channel Leadership Team to Meet Growing Global Partner Demand for SASE/SSE

Next Post

KnowBe4 Integrates With CrowdStrike Aiming to Reduce Human Risk in Organisations

Recent News

london-skyline-canary-wharf

Ransomware attack halts London trading

February 3, 2023
Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

February 2, 2023
JD Sports admits data breach

JD Sports admits data breach

January 31, 2023
Acronis seals cyber protection partnership with Fulham FC

Acronis seals cyber protection partnership with Fulham FC

January 30, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information