As we approach the end of the year, questions pop up about what cybersecurity in 2023 will look like. What threats will keep CISOs awake, and what actions will security teams take to mitigate the risks? Are organisations going to focus on cybersecurity strategies or rely on ad-hoc responses to real-time threats?
The evolution of cloud technologies and IoT in recent years has widened the threat landscape and stimulated hackers’ imagination. The result can be seen in attacks on supply chains that can paralyse several organisations at once.
Ransomware in the geopolitical context
Politically motivated and state-driven ransomware attacks have influenced our response strategies in 2022. The outbreak of cyberwar alongside the Russian-Ukrainian conflict caused financial burdens to numerous companies worldwide. As predictions* say, this will not calm down in 2023; the attacks will only become more sophisticated and shift the focus from the filesystem level to the database level, thus disabling cloud services. Since ransomware attacks usually begin with social engineering, training users to recognise scams is essential.
Strong passwords and multi-factor authentication
Password efficiency has been on the agenda for the whole of 2022 and will be in the future too. Experts say that two-factor authentication won’t do the trick by itself anymore. There was a tendency in recent years to use a simple or weak password and strengthen it with 2FA – either an SMS or authenticators. Since the attackers developed their skills in the real-time one-time token interception, the passwords will have to get stronger again. Furthermore, enhanced security such as biometrics, FIDO2 and user behaviour-related authentication is strongly recommended; e. g authentication based on which browser you use, on the pace of your typing, or how you use your mouse.
Nevertheless, no matter how strong the password is, the user can still be tricked into disclosing it – or even the second authentication factor – to a social engineer. Therefore, we cannot stress enough how important it is to educate and train users to recognise social engineering attacks.
Cloud and IoT security
Cloud technologies and, consequently, the use of applications and IoT have brought enormous benefits to business environments. Working anytime, anywhere increased the flexibility of business processes, opened possibilities to spend more quality time with our loved ones, and made it easier to combine work and pleasure. However, this liberty also poses higher risks to the business environment. IT systems have become more open and accessible, cloud services offer uninterrupted connection 24/7, and the odds that an attacker will interfere with our online traffic have multiplied.
APIs present an additional risk in the IoT because they are often not documented, and organisations do not even know how many and which APIs are used in their system. According to Postman’s 2022 State of the API Report, “some 20% of respondents said API security incidents occur at least once a month at their organisation, resulting in loss of data, loss of service, abuse, or inappropriate access.” But the good news is that one-half of the respondents said that they experience security incidents less than once a year.
We strongly support the use of new technologies and, at the same time, urge cybersecurity professionals in business environments to implement policies regarding the use of applications and mobile devices. There should be a clear line between personal and business use. Furthermore, people in charge of IT security should regularly test the resilience of cloud and IoT environments. Every new application used in the IoT world may change the relationships in the environment; therefore, running a pentest with every change you make is highly recommended.
Cybersecurity in 2023 – bring it on the agenda of every board
We believe it has already become evident that cybersecurity is not only about technology – it is becoming primarily about business. A company under cyber-attack risks losing reputation and customer trust, not to mention the financial costs of forensics and data recovery. Every management and board should be fully aware of cyber-risks in their IT environment and the consequences they can cause. Since top-level management usually is not and cannot be cybersecurity experts, it is essential to build trust within the organisation and rely on recommendations that the cybersecurity team proposes as improvements.
As there is a lack of cybersecurity professionals on the market, companies need to rely on outsourced staff that supervises their IT environment. If possible, ensure that you have skilled in-house key team members who can efficiently communicate with outsourced SOC centres and service providers. Communication is crucial when it comes to managing sensitive data and systems.
Good communication is crucial in supply chains. If one link of the chain experiences a cyber-attack, all other companies in the chain have to respond promptly and adequately. To provide the highest possible level of security in your supply chain, consider implementing real-time monitoring of third-party risks and vulnerabilities. And, of course, remember to monitor yours.
Are you building a cybersecurity strategy?
Drawing up a formalised cybersecurity strategy has become quite popular, and we hope this trend will continue. However, cybersecurity needs immediate action. Writing a strategy can be one of the tasks that will help you manage future threats and vulnerabilities, but protecting the IT environment at the given moment is at the top of the priority list.
Moreover, even though you have the strategy written, be agile and adapt to the latest guidelines. Once the emergency is handled, return to the previously outlined path. And remember: the attackers have their strategy, too – to trick you over and over again.
Key takeaways for cybersecurity in 2023
To conclude, we’d like to emphasise the key messages for the successful management of cybersecurity in 2023.
- Use strong passwords combined with MFA.
- Educate and train your users.
- Regularly perform pentests, and especially do so after every major change in the IT system.
- Adopt new technologies with high-level security in mind.
- Make cybersecurity a strategic business priority.
Simulated phishing attacks are an effective way to train employees to identify phishing attacks and malicious links.
A penetration test helps identify vulnerabilities and offers the foundation for ranking vulnerabilities and giving recommendations.
Cybersecurity consulting services help you identify the level of cybersecurity in your organization and propose upgrades and optimization.