Cybersecurity: what are the trends for 2023?

The time has come to take stock of the past few months and try to predict what will await businesses in 2023.

While some technologies are running out of steam or even coming to the end of their course, others – such as quantum computing or blockchain – must be given special attention by companies in order to fully exploit their potential. or, conversely, guard against the inherent dangers.

Because who says new trend or new technology, also says new breaches through which hackers could rush.

So-called “basic” attacks will still be the most effective and lucrative in 2023

Compromised business mailboxes, attacks targeting identities or multi-factor authentication systems (MFA), ransomware or even phishing, will certainly be among the classic attack techniques that will continue to be effective and sources of income for cybercriminals. And for good reason, new flaws in cybersecurity systems are inevitable and the human factor continues to intervene in the equation. Phishing and emerging MFA coercion systems are more sophisticated than ever, making cybersecurity awareness important but more complex than ever.

In 2023, enterprise security teams must continue to consider human error. With this in mind, adopting a more offensive than defensive security posture is a good approach. In fact, customers of MDR services may be more inclined to ask their suppliers for functionalities that focus on proactivity rather than only reaction.

Attacks will be faster

The use of automation and concepts of machine learning or artificial intelligence will continue to increase the effectiveness of computer attacks. Proof of this is the decrease in the time between the first step of a ransomware is the ransom demand, which has been reduced by 15 in the last three years. Time to detection and time to response continue to be the key elements of the defense system, which must be reacted by the same principles of automation and artificial intelligence. To this must be added the precision of the defense, which must adapt to the real threat environment and the implementation of appropriate protection measures.

VPN is dead

Clearly, the trend towards telework is not about to run out of steam. Securing employees, dispersed in various places, will continue to evolve. In 2023, the Zero Trust approach will gradually replace the one based on vpn. And for good reason, the borders of corporate networks no longer resemble what they used to be: employees now access most professional applications via Cloud applications (SaaS) and IT teams are not inclined to to the risks inherent in employees’ private networks. Considering each device and user account as a potential threat is therefore the key to supporting and securing employees working remotely.

Why try to force entry when you can bribe?

In 2023, cybercriminals will take advantage of the negative economic situation, fueled in particular by inflation, to break into company systems. Weakened by this situation, company employees will be more actively used by cybercriminals to achieve their ends. Hackers will put aside their hacking skills and instead target vulnerable employees working for third-party vendors, such as transportation companies, supply chain players, internet service providers and software solutions providers.

Companies must therefore remain vigilant and secure not only their own network perimeters, but also ensure that their suppliers are safe.

Will we continue to use passwords?

The recent security breach that affected Uber highlights the fragility of so-called MFA authentication systems. However, even if password technology falters, passwords are unlikely to disappear completely in the next year.

However, they should be used less and less in the future. The coming months should be marked by securing accounts by all possible measures, including stronger passwords. Password managers will then be in particular demand, and will in turn appear on the list of targets of interest to hackers.

Security strategies will not suffer from inflation

Companies of all sizes and in all sectors will likely reduce their budgets and staff to cope with the economic situation, but these cuts should not have a direct impact on the teams dedicated to security.

Current and future European standards also imply that boards of directors and company managers will have to be increasingly attentive to their compliance and their security rigor.

In addition, initiatives such as the establishment of security labels – such as the “cyberscore” in France – will accentuate the importance of the role of security teams within companies. They will also have to work smarter and sometimes revise their approach to deal with the changing economic and technological landscape.

The blockchain will need more control if it wants to go through 2023 without tumult

Blockchain technologies have had a tough 2022 from a security perspective. 2023 will also be a tumultuous year unless blockchain moves away from code as law. Currently, too much trust is placed in developers and their coding skills. Blockchain security teams need to integrate more security control and have stronger detection and response skills to deter malicious actors.

The multiple hacks that occurred in 2022 have greatly shaken users’ confidence in the security of blockchains. Fortunately, blockchains know that customers are just as concerned about the security of their chosen one as they are about its features. As a result, industry players will likely dedicate appropriate resources to improving their security over the coming months. Along with cryptocurrency theft, availability and stability should be a priority in 2023. If outages and slowdowns continue, some blockchains could lose users and collapse.

Quantum computing is on the starting line

Measures to prepare for the arrival of thequantum computing will certainly not be massively adopted next year. However, professionals should keep this topic in mind for 2024. The level of risk inherent in the use of quantum computing does not quite compensate for the particularly large investment it requires. That said, companies that will need quantum computing the most (financial services, companies dedicated to defense or that use extremely sensitive data, etc.) should start assessing the risks now.

In conclusion, it is very likely that 2023 will be an extension of 2022. The events of recent months have reminded us, if need be, that cybersecurity is a global issue.

The continuous digitization of all actors considerably increases the number of entry points for hackers, so awareness must be more intensive. Because if the technology does not stop evolving and, with it, the room for maneuver of cyberattackers, we must learn from 2022 that salvation in terms of cybersecurity will undoubtedly pass through an exhaustive awareness of all audiences.

We would love to thank the author of this short article for this outstanding material

Cybersecurity: what are the trends for 2023?

You can view our social media pages here and other related pages here