The biggest trends and challenges in cybersecurity in 2023

In 2023, we will see an increased focus on cloud security posture management and security as a service. On the adversary side, attackers are logging in through stolen credentials or penetrating systems through misconfigurations and vulnerabilities.

According to statistics, over 90% of cybersecurity breaches could be prevented with basic cybersecurity hygiene. Especially for organizations that are transitioning to cloud platforms, successful cybersecurity hygiene requires modern approaches. Overall, the biggest individual challenge for any company is having a proper security baseline and vulnerability management that is maintainable over time.

Corporations with big bets on industry disruptions are facing additional challenges, as adversaries are finding their way into emerging domains, such as IoT and OT. Unfortunately, the situation seems to be heavily neglected on a large scale, as even Gartner predicts that by 2025, cyberattacks in OT will cause human casualties.

Considering that most security teams are resource-constrained and are lacking basic cyber hygiene, adding complexity through multiple domains and simultaneous paradigm shifts, will not help the situation. Organizations that identify themselves in this situation, are left with two options:

• Postpone their digitalization initiatives (an unlikely option)
• Prioritize reactive measures to minimize damage and enable fast remediation, before creating and implementing proper security architecture to minimize attacks in the first place

Cloud-native security enables teams to deliver more

The biggest cybersecurity trend we at SoftwareOne are witnessing today is the adoption of cloud-native security solutions, which is heavily driven by overall vendor consolidation and cloud transition trends. This opens an opportunity for overburdened security teams to alleviate the resourcing pressure, as interoperability and technology management are for the most part handled by the technology stack.

With a cloud-native security stack, teams can achieve more with the same headcount.

Traditional security vendors have also spotted these trends, and are expanding their positioning through acquisitions, partnerships, and public interoperability initiatives, such as the Open Cybersecurity Schema Framework (OCSF) project. Such a strategy enables traditional cybersecurity players to compete against cloud vendors with a comprehensive offering and follow the trend of consolidation.

Security as a service is booming - for a good reason

The second trend we are witnessing is organizations’ growing appetite for sourcing security as a service for cloud protection and resilience. While currently an emerging trend, the global forecast predicts that over 80% of organizations will partner with service providers for cloud security services.

Eventually, security service providers will have to expand their offering to cover cloud platforms through value-added security services, as the technology stack is becoming standardized and leaves little room for differentiation.

Zero trust architecture and posture management on the rise

The last trend on our radar, albeit almost exclusively in mature organizations, is the shift from traditional protection methods towards zero-trust architecture and cloud security posture management. These teams have recognized that cloud environments are just too dynamic and exposed (by default and by design) to be protected via old-school security principles.

Additionally, modern cloud technology allows scalable, technical implementation of security policies on system and resource levels, enabling organizations to innovate within “security guard rails”, without unnecessary risks, even in highly dynamic environments. Compared with traditional ways, where policies were written in a word document, without any capability to enforce or track their adherence at scale, cloud-native capabilities are a major opportunity for security teams.

Most companies' hybrid working style enables teams to work using multiple devices, but this has caused some security concerns. Do you think businesses are starting to take security seriously regarding hybrid and flexible working?

Today, all necessary technology is already available for enabling a hybrid workforce without the need of taking significant risks. However, the main issue is the lack of skillset in modern security architectures, technologies, and processes for secure adoption and management of such solutions.

As an example, today one can enable selective access to systems and data based on multiple criteria, spanning from authentication methods, and identity health, all the way to a location, as well as device compliance status and device health. As result, an organization is capable to mitigate all major risks associated with remote working, by allowing granular access to systems and assets only to healthy identities and devices, from an agreed location. In the future, emerging technologies such as virtual desktops will enable even higher flexibility on the BYOD side, while keeping the risks on an acceptable level, through built-in security components.

At the end of the day, I believe that in near future we will see significant improvement in this area through growing security awareness and an increasing number of solutions brought to the market, aimed at enabling a hybrid workforce with built-in security solutions.

What can businesses do differently to ensure they are prepared for the new year?

Historically, two weeks before and couple weeks after the new year are full of action for cybersecurity teams, as two things happen during the upcoming holiday season: the emergence of critical zero-day vulnerabilities and an increased amount of cyberattacks, often utilizing those vulnerabilities. No one wants to become a victim of a cyber-attack, especially during the holiday season. Given the trends and challenges mentioned earlier, organizations that act now on establishing security baselines and vulnerability management for key internet-facing systems as well as critical end-user services, are more likely to have a peaceful or at least less chaotic holiday season.

On a general level, cloud adoption and app modernization will be in large focus for organizations during upcoming years. Having proper security architecture and principles designed to accommodate such initiatives, will help security organizations next year to level up their capabilities and add value to the business, at scale.

What regulation should businesses look out for in 2023, and what practices can they bring in to ensure compliance?

In the future, having certain minimum-security capabilities will be enforced through regulations by countries, regions, and industries, while becoming “permission to play” where regulations are absent. Understanding and preparing for them takes a significant amount of time. Now is a good time for security, risk management, and business to identify potential regulations that will become mandatory soon, as well as standards that might be valued by your industry. This enables security organizations to build a compliance strategy and add business value by differentiating through security initiatives during 2023. Take Apple for example; there is no product launch without emphasizing security features and customer value that they generate.

Over the last five years, cybersecurity as an industry has been impacted heavily by laws and regulations, especially in essential services, safety-critical domains as well as in the public sector. Thus, the chances of having new regulations in your area in the next few years are high. For example, in the EU there are multiple regulations with cybersecurity requirements that are expected to come into force between 2024 and 2025. Regulations such as EU Radio Equipment Directive and EU Cybersecurity Act are expected to heavily impact the IoT domain, while new iterations of existing regulations such as the NIS2 directive, will bring additional requirements and tighter reporting deadlines for any corporation classified as an essential service or supply-critical entity.

To ensure compliance with upcoming regulations, it is key to understand which ones and how they will impact your industry across geographic locations. Chances are that some of them will impact security governance, while others may impact your data protection & handling capabilities, and some may require additional capabilities in operational security or even in the way you design and build applications today. In general, following widely known information security management standards, implementing a secure development lifecycle, followed by proper vulnerability and posture management, as well as having security monitoring and incident response capabilities in place, will enable flexibility for your organization to comply with most future security standards.