Cybersecurity: 13 trends and threats for 2023

1. Multicloud security

Companies and organizations spread their workloads across various cloud environments. Data and applications are stored in hyperscaler cloud environments (e.g. Microsoft Azure); SaaS applications are used, and some applications run from their own servers. Microsoft’s Nico Sienaert: “Securing that diverse ecosystem is a huge challenge. Companies are demanding the consolidation of IT security mechanisms. They want to keep an eye on security from the vantage point of a single helicopter view. We’re seeing a powerful market push to standardize security platforms, which will significantly reduce complexity. Complexity clouds a company’s sight and mars the holistic (helicopter) perspective.”

2. Cybercrime-as-a-service

Real business models lurk behind a lot of today’s cybercrimes. “Rogue hackers specialize in one aspect of a cyber attack,” Fortinet’s Patrick Commers points out. “They offer paid services to actors who are less familiar with that particular domain. And that creates a sophisticated chain of experts, enabling even more targeted attacks.” The components of this well-oiled machine include Ransomware-as-a-Service, Reconnaissance-as-a-Service – circulating an overview of vulnerabilities – and Money Laundering-as-a-Service for artificial intelligence-driven detection of money laundering channels.

3. Small and mid-sized organizations boost defense

“Small and mid-sized businesses often hover below the so-called cybersecurity poverty line, leaving them more vulnerable to attacks,” Wouter Vandenbussche at Proximus explains. “Their demand for security services has skyrocketed. Initially, in that context, it boils down to getting the basic security in good shape. The greater the maturity, the lower the attack’s impact.”

4. Cybersecurity as a criterion for supplier selection

Cybersecurity risk assessments are an integral part of the supplier selection process. Palo Alto Networks’ Jesper Olsen: “37% of companies expect supply-chain attacks to become more profuse in 2023. They want to cap risks at the lowest point across the entire chain. Part of that includes looking at interdependencies and the potential vulnerabilities of open source.”

5. Cyber resilience

The past year reaffirmed how cyber attacks on large and small organizations can wreak havoc on or even bring daily operations to a grinding halt. According to Steven De Ruyver of Cisco Systems, we need a system architecture that keeps running at its best even when it’s under attack. “As a company, you’ve got to pull out all the stops to minimize attack access, but embedding resilience is just as important.”

6. Social engineering marches on

Cybercriminals rely on social engineering techniques to try and trick hapless users into clicking or opening infected files. “That type of attack became even more popular in 2022,” Trend Micro’s Steven Heyde says. “Social engineering has a more pronounced presence at the executive level, where rogue hacker groups attempt to dupe executives with deep fake.”

7. NIS2 and risk-based security policies

NIS2, the latest European directive on network and IT system security, is expected to enter into force during the first quarter of 2023. “The companies involved need to look at cybersecurity from a broader context,” indicated Wouter Vandenbussche of Proximus. Steven Heyde of Trend Micro also points to the importance of quantifying and qualifying vulnerabilities and cyber asset threats (ASRM = Attack Surface Risk Management).

This kind of strategy is frequently encouraged by corporate management. “The upper business echelons are aware of what an attack can do to an organization, including the potential reputational fallout,” Steven De Ruyver of Cisco Systems said.

8. Security by design

“It comes down to knowing what data and applications are where and locating potential vulnerabilities,” Microsoft’s Nico Sienaer clarifies. “The trick is also to streamline and optimize the number of user rights. Concepts like ‘Just in Time Access’ and ‘Just Enough Access’ are becoming more important than ever before for protecting customers’ increasingly complex ‘Identity Footprint’.”

Steve Heyde at Trend Micro comments that visualization of security risks and attacks makes all the difference. “I see accelerated adoption of integrated security platforms playing a major role,” he noted. “Many companies are also struggling with obsolete applications,” Microsoft’s Nico Sienaert added. “Upgrading those applications and emphatically prioritizing security during that upgrade process is recommended. On top of that, securing the code and the different environments it’s generated in is a must.”

9. Wipers

According to Fortinet’s Patrick Commers, wiper attacks, or malware that destroys data, aren’t new. “That kind of cyber attack has been around for a decade, but it seriously upped its game last year. That increase can at least partially be attributed to the war in Ukraine, and it’s also made a comeback elsewhere in Europe.

To give you an idea: eight new variants popped up in the first half of 2022. That’s the same as the entire past decade. The mix of wiper malware and computer worms has a huge impact. Where wipers used to be the main purview of organizations subject to the public authorities, independent cybercriminals are now co-opting it.”

10. Cybersecurity as an enabler for ESG goals

ESG (Environmental, Social and Governance) criteria also appear more frequently at the top of CISO agendas. And that means digital transformation and ESG goals go hand in hand. “As goals, digital transformation and emissions reduction are two major incentives for onboarding new technology.

That said, adding that new tech to your current technology landscape also expands your attack surface and makes your technology landscape more complex. Without a doubt, that affects your ability to protect your assets,” said Palo Alto Networks’ Jesper Olsen. “So, cybersecurity becomes an enabler for the business’ ESG goals. It gives companies the confidence to use those new technologies.”

11. The Metaverse as a new attack front

“More and more organizations are creating their own virtual worlds,” Fortinet’s Patrick Commers notes with conviction. “That opens up a world of opportunities, but it also opens the backdoor to cybercrime. A person’s avatar, for example, acts as a gateway to personally identifiable information. Digital wallets, crypto exchanges, NFTs, and currencies of every kind for metaverse transactions have whet the appetite of cybercriminals everywhere. And biometric hacking can’t be ruled out either; the applications, protocols, and transactions within those environments are potential targets for attackers.”

12. Extended Detection and Response (XDR)

Extended Detection and Response (XDR) facilitates data visibility across all networks, clouds, endpoints, and applications. “XDR collects and correlates data from multiple sources and makes advanced threats and their context visible,” explained Steven De Ruyver of Cisco Systems. “You detect attacks faster with it, allowing you to reduce their impact.”

13. The convergence of network and security management

“NetOps and SecurityOps are converging,” Wouter Vandenbussche of Proximus said. “The network is more dynamic, with more employees in diverse locations. That fluidity creates a stronger security link and a tighter end-to-end collaboration across operational teams.”