John Stock, Product Manager, Outpost24
With continued challenges from remote and hybrid working, increased economic unrest and geopolitical conflict, and a new gang of teenage hackers, 2022 has certainly thrown cybersecurity professionals some curveballs. While many of the same trends and threats remain, 2023 is likely to keep us on our toes as these threats mature and the landscape continues to shift. Here are a few trends to watch out for in the new year:
Cyber threats emerge as a result of hybrid working
More workers have returned to the office, with hybrid work increasingly the new normal. With this shift comes new challenges – some similar to those businesses have faced since the start of the pandemic, and some still emerging. With hybrid work, VPN and remote access will start to become greater network-based targets. Additionally, the user will continue to be the weak point, with blurred lines between work and home devices creating new challenges. 2FA spamming is now quite commonplace, with a number of high-profile attacks like that on Uber recently using this method to gain remote access. Businesses with remote and hybrid workers will need to take steps to educate employees on these new threats and put new protocols and tools in place to ensure employees are as secure at home as they are in the office.
Increased challenges for web application asset management
Many security professionals have emphasized the importance of asset management for IoT and other internet-connected devices. However, in 2023, it’s time to broaden our definition of asset management to include both hardware and software assets, with the growth of cloud computing introducing new internet-based threats and many organizations still lacking a comprehensive inventory of internet-facing assets and their attack surface. As with devices, it is difficult to protect cloud resources and web applications if you don’t even know they exist. It is critical for CISOs and security teams to track and maintain an up-to-date inventory of all internet-facing assets and take steps to minimize and manage their organization’s attack surface.
The economic downturn fuels more sophisticated cyber crime
The current economic climate means individuals and businesses are tightening their purse strings and may not be in a position to withstand the financial impacts of cybercrime. Unfortunately, at the same time, cybercriminals will be looking for new ways to make a quick buck, fueling a growth in online fraud from the most basic scams to highly sophisticated ransomware extortion. As fraud becomes more mainstream and consumer-focused in 2023, businesses and individuals alike will need to keep an eye out for evolving scams and educate themselves on the latest tactics as cybercriminals look for even more elaborate ways to carry out their attacks.
The key is to adapt
Ultimately, those that fare best against new 2023 threats will be those that are quick to adapt. Cybercriminals are always looking for new avenues for financial attacks and have evolved their tactics over the last few years as the landscape has shifted as a result of the pandemic, related rise of remote work, and other trends. By educating yourself on the threats and implementing new procedures and tools to combat them you will be one step ahead in the new year.