The deep dive: Cybersecurity Trends in 2023
By Puja Sharma
The deep dive’ is our bi-weekly exploration of a relevant topic, hot trend, or new product. For Prime subscribers only.
How does it work?
The financial sector is a natural target for hackers looking for easy money. The cybersecurity regulations governing traditional banks are therefore strict. Nevertheless, FinTech companies aren’t as strictly regulated as banks and often skip key steps in the security process, especially if application security is not a mandatory requirement.
Matt Barker, president of cloud-native solutions at Venafi said, “In 2023, we will see continued efforts to manage the risk posed by software supply chain attacks, with more start-ups and open source tools – like cosign and sigstore – designed to help in this area. Biden’s SBOM initiative has helped bring attention to the requirement, with The OpenSSF leading the charge. As a result, we expect to see some positive movement in this space.”
He further added The rise of the platform engineering team will be one of the big trends of 2023. Cloud Native reimagines how companies think about building and operating infrastructure; they require a new team to build and support it. Platform engineering teams will build on the learnings of DevOps culture, encompassing every persona needed to build and run IT infrastructure – including Dev, Security, and Operations.”
Who is under the radar?
In 2022, ransomware continued to dominate the headlines. In the last year, ransomware breaches increased by 41%, and detecting and containing them took 49 days longer than the average breach. Ransomware gangs continued reemerging as new groups with the same key players after an arrest or major attack. Moreover, ransomware as a service is becoming more profitable and powerful for ransomware gangs.
The concept of zero trust evolved from being a new idea to a best practice. Hybrid work has led to the adoption of zero-trust frameworks – all users, apps, and devices requesting access are assumed to be unauthorized until proven otherwise. Organizations with a zero trust approach deployed saved nearly $1 million in average breach costs compared to organizations without zero trust deployed.
According to John Hendley, Head of Strategy, IBM Security X-Force, specialists will double back to generalists to secure the cloud in 2023: Hiring the talent required to secure the cloud will be a challenge for security leaders in 2023. One of the greatest hurdles stems from the large number of people needed in a very niche, specialized roles. With so many companies increasingly going all-in on the cloud — and a skills crisis that’s worsening year by year — the solution to the skills gap lies in cybersecurity generalists. Organizations will recruit more generalists with successful track records, and build internal teams by reskilling specialists back to generalists.
Why does it matter now?
According to Dave Gerry, CEO of Bugcrowd the crowdsourced security pioneers, for the past few years, the industry has seen an incredible amount of M&A consolidation. As a result, security organizations are looking internally for ways to leverage existing tool sets or upgrade existing tool sets versus adding to their ever-growing technology stack. This growing need for security vendor consolidation will continue to be driven by both the cost of the security products and the limited internal resources to effectively operate the products.
Other Related News
July 16, 2024
Rise in sophisticated attacks, state-level threats, and increased ransom DDoS Incidents
Read MoreJuly 15, 2024