Cyber Trends: A look into 2023

Keeping up with the latest attack vector trends is a challenge for organisations worldwide as they battle an ever-evolving threat landscape and a rapidly growing attack surface.

So, following our successful acquisition of Secrutiny, we polled our cyber experts and have collated our top 6 cyber security predictions for 2023.

1. Ransomware attacks will accelerate as a ‘cash in quick’ movement

The last couple of years has seen a big uptick in cyber attacks using ransomware, where hackers lock you out of your data until you pay up. In just the first half of 2022 alone, there were a whopping 236.1 million ransomware attacks worldwide. Out of all the ransomware victims, 32% agreed to pay the ransom, but they only got 65% of their data back. Just imagine the chaos.

However, as governments globally are discussing banning ransomware payments, ransomware attacks will accelerate as a fast ‘cash in quick’ movement, as no rewards will equal no effort from the threat actors.

Click here for more information on how to be ready for ransomware. There are no excuses.

2. Cyber insurance will be hugely affected due to the impacts of ransomware

A successful ransomware attack costs the targeted organisation more than the ransom payment itself. There are additional costs such as downtime, mitigation, reputational damage, analysis, and increasing insurance premiums.

The rising impact of ransomware in 2023 will become un-insurable, so organisations must have better cyber recovery plans.

3. Enterprises will move their focus from defence to Cyber Incident Recovery

The growing number of cyber attacks will force the enterprise focus from cyber defence to cyber recovery. Through recovery planning, organisations can work out how to run different elements of their business, even when other bits are cut off.

Demonstrating this to your insurance provider translates to lower insurance premiums because they have confidence the impacts of an incident are going to be minimised. So, you’re less likely to come to them with a hefty bill that you’re looking for them to help you meet. Confidence in yourself, increases the confidence others have in you.

4. Software-as-a-Service (SaaS) configuration mismanagement will become a major attack vector

The SaaS attack vector has surged in recent years, as a preferred way for cyber attackers to disrupt an organisation’s operation. 2023 will see an increase in SaaS application and platform abuse to create malicious phishing websites and steal login credentials.

5. Supply Chain Risk auditing with automation AND evidence will be essential for both requester and supplier

The paper-based supply chain risk audit questionnaires will attract attention.

For the requester – audit responses are predominately inaccurate and not evidenced.
For the supplier – audits are just a huge manpower overhead.

Therefore, automation WITH evidence will be the only right answer for both parties in 2023.

6. Control coverage will become an IT Operations challenge

In order for IT Operations to have data at their fingertips to prove they have all their cyber controls across all devices, control coverage will become a priority. Replacing that headache with confidence and assurance.

The biggest cyber risk is non-deployment, and the biggest waste of money is not deploying what you have already bought!

For more information on the Secrutiny acquisition, check out our press release.