As we turn the page on 2022, IT professionals look back at one of the worst years on record for incidents. Cyberattacks and breaches continued to rise with no end in sight.
Organizations invested in technology at a record pace—and continued to be at risk. During 2022, over 65% of organizations expected security budgets to expand. Gartner estimates that $172 billion will have been spent last year, up from $155 billion in 2021. Despite this increased spending, the attacks continue at an exponential rate. According to Check Point, by mid-year, cyberattacks had risen 42% globally. From supply chain breaches to ransomware, organizations continue to struggle with how to avoid becoming an eventual statistic of being attacked.
To shift the equation, as we look forward to 2023, several emerging trends are top security areas where executives should focus.
User awareness is still the number one area where organizations must continue to invest. The theft of credentials to leverage access continues to be the number one threat to organizations.
According to the Ponemon Institute, over 54% of security incidents result from credential theft. This report states that 59% of organizations fail to maintain strict user account lifecycle management, leaving credentials that are no longer needed in the environment that can be compromised. It is this type of failure in credential management that bad actors leverage to gain access to accounts, and data. Lifecycle management of identities must improve to avoid these types of breaches. This area will continue to be an ongoing challenge for organizations in 2023.
Ransomware, as projected, would continue to be a leading way for bad actors to leverage control and data to monetize hacking organizations. According to the SonicWall Cyber Threat Report, the global volume of ransomware is increasing by 98%. Although this number is down from 105% increase in 2021, the frequency and dollars spent continue to grow.
Globally, healthcare, financial services, manufacturing and state and local governments continue to see a rise in the frequency of attacks. What is interesting about these attacks is that according to Veeam in the 2022 Ransomware Trends Report, 76% of those that participated in the research had experienced an attack. Of those only 69% that paid the ransom were able to obtain their data. A growing trend in this game of cat and mouse is that you may pay the ransom and still not be set free from the hackers’ control.
Third-Party/Supply Chain Risk
From internet providers to manufacturers, this continues to be an issue. In 2022, we witnessed several third-party supply chain breaches. Forbes earlier in the year outlined how this topic has hit prime time in the board room. Accenture also highlighted this area for concern—not only vulnerabilities due to third parties but the actual disruption of supplies as it relates to technology disruptions. This challenge will continue in 2023 and we expect that the growth in this area will be in the double digits.
IoT and DoS
IoT/OT and DoS attack vectors were key areas in 2022 for an attack. Organizations are still trying to get their arms around exactly what is on the network and how vulnerable the devices are. Meanwhile, bad actors are finding ways to exploit devices connected to the internet at a record pace. As organizations accelerate adoption, security is woefully an afterthought. Bad actors will continue to take advantage of weak security postures in this area to exploit security holes to break into secured networks.
Mobile Device Attack Vector
Issues in this area exploded in 2022, ranging from application security to privacy of personal data. Organizations that write apps must secure code, keys and personal data. Few are taking the necessary precautions to validate that all these areas are covered at a comprehensive level. The other challenge is that applications intentionally share personal data about the users. From locator services information to text messages, users fail to understand exactly what data is being collected from mobile devices and then shared or sold on the open market. This area is going to be huge in 2023, with users now starting to become more aware of these risks.
Phishing Targeted Attacks
This vector is still the number one way that bad actors get into networks. Phishing, smishing and social engineering are still extremely popular, and the bad actors are getting more sophisticated about the methods, approaches and techniques used to gain information and credentials to gain access to systems and data. F5 posted last year that there was a 45% increase in phishing emails from 2020-2021. Expect that the number has again increased when its report is published for 2022. Bad actors are now using automated tools to carry out these attacks; with these tools they can send millions of phishing messages with a single click. The trend for 2023 is that smishing and mobile device attacks are growing as users ditch standard email and move to text and SMS messaging.
Other Trends for 2023
Based on what is occurring in the market and the economy here are a few other items to consider as you look at trends in 2023. Resources are going to continue to be very difficult to retain, attract and find. With the changes that Covid-19 introduced into the workforce with remote work and just a large demand for few resources, it has been difficult this year to retain and attract talent. Workers are looking for big pay and larger flexibility in work locations and schedules. Organizations attempting to return to the office are finding that some of their best talent resources are not on board for that move. The resource constraints are going to continue in 2023, with security and cloud leading the way in highly sought-after talent.
Data security is going to be a big bet in 2023. Organizations have started figuring out that they have data everywhere and a lack of controls to secure, encrypt and manage the data. This challenge and the compounding of third-party access and risk leave the board of directors and CIOs up at night. 2023 will be the year some organizations start to admit their weaknesses internally and begin the process of identifying where data lives, how it is secured, who has access and complete lifecycle management.
The next area for 2023 trends is application security. In general, CI/CD pipeline and security around application development is a big area for concern. Development teams in a number of organizations have operated independently from cybersecurity. Dev/Sec/Ops has been held at arm’s length with the statement that developers own security in the development environment. Without specific oversite and auditing, development teams often leave access and environments insufficiently managed and protected. This is the pandora’s box within an organization.
Often, inconsistent controls are found, and a lack of auditing and identity lifecycle management is almost non-existent. For example, contractors who worked on last year’s development project still have administrative rights to code and systems. Libraries and other resources are stored in places like unsecured box accounts. These types of habits require organizations to look closer at security practices, standards, auditing and procedures.
The last crystal ball item for the coming year is the rise in FINOPS. This is the awareness that security, development and cloud all cost money and how FINOPS is the next big bet to analyze spend, trends, baselines and look for cost optimization, reductions, waste and abuse. From overspending in the cloud to shelfware, organizations have been on a spending spree and with the tightening of the economy and budgets, CIOs are going to be looking for every dime that can be saved or shaved off the budget.
If you want to improve security without breaking the bank in 2023, how your organization prepares for some of these trends could be the difference between a better-layered defense strategy or being the next headline in the local paper about a breach of your network.