Malicious behavior will get worse before it gets better – and investments in technological infrastructure will rise in response
The increased malicious activity we saw in 2022 is no surprise – and will only continue to grow in 2023. My long-term outlook is optimistic but short-term pessimistic, and I expect organisational approaches in the coming year to continue to be more cautious, especially as public and private organisations are still figuring out how to contain the growing number of cyber threats. In 2023, we can expect increased investment in IT modernization, especially as malicious activity continues to rise in sophistication. With modernized IT environments, security will become a “built-in” element of infrastructures instead of an “add-on” – so even with short-term challenges, the long-term benefits of IT modernisation are paramount and key to mitigating evolving cyber threats.
In a hybrid world, the cloud will be de-facto environment for maximum security
On-premise environments cannot maintain the same default level of security as cloud environments can in today’s hybrid world. The base security of the cloud, coupled with an organization’s protected configuration, will be stronger than what any on-prem environment can realistically offer. Cloud technology will continue to embrace simplicity across a highly complex security landscape, and become an abstraction-generating machine for identifying, creating, and deploying simpler modes of operating securely and autonomically. Organizations will also reap more of the benefits of using “software defined infrastructure” in the cloud, or even on-premise, to deliver the promise of controls-as-code. For businesses, tapping into the constant security updates the cloud provides will be like tapping into a global digital immune system that is constantly growing in strength. In 2023, we’ll see more organizations across sectors transition to the cloud to support better security.
Competition amongst security providers will continue in 2023 – in the best way
The pace and extent of security feature enhancement to products is accelerating. For the first time in history, we have the biggest organizations across the private sector working harder than ever to deliver better security for enterprises, governments, and critical infrastructure organizations. This massive, global-scale competition to continue bettering security will continue to be a benefit to all. Security improvements in the cloud will continue to advance the industry in the coming year.
The cybersecurity workforce will advance amid training and skills development
Cybersecurity workforce challenges are still prevalent – but as we head into 2023, we will start tilting in the right direction through efforts to radically improve the productivity of the cybersecurity workforce, increase the cross-training of employees into cyber-specific roles, and provide more strategic entry-level cybersecurity positions. Cybersecurity roles are not a monolithic career. There is no typical “cybersecurity” role – we’ve evolved, and in 2023, we need to start viewing it as such.
The adoption of threat intelligence is no longer a “nice to have”
Attackers are strategically shifting and advancing their malicious tactics, especially as defenses – including forms of authentication like MFA – evolve. Because of this, threat intelligence has never been more critical in order to remain one step ahead of attackers. In order to effectively detect, investigate, and respond to malicious activity, organizations will enhance their consumption of tactical threat intelligence as fuel in their security operations suites.
