Cofounder at Nord Security, one of the leaders in providing digital security and privacy solutions for individuals and businesses.
Cybersecurity is in a constant state of evolution. As the distinction between our digital and “real” lives become increasingly blurry with each new technological feat, the surface area for malicious cyber activities grows. On the one hand, this is what makes cybersecurity such an exciting field to work in because it is always about the journey rather than the destination, and each day brings new challenges. On the other hand, the ever-changing nature of cybersecurity, combined with the high risk that comes with being poorly protected, inflicts the cybersecurity landscape with high-stakes uncertainty.
Therefore, staying ahead of the curve on emerging threats and the political economy surrounding them is essential for grasping what businesses and individuals should look out for. Based on the trends I’ve seen in the past 12 months and the events set to happen in 2023, I have outlined my thoughts on what’s in store for cybersecurity in the upcoming year.
The economic downturn will be made worse by a rise in cyberattacks.
With a recession looming, companies are looking for ways to cut costs. Unfortunately, the cybersecurity budget is often one of the first ones to undergo a reduction. However, cybercriminals will not sleep during this period and are very likely to abuse weakened defenses, possibly making 2023 one of the worst years for cybersecurity.
The future is passwordless.
Year after year, one of the most popular passwords remains “123456.” Even though it is impossible to change society’s poor cybersecurity habits quickly, this will no longer remain an issue in the future. The transition will be very slow (for some time, we will live in a world of both passwords and passwordless authentication methods), but many companies and individuals are looking for safer authentication methods. In fact, tech giants such as Microsoft, Google and Apple have already committed to providing their users with passwordless logins.
Fileless malware will become an increasingly serious issue.
Fileless malware is essentially undetectable by most cybersecurity solutions because it does not require the victim to download files. It instead exploits vulnerabilities in already present, well-trusted applications, leaving no trail on the computer’s hard drive. This type of malware is hard to develop and execute, but if it’s done correctly, it can do tremendous damage.
Privacy wars in 2023.
India is planning to discuss its newest privacy law in early 2023, and the U.S. has introduced legislation regarding its first data protection framework, which will work on the federal level. However, authoritarian countries have quite the opposite stance regarding their citizens’ data. Government-sponsored surveillance will continue to increase. With the Global Democracy Index already at an all-time low, the clampdown on digital rights by the most powerful authoritarian regimes could prove troublesome to democracy on a global scale.
The human factor will remain the weakest link in companies’ cybersecurity.
Business cybersecurity tools are getting exceptionally advanced, and increasingly more companies are acknowledging the importance of data protection. However, Verizon’s DBIR report found that the human factor was the culprit behind 82% of breaches. Even though companies are getting better at protecting their data, the lack of robust cyber hygiene principles ingrained in their employee culture will remain the Achilles’ heel for most companies.
Supply chain attacks.
As the worldwide chip shortage has shown, the interconnectedness of the global economy is the main driver of prosperity but is also its weakest link. By attacking intermediaries such as logistics companies and niche manufacturers, cybercriminals can attack one company but have a devastating effect on countless others. We saw this trend in 2022, and it is likely to continue into 2023.
Vehicles becoming a part of the IoT will raise the standards for the industry’s security.
Transport is becoming smarter and, thus, more vulnerable to cyberattacks. The new vehicles roll out with increasingly more functions reliant on the internet connection, thus becoming a part of the Internet of Things (IoT). However, while hacking someone’s smart camera is creepy and a massive breach of privacy, a hacked vehicle can cause a life-and-death situation. It can lead to someone taking control of a user’s car or stealing it by compromising the vehicle.
Organizations that are committed to setting strong security standards for all smart devices will bring even more value in the future.
On the one hand, 2023 is set out to be a favorable year for cybersecurity, with privacy-centric policies dominating the regulatory landscape and big technological breakthroughs just around the corner. On the other, a looming recession is forcing companies to cut their cybersecurity spending, and worrying signs from authoritarian regimes are putting experts in the digital space on edge. All things considered, for cybersecurity, 2023 is set to be a year full of uncertainty.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?