Top 10 security predictions for 2023

As organizations around the world wind down in the steadfast approach toward the end of the calendar year, it’s only natural to reflect on the year about to end. This is a great way for us to learn from what’s come before, assess ourselves and face forward with a newfound resilience.

The focus of this blog is to look beyond what we’ve come through, specifically looking onward to the trends and predictions impacting cybersecurity in 2023. Whether they are existing concerns that are expected to increase in criticality, increased adoption of advanced technologies to shore up security or tangential shifts in how the enterprise looks at, adapts to and remediates against cybersecurity threats – or all of the above.

Make no mistake – if the previous year kept IT and Security teams on their toes – the new year to come will certainly not disappoint if the top ten security trends and predictions for 2023 are any indications of what to expect.

Top ten security predictions for 2023

Without further ado…

1. IoT device usage up = security concerns grow too

The Internet of Things (IoT) device type is notorious for its lack of security or implementation of weak security protections. But as more devices like wearables, digital signage and at-home automation surge, ensuring that devices, users and company and/or personal data remain safe from threats will be an increasingly difficult task. In fact, some of the more critical vulnerabilities affecting IoT devices, like default settings, outdated software and weak passwords and data protection schemes are often rooted in a general lack of understanding of IoT security, as well as mismanagement of their connectivity protocols.

While that really only scratches the tip of the iceberg, as they say, the fact remains that the security vulnerabilities outlined above – including other considerations – when multiplied by the just over 40 billion IoT devices estimated to be in use by 2025, the risk from IoT devices will only continue to grow and their combined theoretical capability of generating 79.4 zettabytes (ZB) of data.

Pro Tip: 1 zettabyte (ZB) = 1,000,000,000 terabytes (TB)

2. Remote and hybrid environments still have a difficult time securing data.

While it has been several years since the pandemic seemingly shut down most of the world, many organizations worldwide decided to migrate to remote or hybrid work environments to continue business operations in as safe and secure a way as possible. While some organizations have fared better at this transition, others are still finding it nearly impossible to securely protect enterprise data from remote threats.

While several solutions leverage the power of the cloud to maintain endpoint security while upholding privacy and flexibly managing mobile devices of any ownership model, each organization has unique needs that may require jumping through additional hopes before they can crystalize their data protection strategies.

3. Nation-state attacks expected to increase globally due to elections

The political stage is expected to get added attention in the new year from bad actors backed by nation-states looking to disrupt elections and attack national infrastructures and organizations within countries and regions around the globe. According to the National Democratic Institute (NDI), a non-profit, non-partisan organization that works to support democratic institutions globally, they are tracking many elections scheduled to be held in 2023.

“With geo-political unrest in some of the most powerful cyber nations today, cybersecurity infrastructure is at stake. Nation-state-backed actors are threatening critical national infrastructure and cyber disruption.” – David Mahdi, CSO and CISO Advisor, Sectigo

It’s no secret that the election process has long been a hot-button topic for nation-state actors and hacktivists. Given an already tense political climate in recent years, the continuation of attacks by and against governments and enterprises is expected to accelerate considering the number of elections planned which is certain to test cybersecurity resilience in the coming year.

4. AI increasingly leveraged in the enterprise against cybersecurity threats

According to a recent Yahoo report, if its forecasted 23.5% growth with a projected swell to over $28.09 billion by 2030 are any indicators, artificial Intelligence (AI) and related machine learning (ML) are both advanced technologies whose applications hold a number of keys to unlocking the untapped potential of many industries. Among those benefiting greatly from AI/ML is cybersecurity.

While we’re not exactly Skynet-levels of integration, companies have been leveraging these powerful technologies in behavioral analytics that analyze data streams, obtaining meaningful insights that determine if system behaviors hold patterns to threats and attacks by bad actors, including unknown malware or suspicious movements. The end goal? Gathering valuable threat intelligence information to inform endpoint security software, orchestrate technical controls and perform remediation workflows to secure devices and mitigate threats.

The ability of AI and ML to ingest and process data at rates far beyond what humans are capable of is a critical component to helping organizations hunt for hidden cyber threats while algorithms in pattern detection reveal vulnerabilities in configurations, apps or security within computing systems.

Additionally, AI’s ability to accurately detect and respond to attacks means it can also defend against attacks much more quickly by calculating what responses to prioritize, effectively and efficiently fending off attacks automatically – without human intervention required or slowing down its efficacy.

5. The culture surrounding security awareness gaining traction

One would think with such access to informational resources, such as the internet and its ability to access all forms of data from our fingertips that awareness of common threats and scams targeting users would effectively minimize those threats. Sadly, that is not the case as phishing attacks continue to sit at the top of the threat landscape but not all hope is lost as the culture surrounding security awareness has been gaining traction within enterprises.

“91% of successful data breaches started with a spear phishing attack” — KnowBe4

This is especially good news as this of course translates to users adopting a more security-savvy mentality that helps them handle the threats they face daily from both professional and personal spaces. With organizations and users both recognizing the importance of security training, services like KnowBe4 are being leveraged by organizations to further build upon their security knowledge foundation to incorporate proper behaviors to establish a security-minded culture as a means of extending awareness that translates into mitigating risk.

6. User privacy protections take a priority role within holistic security strategies.

Data security is crucial to organizations from a litany of concerns, not the least of which is the interruption to business continuity, exposure to liability from data leakage of protected data types, like PHI and impacts on public perception and reputation. And while PII, or personally identifiable information, has always been a sensitive data type, recently proposed changes to state and regional laws (like GDPR in Europe) have raised its prominence within enterprise security strategies.

Add to the mix remote and hybrid work environments that often rely on personally owned mobile devices as part of their BYOD support model and the criticality to uphold user privacy requires that strategies to keep PII protected are prioritized and built into an organization's defense-in-depth security strategy to ensure that company data stays safe without compromising user privacy – and potentially – ensuring compliance is maintained.

7. Passwordless authentication workflows gain prominence.

Ah, the venerable password. Next to end-users, this is arguably the second weakest link in the security chain – and for good reason. It seems that for every user that follows the best practices of choosing a unique password, deriving complexity from the mixed use of multi-case characters, numbers and symbols while making sure to not write it down on a post-it note “hidden” under their keyboard or bent back on the monitor’s bezel…there are seemingly thousands of users that cannot be bothered to “remember one more password”.

Even then, all the password policy guidance and enforcement doesn’t matter much when users are willfully giving over their credentials to social engineers. So, what’s the best protection against password-related attacks, you ask? That’s easy – keep data secured by removing the password from the equation!

That’s precisely what passwordless workflows aspire to achieve by leveraging multi-factor authentication (MFA)alongside your trusted device (and its security certificate stored in the Secure Enclave) – let’s call it an iPhone (something you have) – which provides the verification factors like device pin (something you know) and Face ID or Touch ID(something you are) to reimagine the authentication process, simplifying the user experience while simultaneously minimizing risk from the source of “where greater than 80% of all breaches originate.” – compromised credentials, as per Jonathan Locast, Jamf.

8. Convergence of management and security frameworks

Frameworks are a critical aspect of managing any lifecycle. Whether it’s the device, application, software development or security to name a few, frameworks provide enterprises with a structured, concise and iteratively driven tentpole that encompasses all the facets that go into achieving success – continuing that success – within a given process.

In the case of security, the goals are simple but difficult to hit: bake in secure processes into each component that serves as the building blocks of your defense-in-depth strategy to ensure data security and maximize regulatory compliance while minimizing confusion.

In the case of device management, the goals may vary depending on your unique organizational needs, but they are generally easier to achieve: obtain visibility into each component that serves as the core of your device management solution to ensure that endpoints are actively monitored and that metrics vital to the health of your endpoints are collected to inform decisions moving forward related to maintaining device health, auditing compliance goals and make administrative management as easy as possible.

Two peas from the proverbial same pod, so why not join them so they work together? That’s the idea behind convergence. A holistic approach to security that positions solutions offering device management, identity integration and endpoint security – designed to work together as a single, comprehensive end-to-end solution for centralized management of your Apple fleet.

9. Cyberattacks exploiting supply chain vulnerabilities continue impacting organizations.

It’s no secret that attacks against the supply chain are devastating to, well, everyone.

“82 percent of CIOs believe their software supply chains are vulnerable.” — Venafi

Simply put: when it comes to the supply chain, regardless of whether your organization is directly attacked or not, the indirect fallout could still have a disastrous impact on your enterprise's security posture.

The fact that these cyber attacks expand to include governments, businesses and critical infrastructure not only makes them very critical to protect against but according to a recent Gartner supply chain cybersecurity report, “44% of organizations will substantially increase year-over-year spend” to effectively mitigate risk stemming from these types of attacks.

As attacks in the past have shown, while larger organizations may attribute greater levels of risk – make no mistake about it – supply chain attacks affect businesses of all types and sizes. In a nutshell: “Cybersecurity in the supply chain cannot be viewed as an IT problem only”, underscores the National Institute of Standards and Technology (NIST) in their Best Practices in Cyber Supply Chain Risk Management guide to help enterprises harden their people, processes and knowledge to best protect against breaches.

10. Zero Trust continues to gain steam by verifying device and credential health before granting access to resources.

For those unaware, imagine for a second that the security of your organization’s data was decoupled from the exclusivity of the devices that access it. Meaning that protected data was contained in a secure space that was independent of the level of security of your computer or that of a colleague. And that this same secure system that contained the data you requested would not approve your request until certain criteria were met and confirmed. Access to protected data is denied, by default, so if you do not meet any one of these criteria, access continues to remain denied until you prove otherwise.

Enter Zero Trust. “Never trust – always verify” is the tagline of sorts that best exemplifies the security model at the crux of Zero Trust. It tosses aside known concepts as “trusted” internal networks or the notion that managed devices carry a greater level of implicit trust than unmanaged devices. The concept here is simple: all network traffic, devices and users are considered untrusted regardless of what side of the perimeter they're requesting access from.

To obtain access to protected resources, like data, apps and services, at a minimum, users must authenticate with their cloud-based identity and the devices they use to request access must be verified by the Zero Trust service as being free from compromise. This device health check that occurs each time a resource is requested may include but is not limited to: ensuring endpoints have endpoint security software installed, are free from malware, have up-to-date patches and meet other forms of security checkpoints deemed critical to enforcing data security.

If you have questions or concerns about how any of these trends may impact your organization in the coming year, Jamf can help!