This post is part of our 2023 cybersecurity prediction series.
In 2023, connected automobiles with growing number of attack vectors, will escalate the automotive industry’s focus on cybersecurity to catch up to the public’s concern.
There are more than 237 million connected vehicles in operation worldwide, according to Statista estimates, representing a vast number of attack surfaces for bad actors and an inflection point for the industry to come to terms with what it means to be cybersecurity compliant. For consumers, it’s equally important to have the assurance they are physically safe in their vehicles as it is to know they are cyber secure. While public attention on the cybersecurity of automotives is very high, the industry itself is still playing catch up. Historically, once a vehicle was proven safe, it would remain so for several years, but in terms of cybersecurity, patches could be necessary within merely one or two weeks. Closing this gap will require a cultural and mindset shift for the automotive industry to meet consumer demand for cyber safe vehicles.
With significant growth in the self-driving trucking and autonomous passenger vehicle markets, 2023 will be the year of blockchain.
As the heavy-duty trucking market evolves toward platooning and connected fleets, secure communications among each other and the infrastructure are paramount. The number of autonomous vehicles on the road is expected to surpass 54 million in 2024, paving the way toward a major emphasis on blockchain ledgers to help ensure trust in data transmitted between vehicles, phones, infrastructure and the electric grid.
When we look back on 2023, healthcare will be the most attacked sector in the global economy.
Recent Statista research revealed that the healthcare industry was the second-most attacked industry vertical from November 2020 to October 2021, trailing only financial services. Ensuing Q3 2022 research from security firm Check Point revealed a 60% YoY increase in attacks in healthcare, to a total of 1,426 attacks per week. Unfortunately, as more and more health systems adopt digital and connected technologies, I expect that 2023 will be the year we see attacks against the healthcare industry rise to the top of global industry landscape, further hampering digital transformation initiatives across the industry.
In an industry in which patients’ rights to privacy have been the main focal point from a regulatory standpoint, in 2023 we’ll see cybersecurity and data privacy take center stage in the healthcare regulatory landscape.
Since 1996 in the US, the Health Insurance Portability and Accountability Act (HIPAA) has governed patient privacy and more recently GDPR in the EU has done the same for the healthcare industry. And while HIPAA and GDPR are among the most comprehensive and successful regulatory initiatives protecting individual consumers, the privacy and security landscape – including in healthcare, specifically – seems to be shifting exponentially more quickly each year. As healthcare becomes more digitized, and as we see more digital threats arise in parallel, in 2023 I expect we’ll see significant momentum on privacy and security regulations in healthcare that reflect that threat landscape.
We’ll see an encouraging trend in connected consumer devices, with cybersecurity resilience taking precedence over speed to market.
For decades, the tech world’s “move fast and break things” mentality has led to tremendous innovation and groundbreaking new hardware and software products. However, as cybersecurity threats increase, and as digital products shift from just laptops and cellphones to more personal devices – security systems, doorbells, thermostats, kitchen appliances, etc. – in 2023 and beyond, I expect device manufacturers to adopt more deliberate product rollout timelines in order to ensure the security of their products. Consumers will demand a product that they know is secure, from an organization they know will be a good steward of their data. And while consumer technology companies will continue to innovate, we’ll see product development timelines that reflect an increased prioritization of security and privacy at the core of each product.