This post is part of our 2023 cybersecurity prediction series.
Cody Cornell, Co-Founder & Chief Strategy Officer, Swimlane
There will be a redefinition of the cyber insurance industry.
For the last decade, organizations that paid premiums were able to bail themselves out when a disaster struck. But as cyber insurance premiums continue to rise amid the proliferation of ransomware, insurance companies are struggling to manage the cost and premium relationship. In 2023, we will see a new evolution of cyber insurance emerge with specific coverage criteria tied to cyber hygiene. Cybersecurity teams will be required to demonstrate the efficacy of their strategy, and organizations that fail to maintain proper safeguards will be excluded from coverage when an attack occurs.
Cybersecurity budget conversations will shift from “what” to “why.”
As economic uncertainty looms in the air as organizations plan for 2023 budgets, the conversation around purchasing cybersecurity solutions will transition from “what are we buying?” to “why are we buying it?” With leadership looking to tighten budgets, the c-suite will begin to question the effectiveness and outcomes of security tools rather than just worrying about having solutions in place, ensuring the budget is spent on tools that bring value to the business.
The role of automation in security will become more broadly applicable.
Today, many organizations are finding that their SIEM and data lake stories are no longer providing enough value. Most of the alerts that they're responding to are being identified downstream by their threat detection tools, not via their SIEM. In 2023, organizations will begin to move their response to high-fidelity alerts to their automation system, as opposed to running it through a data lake or some type of SIEM as it's very cost prohibitive and slow to respond to high-fidelity information. Through the combination of things like the broad applicability of automation and the move away from aggregation as the sole mechanism for response, automation will begin to have more use cases across the cybersecurity industry.
Nick Tausek, Lead Security Automation Architect, Swimlane
Third-party and supply-chain attacks will continue to evolve, especially against government agencies.
The U.S. Government has made great strides in reducing direct attack threats through initiatives like expanding the Cybersecurity and Infrastructure Security Agency (CISA) along with several guidances on strengthening responsibility and community-driven threat detection. While the government has revolutionized how they respond to direct cybersecurity threats, federal agencies now must pivot their focus to third parties. In 2023, we’ll see third-party and supply chain attacks become much more debilitating to infiltrate federal agencies despite the increased focus on cybersecurity.
A major water treatment plant will suffer a cyber-physical breach.
The protection of critical infrastructure industries continues to receive increased attention as attacks on these organizations run rampant. While many attacks against sectors like utilities and manufacturing have remained digital, 2023 will bring about physical cybersecurity attacks against vital organizations like water treatment plants that shut down entire city supplies for days. Water facilities represent a softer target than power plants for example which are used to fending off attacks traditionally. Especially on the heels of the Jackson, Mississippi water crisis, attackers will look to take down water systems in heavily populated areas to cause significant disruption since the damage would be longer-lasting.
Nation-state threat actors will lean on social media manipulation to indirectly influence the security posture of the federal government.
As tensions between nation-states like Russia and China continue, these countries will leverage social media manipulation like Twitter bots, fake Facebook news and even TikTok to influence the security posture of the federal government. Platforms with ties to hostile foreign governments like TikTok present an even greater opportunity to manipulate voters in the U.S. and other western democracies, and those governments have shown great willingness to exploit this opportunity. While this tactic isn’t a direct cyberattack, these nation-state threat actors can influence public behavior to bring about large-scale changes within society.
In 2023, as we head into the 2024 U.S. presidential election, this will only increase. Election denialism and conspiracy theories will continue to be promoted by foreign and domestic agents hostile to democracy with the purpose of delegitimizing elections in western democracies. This tactic will prove successful and election conspiracies will run rampant, causing huge swaths of the population to refuse to acknowledge the results of legitimate elections.
Prominent nation-states will ramp up the use of ransomware to offset sanctions.
As sanctions continue to tighten around hostile nation-state threat actors, particularly Russia amid the war with Ukraine, we will see these countries ramp up ransomware attacks. This attack method, which is seen as easy, effective and profitable, will help nation-states mitigate the impact of sanctions during times of conflict and tension.
###
Comments