This post is part of our 2023 cybersecurity prediction series.
Tim Prendergast, CEO, strongDM
Looking into next year, I think we will see the security market continue to build toward practical applications of zero trust philosophies, as the industry gets its feet under itself in terms of figuring out how to talk with customers about what 'zero trust' means and how it is supposed to work. For their part, I think customers are reaching a tipping point of being very well-educated in this market, and I think that will cause established companies to reposition product portfolios into a focused 'zero trust' messaging platform, to address the customer opportunity. In 2023 the talk will continue around a pending recession, but we remain hopeful that things will turn around by 2024. People will begin investing in startups again that are innovating in this space. We may see a lot of private equity or mergers and acquisition continue to drive the security space. There will be a definite shift in how people are looking at this chessboard. I want to offer simple advice for businesses in the new year, especially in a downturned economy. Be a good steward of the capital you have in front of you. I think many companies got into the habit - due to investors and plentiful cash at low-interest rates - of thinking that you can always get another round of funding. In a bear market, you realize that's not a possibility, so you must go back to the fundamentals of business. Be profitable, and focus on incrementally growing the business. Support the investments you’ve made and focus on optimizing your processes that can keep the pipeline busy without over-complicating it all. For example, with free-flowing cash, a lot of people were like, 'Let's go, attack 25 different markets!' Instead, focus on the core markets your business does really well. I think people were really getting a bit over their skis and trying to do too much at once.
In 2023, the market will see businesses taking more of an iterative approach to building out the business, its markets and products. Every year is a good year to build on solid fundamentals, and 2023 will be a year for organizations to be smart, and not get over their skis. One of the biggest trends that will absolutely continue into 2023 is the decentralization of the traditional corporate headquarters. We have emerged from the pandemic into a new working reality which is that the best people live where they want to live. This has led businesses to the compromise of creating a place where they can work and be contributing to the company's goals but also, they can be happy and have a fulfilling personal life. I think that the cliche work-life balance that so many people have struggled with for so long has finally gotten to a place where it feels attainable with a decentralized workplace. No one wants a job where they occasionally get to have a life, too. I think that's a fair expectation. There are also other benefits to being decentralized, especially when you look at the distribution of people in city centers, traffic is horrible and it's not great for the environment. People being able to work from wherever they happen to be, but still have opportunities for occasional on-site or human interaction is the future. People want their time to be spent in meaningful ways, not just filling seats in the office between eight and 6 p.m. I don't think that's a reality. We have the technology to have productive conversations and get a lot of work done. In the end, I think that's better for the economy and the planet. It's why we've always been a remote-first business - because as a company that sells a SaaS solution, we don't need to physically be in the same location to build our product.
Justin McCarthy, co-founder and CTO, StrongDM
In 2023 I believe we'll see rebellion against systems that aren't respectful with our time. Systems that generate ample noise and minimal signal. When it comes to the demands on our attention in 2023 and beyond, less is more.
Security technology is one area that has been requiring too much of our attention and energy for too long. It's frustrating because there's so much friction where it isn't necessary. There's a better way but consumers of security technology will have to demand it and developers and engineers have to work on it.
One small example: authentication. As we move into 2023 we'll look to WebAuthN, Passkeys, and other passwordless systems to improve the user experience and reduce the burden on IT teams. That's where we'll really start to feel the difference. And with this feeling will come elevated expectations that then get transferred to every other aspect of our IT systems and security environments. Hopefully, it will push us to ask why it can't be simplified?