3 KPMG cybersecurity predictions for 2023 

No one can tell the future, and with so many cybersecurity predictions around, it’s difficult to know exactly what to expect as we move forward into 2023. However, KPMG International’s analysts have managed to pinpoint a handful of ways the cybersecurity landscape will evolve over the next year or so.

Recently, KPMG analysts shared their top 3 cybersecurity predictions for 2023 with VentureBeat, to flag how organizations can adapt to keep up with the onslaught of current threats. 

Predictions include big tech firms emphasizing digital trust to keep up with cyber regulation, the incident response window decreasing as threat actors leverage automation, and approaches to zero trust moving from idle evangelism to active implementation. 

Below is an edited transcript of their responses.

1. Big tech will look to digital trust to keep up with cyber regulation 

“Leading organizations in 2023 will realize the benefits of building and maintaining digital trust — and its importance for brand, reputation and customer retention in a world where cybersecurity breaches are becoming increasingly inevitable.

“Expect two big tech firms to embrace this idea — in part anticipating regulation ahead — but, more importantly, recognizing the growing societal expectations over trust.

“2023 brings a perfect storm of cyber regulation as regulators worldwide bring forward rules on the security and ethics of AI, supply chain and digital infrastructure security, and corporate transparency around security and ransomware.

“It will take time for these regimes to bed in and for supervisory competence to build — but the direction of travel is clear — cybersecurity is no longer an optional retrofitted extra. The challenge will be to avoid compliance-driven approaches and stay focused on enabling the business.” 

Akhilesh Tuteja, global cyber security leader, KPMG International and Partner, KPMG India

2. The window to respond to cyberattacks will decrease as attackers turn to automation  

“The time window to respond to cyberattacks will continue to shrink with a never-ending race between attackers and defenders. AI will play a part in automating corporate and national defenses, but organized crime groups will ramp up their automation, too, to scale and accelerate their attacks. 

“In 2023, a day becomes a long time in cybersecurity — and only by integrating cyberthreat management will the defenders be able to stay ahead. Our resilience will be tested, demanding that governments and corporations work together to counter the changing threat.”

Dani Michaux, EMA cyber security leader and partner, KPMG in Ireland 

3. Zero-trust hype will shift from evangelism to implementation

“In 2023, zero trust will shift from evangelism to practical implementation as firms take the concept to heart and reengineer their security solutions for a perimeter-less organization. As we do so, pressure is growing to reduce the security burden and adopt more usable and less intrusive security measures. 

“Simply layering more and more protecting controls increasingly risks impeding the business. Getting the right balance between protection and rapid detection and response will be key to success — and people need to be at the heart of that design.”

Kyle Kappel, cyber security leader, KPMG US