Join top executives in San Francisco on July 11-12, to hear how leaders are integrating and optimizing AI investments for success. Learn More

At times the threat landscape looks bleak, but it’s also driving greater collaboration between vendors and organizations. At least that’s what Microsoft security leaders are suggesting in their 2023 cybersecurity predictions. 

Just recently, VentureBeat connected with some of Microsoft’s top security leaders and researchers, who shared their predictions for 2023. 

Some of the analyst’s predictions included cross-industry collaboration to address new threats, a growth in data-driven intelligence, an uptick in ransomware attacks and new extortion techniques. 

Below is an edited transcript of their responses.


Transform 2023

Join us in San Francisco on July 11-12, where top executives will share how they have integrated and optimized AI investments for success and avoided common pitfalls.


Register Now

1. Advancement for the security industry and collaboration 

“I expect 2023 to be a year of great advancement for the security industry as a whole. We all know the threat landscape continues to expand in volume and sophistication as attackers become more skilled in their methods of attack, but I am so optimistic seeing the innovation happening across the industry – from AI to cloud to threat tracking, as well as more awareness and adoption of end-to-end security solutions as we work to simplify security in a complex environment. 

Most importantly, we’re seeing the industry come together to solve big security problems in unified ways. No one company can do it alone and I believe whole-heartedly that we are better when we share learnings, intelligence, and resources. 

In 2023 I think we will see even more collaboration and partnership amongst the good guys as we work together to make the world a safer place for everyone.”

CVP Security at Microsoft, Vasu Jakkal 

2. Data-driven intelligence key 

“There’s no better way to understand the scope and scale of a problem than data. In 2022, Microsoft tracked more than 250 unique nation-state, cybercriminal and other actors, monitored more than 35 ransomware gangs and processed more than 43 trillion security signals per day, including upwards of 1,200 password attacks per second. 

That data gives us unique insights into how to develop protections that are continuously learning attacker techniques and behaviors. In 2023, we will see new breakthroughs in the use of data in security including new tools to empower humans and accelerate the speed of response as we expand security for the entire cloud ecosystem. 

This data-driven security intelligence will give us insights into how to further harden cloud ecosystem security, including multi-cloud infrastructures and cloud applications.” 

CVP of Microsoft Cloud Security, Shawn Bice 

3. Ransomware threats are here to stay 

“Ransomware continues to be one of the biggest threats we face and it continues to grow. 2022 saw more than a 130% increase in ransomware attacks. 

From nation-states to members of the cybercriminal gig economy, attackers are using the same techniques because they work. In 2023 we’re going to see attackers adopting AI to improve the speed and accuracy of their attacks targeting critical infrastructure and supply chains. 

For defenders, this will be a year of disruption. The combination of human and AI-powered threat intelligence, innovation and investment will enable us to move faster to disrupt attackers before they inflict more damage and limit their ability to generate revenue to fund continued attacks.”

CVP of Microsoft Modern Protection and SOC, Rob Lefferts 

4. Threat actors will innovate new extortion tactics 

“The two greatest threats we face in security today are ransomware and extortion. With ransomware, organizations are up against a business model and economy that is very dynamic, not just as a set of static threat groups. 

This rise of additional extortion tactics such as ‘hack and leak’ and data destruction have put additional pressure on customers to pay, which only fuels attacker’s business model. 

While prevention continues to be the best approach, the next most successful strategy is to focus on early detection and outbreak containment which can help limit the scale of a breach. 

Ensuring organizations have visibility across their digital estate from client to cloud across data, infrastructure, identity, and applications, especially across IT, OT and IoT is paramount; as is taking an ‘outside-in’ view of their infrastructure to understand what is exposed to attackers and how to lock down those assets.

On the defender side in 2023, we will see innovation combining the power of AI and threat intelligence so that threat intelligence is applied at scale to detect and stop the spread of an attack, if not prevent it. We will also see deeper partnerships and intelligence sharing within the security community to build on our collective understanding. 

Proactive defense against cyber threats is a global mission and I am excited and hopeful about the opportunity to work on today’s most challenging problems with the world’s defenders.”

CVP of Microsoft Threat Intelligence, John Lambert 

5. The cloud will become a net-positive for cybersecurity

“2022 marked a new era of cybersecurity – the age of the hybrid war when Russia launched a massive destructive cyberattack against Ukraine hours before missiles were launched. Looking ahead at 2023, I expect: 

  1. A continued growth of conflict in cyberspace. In addition to Russia’s destructive attacks related to its invasion of Ukraine, we are seeing Iran becoming increasingly aggressive with destructive attacks targeting Israel and Albania. Other nations are increasing their cyber-espionage attacks. 
  2. Russia will continue its military-coordinated cyber offensive against Ukrainian critical infrastructure and may engage in further cyberattacks against transportation or critical infrastructure targets in countries supporting the Ukrainian defense.
  3. We should be prepared for Russia cyber-enabled influence operations to be conducted in parallel with cyberthreat activity, especially in Ukraine and Europe during the coming winter. Other nations will expand their influence operations to extend their global influence on a range of issues. 

A key lesson from 2022 is that the cloud provides the best physical and logical security against cyberattacks. Having proven its value in Ukraine, governments and critical infrastructure will move increasingly to the cloud and will benefit from innovation extending AI capabilities to strengthen cloud cybersecurity.”

CVP of Customer Security & Trust, Tom Burt 

6. More online services will emerge offering BEC and human-operated ransomware 

“In 2023, we’ll continue to see cybercriminals adapt and find new ways to implement their techniques, increasing the complexity of how and where they host campaign operation infrastructure. 

The commercialization of the cybercriminal economy has made it easier for attackers of any skill level to perform intrusions, exfiltrate data, and deploy ransomware.

This has led to an increasing number of online services facilitating various cybercrimes, including business email compromise and human-operated ransomware. Basic security hygiene protects against 98% of attacks, but as cybercrime has no borders, we must continue to fight this threat together through both public and private partnerships.”

GM and associate general counsel, Cybersecurity Policy & Protection at Microsoft, Amy Hogan-Burney.

7. The rise of Cyber Signals and OT forensic tools

“In the last few years, we see more Operational Technology companies like the manufacturing industry moving towards cloud connectivity as part of their digital transformation to become highly data driven organizations. 

This move enables the ability to apply AI and cloud processing on OT data, giving them better tools to improve the efficiency of their production, predict and prevent problems, and increase revenue.

This also introduces these organizations to new security challenges, as these OT networks have outdated devices that are insecure by design and devices that contain known vulnerabilities. 

In many cases these vulnerabilities cannot be patched because doing so will require operational downtime. Addressing these challenges call for different solutions than traditional IT, one of the byproducts will be the rise of OT forensic tools, enabling IT SOC analysts to mitigate threats and hunt for malware in their OT environment.”

Microsoft Threat Intelligence, head of IoT/OT Security Research, David Atch 

8. Cloud adoption rates will continue as worker mobility diversifies

“I have five predictions for 2023 as they relate to endpoint management. First, strong cloud adoption rates will continue. Second, security will remain the top issue for CTOs. Third, worker mobility will not only increase but diversify. 

Fourth, CTOs will need increasingly to pay attention to local data sovereignty requirements. Finally, 2023 will see a movement toward mainstream AI and automation in IT. 

CVP Management at Microsoft, Michael Wallent

9. Greater adoption of AI and ML to manage risk

Given how quickly compliance and security needs can change, I believe that in 2023 there will be a more widespread understanding, and ultimately adoption of artificial intelligence and machine learning advances to dynamically manage risk — both from external threats and from within organizations. 

These advances will allow security, compliance and privacy teams to maximize their own productivity while balancing data protection efforts, without compromizing either, at a time of great business transformation. 

As data estates rapidly increase each year, along with it comes unwanted data risk, and human-led and AI-enhanced tactics can empower security teams to create better governance while actively combating other cyber risks. 

Corporate vice president of Microsoft Data Protection, Risk and Compliance, Rudra Mitra 

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.