VentureBeat presents: AI Unleashed - An exclusive executive event for enterprise data leaders. Network and learn with industry peers. Learn More
There’s no doubt that the pressure on security teams is on the rise. From geopolitical tensions and nation-state attacks to the growing complexity of cloud — security professionals have had their work cut out for them to keep organizations secure.
But, with 2023 likely to bring further economic downturn, the security industry will be reassessing where to prioritize a limited budget while looking to do more with less.
And the economic hardship will be felt not only by security professionals, but by hackers. Many could be forced to consider revenue generators — such as exploiting machine identity management — as the old techniques like ransomware may fall flat thanks to tightened company belts.
As threat actors find new ways to exploit vulnerabilities and inflict more damage, such as targeting critical infrastructure, robust cybersecurity – particularly machine identity management – is essential.
An exclusive invite-only evening of insights and networking, designed for senior enterprise executives overseeing data stacks and strategies.
Here are my top predictions for the coming year.
2023 will tell the tale of two CISOs
In 2023, outside influences and harsher economic climates will stretch the security industry: Some CISOs will shine, while others will play a supporting role. With geopolitics on unstable ground, cybersecurity has never been more important. But the economic downturn will squeeze security budgets across Europe and the U.S., and CISOs will have to do more with less. This will bring security leaders into sharp focus.
Forward-thinking CISOs who embrace decentralized security decision-making will take a more prominent role, and ultimately lead their organizations to the front of the pack. This will mean optimizing what they already have and collaborating across business functions to maintain a competitive edge.
On the other hand, some CISOs will be more cautious, falling back on the fact that they have limited budgets and relying on the tactics they’ve deployed over the last decade. This will cost companies, as breaches will have huge financial implications in a turbulent economic climate.
The ransomware cash cow may stop mooing in 2023
Hackers may be forced to start looking at other revenue generators, such as selling stolen machine identities.
It’s not just governments, citizens and companies that will feel the sting of the economic downturn in 2023; hackers will be forced to change their tactics. For example, with fewer companies able to afford to pay ransoms, we could see ransomware shrinking as an attack vector.
This will put a premium on other sources of income for threat actors, such as the lucrative sale of stolen machine identities like code-signing certificates. We’ve seen a high price for these in dark web markets before, and groups like Lapsus$ regularly use them to launch devastating attacks.
So, their value will only increase this year, and we’ll see dark web marketplaces booming with sales of stolen machine identities.
All eggs in one cloud basket will concentrate risk and spoil agility
In 2023, the smart play to protect budgets will be to increase agility and spread costs across multiple clouds. However, some CFOs and CIOs will be lured into the low-cost, low-stress single-cloud option and put all their eggs in one basket.
This concentrates risk and presents opportunities for attackers as security teams come up to speed with the cloud-native technologies developers have deployed since the pandemic accelerated cloud use. It also wastes the agility and speed that a multiple-cloud strategy provides.
Critical infrastructure in the crosshairs
In 2023, the energy crisis will deepen, putting a higher premium on critical infrastructure security. Governments and energy companies will be doing everything they can to ensure that the lights stay on, as the impact of blackouts on citizens and the economy will be profound.
Of course, threat actors are aware of this, and the incentive to target critical infrastructure will rise. This will be the domain of nation-state hackers, who will be looking to cause chaos in rival economies.
We’ve seen examples of these damaging, state-backed attacks in the past, such as Stuxnet downing critical infrastructure by exploiting machine identities and causing major disruption. So, energy companies must secure their machine identities in preparation for such attacks.
Nation-state attacks will become more frenetic as cyber and physical worlds collide
In 2023, we’re likely to see nation-state attacks become more frenetic. The war in Ukraine hasn’t been as successful as Russia hoped, and we’re increasingly seeing its kinetic war tactics becoming more untamed, targeting energy and water infrastructure with missile strikes. We’re also seeing North Korea flexing its muscles by flying long-range weapons over borders.
With these increasingly unpredictable ground war tactics being displayed, we expect the same to apply to cyber warfare. As the war in Ukraine continues, Russia’s cyberattacks will work in tandem with its kinetic attacks.
These will have the potential to spill over into other nations as Russia becomes more daring, trying to win the war by any means. Russia could look to use the conflict as a distraction as it targets other nations with cyberattacks. This will be replicated by North Korea as it looks to advance its economic and political goals.
2023: The year of machine identity management
With a war raging, the security industry is in an increasingly difficult position. As geopolitical tensions rise and threat actors use new and unpredictable methods, security professionals will play a vital role in the success of their companies over the coming months.
They must ensure that machine identity management is a key aspect of their organization’s security stance. Coupled with a recession, businesses are incredibly vulnerable to attack and cannot afford to risk a security breach. This is the year that organizations must make security a priority instead of letting reduced budgets dictate their security posture.
Kevin Bocek is VP of security strategy and threat intelligence at Venafi.
Welcome to the VentureBeat community!
DataDecisionMakers is where experts, including the technical people doing data work, can share data-related insights and innovation.
If you want to read about cutting-edge ideas and up-to-date information, best practices, and the future of data and data tech, join us at DataDecisionMakers.
You might even consider contributing an article of your own!