With the new year looming, we thought it would be useful to examine emerging tactics, so you can be prepared for the cybersecurity trends of 2023.
In the last 12 months, almost 80% of organisations have experienced a successful cyber-attack (source). As cyber criminals become more adept at bypassing security and inventing new malicious attacks, cybersecurity should be at the top of everyone’s agenda.
SupPortal’s top 10 Cybersecurity Trends and Predictions for 2023
1. A continually evolving threat landscape
The digital threat landscape is constantly changing. It strategically adapts and evolves to new technologies and sociological trends. The pace at which change is occurring has picked up as a growing number of businesses adopt new digital technologies and conduct more of their activities online.
This digital transformation will further motivate malicious actors in 2023 as exposure to vulnerabilities increases. Unpatched servers, insecure wi-fi networks, and misconfiguration of cloud-based applications can all leave businesses open to an attack.
2. No relent of ransomware
Ransomware was the leading threat to organisations in the first half of 2022. The number of attacks continues to grow and shows no signs of slowing. Meanwhile, new, more agile, criminal groups are forming, to exploit the tactics and evade law enforcement.
Ransomware is malware designed to stop a user, or organisation, from accessing files on their computer. They encrypt files and devices and demand a ransom payment for the encryption key. Cyber attackers put organisations and individuals in a position where they believe paying the ransom will be the easiest way to regain access to their systems.
With recent attacks impacting public services such as hospitals and public transport, no one is immune from the threat.
3. Geo-targeted phishing will increase
Phishing is one of the most common forms of cyber-attacks. Its success lies in the personalisation of the scam. The use of full names in the body of a brand-mimicking email alone can elevate it to look believable. As criminals become ever more adept, 2023 looks set to exploit this individualised data further.
Geo-targeted phishing attacks create content that is highly localised. Attacks target victims with content based on a user’s geographic location, which can make them appear legitimate. Activists use location-based language, appropriate industry jargon, and a brand voice to appear genuine. This level of detail makes geo-targeted phishing far harder to identify.
4. AI will start to play a leading role in cybersecurity
It only takes one employee to click a malicious link or download a dodgy file for financial destruction to begin. In fact, 82% of data breaches involved human error (source).
With the number of cyberattacks on the rise, it is increasingly difficult for humans to predict, react to, and protect against them. In response, specialists have been trialing the use of machine learning and intelligent algorithms to examine swathes of data more effectively than humans ever could.
As such, AI is a key cybersecurity trend that will evolve in 2023 and beyond. The technology is beginning to recognise questionable patterns that could indicate a threat. According to IBM, companies that use AI to detect and respond to data breaches can save substantial amounts of money, compared to those that don’t.
In 2023, we anticipate an increasing reliance on AI in cybersecurity as it moves into the mainstream.
5. More mobile device targeting
Our mobile devices are constantly by our sides or in our pockets. As such, they contain more personal information than ever before. Think bank cards, account details, passwords, diaries, emails and more. It’s no surprise that mobile phones are a prime target for cybercriminals. In fact, mobile devices now account for more than half of digital fraud.
The more we depend on our mobile devices, the more it’ll impact us if it gets compromised.
Mobile phones are set to become more embedded in our lives than ever before next year. The technology involved in mobile is developing rapidly. As such, cybercriminals will be monitoring the developments closely, looking for opportunities to exploit new vulnerabilities.
Therefore, in 2023, we expect to grow in importance for everyone is mobile phone security.
6. Increased security for the Internet of Things
Nowadays, our devices are all linked. Smart speakers, bank cards, cars, doorbells, smoke alarms, washing machines…the list goes on. Although this is incredibly useful in streamlining our day-to-day lives, it also opens doors to cybercriminals.
Whilst many of these connected devices don’t house sensitive information within themselves, criminals use them as a gateway to other devices and accounts that do.
Manufacturers new to the field of connectivity haven’t always placed an emphasis on keeping the devices secure, allowing attackers ways to gain access to other devices. However, as knowledge and awareness of cyber security increases, you’ll be more likely to find requests for 2FA, and to change passwords for accounts on setup.
In 2023, we also anticipate several government initiatives, with the intention of increasing security around connected devices and cloud systems that they all rely on.
7. Cloud-based service popularity will continue to grow
Hybrid working is here to stay. After a surge in popularity due to the global pandemic, and 84% of those now working remotely hoping it’ll stay that way (source), businesses are increasingly requiring solutions to monitor security for those working off-site.
Migrating businesses to operate from the cloud offers numerous benefits, efficiencies, and opportunities, but it can also expose users to a new range of threats.
As a result, in 2023, another cybersecurity trend we expect to see is increased spending on cloud computing cybersecurity. This will be coupled with an increased interest in building resilience against cyber-attacks targeting ‘as-a-service’ systems.
8. User awareness will flourish
Thanks to modern-day reporting on large-scale cyber-attacks and the power of the internet, users are becoming more aware of the importance of cyber security.
As we move into 2023, we anticipate seeing more businesses implementing training, seminars, and policies that grow user awareness and therefore protect their assets. After all, 80% of data breaches can be avoided with some basic action (source).
9. The public sector will continue to be a target
Back in 2017, WannaCry (a global ransomware attack that affected hundreds of thousands of computers worldwide) compromised the cybersecurity of 80 out of 236 NHS trusts across England. Since then, the healthcare sector has held a top spot as a target for cybercrime.
Unfortunately, during the pandemic, this risk increased significantly and has not slowed down.
Between September 2019 and August 2020 alone, NCSC (National Cyber Security Centre) protected the UK health sector from an average of 60 attacks per month (source), and since then, cybersecurity threats have evolved significantly.
10. The broadening of Deepfake
Deepfake is video trickery. The technology digitally alters a person’s face or body, to make it look like someone else. In 2022, a video of Joe Biden singing ‘Baby Shark’ instead of the national anthem went viral on the internet, causing uproar online as thousands of people believed it to be real.
Often used for fun, deepfake technology is now often used maliciously, to spread false information and carry out cyber-attacks. Due to such significant developments in its use, it is predicted that this digital trickery will be used more widely for cybercrime in the coming months and years.
Final words from SupPortal
It’s no longer a question of IF your organisation will fall victim to a cyberattack, it’s WHEN.
The growing importance of all aspects of cyber security, whether it’s knowledge, proactive protection or reactive plans shows no signs of slowing in 2023. With a global recession predicted, and companies looking to cut costs due to the cost-of-living crisis, emphasis should be on innovative and cost-efficient methods to maintain effective cyber security.
Entering 2023 with a proactive, informed cybersecurity plan will help you stay one step ahead. A proven way to increase protection and minimise losses should you fall victim to a cyberattack is to take a hands-on approach.
If you’re interested in finding out more about 2023 cybersecurity trends and how SupPortal can help you protect your organisation throughout the year ahead, arrange a complimentary 30-minute consultation today.