As 2022 draws to a close, security pros are considering what challenges and opportunities the new year will bring. It’s never easy to make predictions in the dynamic, fast-changing field of cybersecurity, but there are several important developments that seem likely in 2023.
The Attack Surface Will Expand
In the early days of the pandemic, necessity prompted a massive migration to remote work. The number of remote workers nearly tripled from 2019 to 2021, and those numbers will continue to grow. This long-term shift to remote and hybrid workforces has had profound cybersecurity implications. Increased spending on technologies, such as endpoint protection tools and web application firewalls, that help secure remote work environments is a probable outcome.
Attack surface growth will be compounded by the proliferation of IoT devices. By 2025, it’s projected that there will be four IoT devices for every person on the planet. IoT devices often lack robust security safeguards, and their limited processing and storage capabilities can prevent the deployment of security tools like antivirus software, making them potential weak points in a network. These devices are likely to exacerbate the problem of shadow IT.
Supply Chain Attacks Are Here to Stay
Cybercriminals are likely to double down on exploiting software supply chain vulnerabilities. Within three years, nearly half of all organizations are expected to have been targeted by a supply chain attack. Increased awareness around third-party security risks should drive the implementation of Software Bill of Materials (SBOMs) to track dependencies and improve visibility. Zero trust is another countermeasure many organizations will deploy in 2023.
Accelerated Zero Trust Adoption
As remote workforces become further entrenched, and more companies deploy workloads in the cloud, zero trust is primed to become the new standard. Nearly two thirds of organizations are predicted to adopt zero trust security architectures by 2025, with 70% of new remote access deployments relying on zero trust network access instead of VPN services.
A New Regulatory Regime
A potential deluge of new regulations addressing incident reporting, company board responsibilities and data privacy are set to rain down in the near future. State and local privacy laws slated for 2023 may create new challenges for organizations seeking to comply with a patchwork of regional requirements.
Whatever the new year brings, MBL Technologies is here to help you navigate the ever-shifting currents of the threat landscape. We offer a comprehensive suite of cybersecurity services to create long-term, sustainable security solutions.