2023 Tech Predictions

Uploaded on 2023-01-03 in TECHNOLOGY--Developments, FREE TO VIEW

In 2023, organizations will continue to digitally transform their businesses, a process accelerated due to the global COVID-19 pandemic requiring workers to work from anywhere and with almost any new application hosted in the cloud. These initiatives will continue to drive the adoption of a software-defined wide-area network approach underpinned by Internet connectivity.

With this proliferation of cloud and applications, the need for higher bandwidths will continue, and technologies like 5G, and eventually 6G, will provide alternatives allowing for optimum business connectivity.

With the evolution of the global workforce and hybrid cloud deployments, end users need to access business applications from anywhere at any time, while IT staff must mitigate the exposure of cyberattacks. Cybercriminals are monitoring updates on company websites as to which offices have closed, matching them to the LinkedIn profiles of employees working from home to target them. This scenario is going to harm companies that have been slow to adopt a Secure Access Service Edge framework, including Zero Trust

Despite these challenges, the coming year will equip IT teams with new tools and strategies to counteract the expanding threat landscape. Here are a few predictions for 2023.

Security Will Move To The Endpoint

A ransomware attack can enter an enterprise through any small crack in your defence and laterally spread everywhere within minutes. A lot of organizations miss that, because they have implemented a Virtual Private Network or an Endpoint Detection & Response solution, and mistakenly believe that alone equates to zero-trust protection.

In response, many organizations will move the security stack up to the application layer to the endpoint – where we anticipate a 10,000% increase in attacks. Enterprises can install 5G adapters right on the laptops, giving them more granular control of the last-mile network to do source-based security policies no matter where the user resides. 

The focus will extend from training employees to policing others with external access to enterprise networks

Previously, providing cybersecurity awareness training to employees meant better equipping them to deal with cyberattacks such as phishing. But a lot of organizations are falling short on dealing with external users such as contractors who aren’t governed under the enterprise’s policies and procedures. These partners often have access to some of the enterprise’s most critical information systems, especially when working with finance teams and legal departments. That increases the risk of data breaches much more than incidents of employees inadvertently clicking a harmful link.

Many organizations will be forced to rethink their approach to external users, starting with a basic understanding of which of their business operations contractors and partners need to access, and which of those operations they should monitor. They should do a data check on every contractor or partner as part of the initial engagement.

AI & Machine Learning Will Become A More Prominent Aspect Of SIEM

Next year will see a huge jump in vendors putting Artificial Intelligence (AI) and machine learning (ML) into Security Information and Event Management (SIEM) platforms. SIEM has proven adept at collecting information and allowing enterprises to filter and focus on the most relevant alerts. If an organization is getting thousands of the same inconsequential alerts every day, they’re going to start ignoring them. Building more AI/ML into log systems will help security leaders to filter out the noise and prioritize the relevant alerts to address. 

We’re never going to be able to fully automate using AI/ML to determine all relevant threats. But tools will begin appearing in the coming year to help limit the involvement of analysts in filtering out SIEM noise, taking us to the next level of managed detection and response.

2023 Will Be Yhe Year Of Enhanced Internet

Enhanced internet services gained popularity in the last few years as an offering that improves the reliability and performance of internet-based traffic. First defined by Gartner, it includes features such as telemetry-based routing and performance optimization. 

Tier 1 internet service providers can formulate algorithms to start looking at traffic flows, providing clients with continuous reports on potentially malicious traffic from certain destinations to their IP ports that require investigation without the need for additional security functionality.

Service providers will also offer clients full vulnerability scans of their IP space on a timely basis to provide visibility into risks. As organizations grow, they often end up with shadow systems with vulnerabilities that aren’t noticed. Scans can easily reveal dozens of vulnerabilities on an organization’s public websites in seconds, just by checking a couple of IP addresses they own. 

As always, the coming year will present both an opportunity and a challenge to IT and security leaders. But by doubling down on zero-trust and leveraging the best solutions coming to the market, they can avoid falling victim to continually expanding cyber threats.

James Karimi is CIO and CISO at GTT

You Might Also Read: 

From AI to ESG: Key Security Technology Trends Of 2023:

 

 

« Meta Pays $725M To Settle Facebook Privacy Suit
Biden Signs Quantum Cyber Security Act »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Council of European Professional Informatics Societies (CEPIS)

Council of European Professional Informatics Societies (CEPIS)

CEPIS is the representative body of national informatics associations throughout Europe and represent over 450,000 ICT and informatics professionals in 32 countries.

CodeOne

CodeOne

CodeOne provides solutions for website and web app security.

Signifyd

Signifyd

Signifyd is the world's largest provider of Guaranteed e-Commerce Fraud Protection.

Open Information Security Foundation (OISF)

Open Information Security Foundation (OISF)

OISF is a non-profit organization led by world-class security experts, programmers, and others dedicated to open source security technologies.

Hunters.AI

Hunters.AI

Hunters is the world's first autonomous hunting solution that leverages top-tier cyber expertise and AI to uncover hidden cyber threats.

Invensity

Invensity

INVENSITY is an interdisciplinary technology and innovation consulting company. Centres of excellence include Cyber Security and Data Privacy.

Accelerator Frankfurt

Accelerator Frankfurt

Accelerator Frankfurt is an independent go-to-market program focused on Fintech, Cybersecurity and Digital B2B startups.

Zeusmark

Zeusmark

Zeusmark are a digital brand security company. We enable companies to successfully defend their brands, revenue and consumers online.

Keyless Technologies

Keyless Technologies

Simple, secure, and interoperable authentication. Keyless offers unmatched security, privacy and usability, while reducing risk and infrastructure costs.

Soffid

Soffid

Soffid provides full Single-Sign-On experience and full Identity and Access Management features by policy-based centralised orchestration of user identities.

Argentra

Argentra

Argentra is a specialist engineering company, we have years of experience developing custom security software and providing security risk consulting.

Aegis9

Aegis9

Aegis9 is an Australian owned and sovereign consultancy that specialises in providing tailored security solutions for both public and private sector clients based on their specific needs.

White Knight Labs

White Knight Labs

White Knight Labs is a cyber security consultancy that specializes in cybersecurity training.

Oxford Information Labs (OXIL)

Oxford Information Labs (OXIL)

Oxford Information Labs brings together world-class software programmers and policy experts to provide a unique mix of expertise and hands on technical solutions.

Sasken Technologies

Sasken Technologies

Sasken’s Cybersecurity Services enables enterprises to develop, maintain, and take digital products to the market with security postures that empower operational excellence.

Softsource vBridge

Softsource vBridge

Softsource vBridge are an ICT systems integrator providing specialist technology solutions, professional services, technical expertise and data centre services.