2023 Predictions: What to Watch for in Today’s Changing Cybersecurity Landscape
Now that the hybrid workforce is here to stay, the rules of enterprise cybersecurity have also been forever altered. Traditional notions of the enterprise security perimeter have been dissolved, and CISOs the world over are scrambling to shore up their defenses as the malicious actors of the world grow more capable and more numerous than ever before. Though it’s never easy to predict the future — especially during tumultuous times — the following are four trends I feel very confident we’ll see in the world of cybersecurity in 2023.
1. Passwordless solutions will finally gain traction at the enterprise level
Though passwordless authentication solutions have been around for a while, they’ve struggled to gain widespread implementation at the enterprise level. This, however, appears to be changing, with companies like Google rolling out passwordless authentication options for Android and Chrome, and other major tech players initiating similar plans. With more phishing attacks taking place in 2022 than ever before, the shift to passwordless solutions will be a major step in the ongoing effort to stem the tide — as passwordless authentication solutions are inherently more phishing resistant than traditional passwords. Which type of passwordless authentication architecture will see the most widespread adoption, we’ll have to wait and see, but possible contenders include: biometrics, authenticator applications, physical security keys, and magic links.
2. Browsing security will become top priority for enterprises
In just a few short years, the rise of digital transformation and hybrid work have transformed the web browser from a largely leisure-time application into the fundamental workplace productivity tool. For the average enterprise employee today, the web browser functions more like a central operating system than just another application — serving as their primary gateway to the digital world of work. As such, organizations are beginning to recognize the urgent need to secure and manage this layer in a more comprehensive fashion. In 2023, we’ll see browsing security and management go from a secondary consideration to a central concern and point of security for organizations both large and small.
3. Deepfakes will grow more sophisticated and widespread
Deepfake technology has made significant ripples in the cultural consciousness over the past year or two. And they will continue to blur our perception of reality in 2023, as AI and machine learning tools make them both easier to develop and more difficult to detect. In the coming year, we will likely see deepfakes play a more prominent role in a wider range of attacks, including impersonation in instances of fraud and as a political tool for the spreading of disinformation. Cyberattacks that target identity, such as phishing, will become much more powerful as deepfake video impersonations of targets are used to gain trust of others and access to sensitive accounts (in an attack known as vishing, or video phishing). We can also expect to see them used in cases of economic and political sabotage, in which videos depicting prominent business and political figures saying or doing harmful things are disseminated…presumably simply to watch the world burn.
4. Ransomware will remain public enemy #1
As of 2022, roughly 68% of all global organizations have fallen victim to at least one ransomware infection. Sadly, that figure will continue to rise in 2023, as ransomware grows even more widespread. The commodification of offensive hacking tools (sold primarily on the dark web) has dramatically reduced the barriers to entry into the ransomware business, and the promise of million-dollar paydays has encouraged new entrants in droves. In 2023, watch out for the continued growth of “double-extortion” tactics, in which threat actors both encrypt and exfiltrate sensitive data, which they then sell for a second payday.
While the world of security is full of surprises, we are all but certain that these four predictions will ring true in the year ahead. Is your organization ready? Check back on our blog over the coming weeks and months to learn about the latest happenings and receive invaluable insights into all things browsing security!