As 2022 comes to an end and organisations start planning and prioritising their cybersecurity objectives and budgets for the new year, experts from Illumio, the Zero Trust Segmentation company, share their thoughts on the future of cybersecurity and what organisations can expect to see in 2023.
In summary, Illumio warns of increased threats on healthcare and energy, consolidation of security teams and technology within enterprises, as well as positive steps such as introducing new cybersecurity regulations and measurement from businesses and the governments.
“In 2023 we will see an influx of oversight committees specifically for cybersecurity as companies seek to reduce risk. Similar to those in legal and risk management, committees will look at cybersecurity objectively and establish a set of baseline expectations that the business is held accountable to. They will be tasked with both monitoring for oversights and adding direction, signifying widespread recognition of cybersecurity as a top-five strategic function. Boards will also demand more actionable data on their organisation’s cybersecurity posture to inform decision-making, with security teams leveraging new and better ways to quantifiably model threat actors and defences (think: more widespread pen-testing) to demonstrate to the board what secure looks like,” says Raghu Nandakumara, Head of Industry Solutions, Illumio.
“Stopping breaches from happening will no longer be an accurate metric of cyber success. As breaches become part of daily life, cyber resilience will become an industry-recognised metric for all companies to achieve and measure against. Whereas currently, organisations judge the success of their business continuity plan on whether they can recuperate within their Recovery Time Objective (RTO) to their Recovery Point Objective (RPO), in 2023 any downtime will be unacceptable. Stringent testing and the development of industry-wide metrics to help benchmark against peers and understand what ‘success’ looks like will force organisations to think about their appetite for risk and establish an acceptable minimum level of maintainable security to avoid fines, profit loss, or loss of reputation.”
His colleague, Trevor Dearing, Director of Critical Infrastructure Solutions at Illumio, adds, “The current energy crisis, combined with economic instability and pressure to cut costs, will elevate energy and healthcare to the top of attackers’ target lists. With services more critical than ever, sectors will come under fire from both nation-state attacks and criminal gangs, as well as activist groups looking to stand up to those that continue to profit amid rising prices. The proliferation of connected devices and open Wi-Fi connections within healthcare environments will also enable attackers to launch new and more targeted attacks on individuals within hospital facilities, through the compromise of health technology like monitoring equipment or pacemakers. As a result, organisations will seek new ways to stop attacks disrupting operations and maintain the availability of essential services.”
“With the economic climate putting pressure on budgets and resources, we will see a greater push for consolidation in the number of security tools used and cybersecurity teams. One area where this will ring true is between IT and OT security, driven by requirements to reduce costs of expansive proprietary OT developments and to integrate OT into existing IT cyber strategies. As environments become increasingly connected, organisations will need a more single and structured approach to cybersecurity, with prioritisation given to improving visibility and monitoring to reduce cyber risk. It will no longer make sense for organisations to have separate teams for IT and OT security, with the disconnect opening organisations up to even bigger security threats.”
The third expert from Illumio, Adam Brady, the company's Director Systems Engineering, EMEA, notes, "With ransomware more pervasive than ever, industry and Government will be forced to address the issue at its core. Ultimately, paying ransomware simply funds the activity, so the only way to eradicate ransomware is to stop the payment of it entirely. It is unlikely that any new legislation will be introduced in the next year, but we will certainly see discussions start to materialise about what this may look like and possibly the first iteration of this developed. At the same time, cyber insurance companies will become increasingly reluctant to keep paying out and will seek to strengthen eligibility requirements for policies, greater measures to demonstrate resilience will be required, such as regular stress-testing of IT infrastructure and incident response practices."
“In 2023 attention will shift from prevention at the perimeter and choosing the most 'bulletproof' IT infrastructure model, to breach containment. We will see acceptance in the industry that breaches are here to stay and security strategies evolve to take this into account. It will no longer matter if it's on premise, hybrid, cloud or at the edge, what will be important is maintaining visibility across the entire estate. Organisations will need to know where the vulnerabilities are in their environment and then proactively implement policy to contain breaches early on and limit damage. Ultimately, breach containment will be the new resilience paradigm in 2023."