Vectra releases 2023 security predictions for APAC
Vectra AI, the provider of security AI-driven hybrid cloud threat detection and response, has released its predictions for 2023 across Asia and Japan, revealing the emerging trends that will shape cybersecurity next year.
As with any predictions, Chris Fisher, Vectra's Director of Security Engineering APJ, believes organisations need to look past to understand what could happen in the future.
Fisher explains, "In 2022, we have seen significant supply chain disruption caused by cyber events, for example, preventing the production of goods in Japan. We have also seen major data privacy breaches in markets like Australia and New Zealand due to attacks on critical national infrastructure and insurers that has impacted millions of lives."
Fisher also believes that organisations looking to fast-track the adoption of new technologies may inadvertently create vulnerabilities.
"Next year, organisations will face more unknown cyber threats targeting on-premises systems, cloud infrastructure, and SaaS applications as companies rush to adopt new technologies. The skills shortage is growing too, causing analysts to becoming overloaded and burnt-out. Combined, this is creating a perfect storm, leaving organisations more vulnerable to a breach," says Fisher.
"Organisations must adopt an effective detection and response strategy that reduces the burden on analysts, prioritising the most high-risk alerts. This means using tools that can identify the suspicious behaviours that an adversary will exhibit as part of an unfolding attack, flagging up these signals so organisations can stop an attack before it becomes a breach."
The five security predictions for 2023 by Vectra are as follows.
Increased analyst fatigue and resignation will see the tides turn away from protecting the castle walls to detection and response.
Attackers continue to breach the castle walls, creating fatigue and eventual resignations among cybersecurity professionals. Instead of working on preventing these attacks from happening and preventing employee burnout, organisations will see a needed shift to focus on reducing the impact of an attack. It means building resilience within the organisation, covering people, processes and technology and focusing on early detection and sound response instead of protection and prevention. It will identify suspicious activities and behaviours that an adversary will exhibit as part of an unfolding attack. The key is spotting attacks in progress so they can be stopped before a breach.
Secondly, organisations will use automation to recover from ransomware attacks.
Traditional restoration procedures following a ransomware attack are costly and time-consuming for organisations; therefore, in 2023, organisations will look to automation via infrastructure as code (IaC) to reduce downtime.
Infrastructure-as-Code (IaC) starts replacing configuration/system backups and reduces downtime. Instead of re-building the old, companies start building the new with the help of CI/CD pipelines, IaC, etc. Applications can be spun up in a matter of minutes, and organisations can focus backup and protection efforts on data. It is building resilience from the core up.
Thirdly, attack
ers will continue to cause maximum disruption in the form of supply chain attacks. Still, instead of targeting key suppliers, they will look beyond the usual suspects to gain access to networks.
For instance, this could include legal or accounting firms. A holistic approach may help turn the tables on the matter: supply chain means partnership – partnership means collaboration and supporting each other. Only as a 'mesh' interconnected structure with consistent resiliency can companies thrive in the digital economy. This includes ensuring that they review the security policies of all those in the chain.
Fourthly, multi-factor authentication (MFA) will remain a prime target for attackers. With identity attacks on the rise in 2023, attackers will continue to take advantage of vulnerable MFA methods.
As companies continue to roll out MFA, attackers will continue to take advantage by flooding end users with requests to brute-force their way in or by skilled phishing campaigns. End users will be the ones directly targeted by attackers. This means not just organisations but consumers will need to be more aware than ever of the risks to their digital identities.
Meanwhile, organisations must ensure they have tools to detect and stop suspicious login activity.
Finally, as the talent war continues, security companies will need to develop creative ways to recruit and retain workers.
In an increasingly globalised labour market where workers increasingly seek new opportunities, cybersecurity companies are at risk of losing talent to traditional tech companies. Moreover, as an industry that is no stranger to burnout and stress, cybersecurity companies must ensure they can demonstrate they are an attractive outfit to work in. It is to fend off competition from tech companies that can often offer lucrative salaries and superior work-life balance.
To achieve this, cybersecurity companies must adopt a more forward-thinking approach, including flexible working arrangements, performance incentives and health and wellness policies.