Rest of Asia
Rest of Asia
Rest of Asia
Rest of Asia
Seven Focus Areas for Cyber Security During 2022-23
Seven Focus Areas for Cyber Security During 2022-23
Seven Focus Areas for Cyber Security During 2022-23

Top Seven Cybersecurity Predictions for 2022-23

The stakes of cybersecurity have increased in the post-COVID digital-first world. Cyber attackers have become more professional. They launch sophisticated AI-based attacks at will. Remote work and the proliferation of IoT render conventional security apparatus obsolete. Most employees access the network from outside the firewall, rendering conventional firewalls inefficient. The increase in remote endpoints, owing to remote workers and IoT, strain network monitoring tools. Here are seven cyber security predictions for 2022-23.

1. Ransomware will become more menacing

Ransomware is not going away soon. Cyber criminals now launch AI-based phishing attacks. These attacks impersonate users with perfection and fool even highly aware users to click on a malicious link. Once inside the network, the attackers encrypt all data and seek ransom for unlocking or for not dumping the data in the public domain. Of late, cyber criminals simply demand ransom against the threat of making sensitive data public.

Paying the ransom is not a solution. Only 8% of enterprises who pay up the demanded random recover all their data.

Enterprises and nation-states are finally waking up to the ever-increasing threat of ransomware. By 2025, almost one in three nation-states will pass legislation to prohibit ransomware payments. In 2021, only 1% of national states had legislation in place to criminalise paying ransomware. Paying ransom encourages cyber criminals to continue their criminal activity with more vigour.

New laws against ransomware show the trend of legislative backing for cyber security efforts.

2. Privacy laws will become more tenacious

Privacy is becoming more important by the day.

The European Union’s General Data Protection Regulation (GDPR) was the first major consumer privacy legislation. Several similar legislations followed suit, such as California’s Consumer Privacy Act (CCPA), Brazil’s General Personal Data Protection Act (LGPD), and Turkey’s Personal Data Protection Act (KVKK). By the end of 2023, modern data privacy laws will cover the personal information of five billion people or 75% of the world’s population.

Enterprises juggle multiple data protection laws in various jurisdictions. For most enterprises, the only recourse is to set up automated data privacy management systems. Leading enterprises track metrics such as subject rights request, cost per request, and time to fulfil, to identify and set right inefficiencies in these systems.

3. Cyber Criminals will weaponise operational technology

Water mains have often been the target of physical attacks for long, but with little success. Cyber-based attacks may change the balance in favour of the attackers.

Attacks on the hardware and software that control equipment at critical utilities are becoming more and more common. Cyber-attacks on water mains, power grids, and other utilities will become more frequent and menacing. Cyber-criminals hack into the operational technology systems that control these utilities. At stake is much more than information theft. Cyber-attackers use the hacked systems as weapons to harm humans physically.

Consider the February 2021 attack on the Oldsmar water treatment facility in Florida. A hacker raised sodium hydroxide levels to 100+ times the normal level. An alert employee pre-empted the damage, but utilities cannot expect to be so lucky every time.

Following the attack, the US federal government launched its Industrial Control Systems Initiative. The move will boost operational technology network security across-the-board.

At the enterprise level, effective countermeasures include:

  • Focus on asset-centric physical safety deployments
  • Setting up rapid strike teams to handle threats.

Seven Focus Areas for Cyber Security During 2022-23

4. Enterprises will adopt a unified approach to security

The spread-out nature of enterprise networks and disparate security systems raises too many gaps that hackers exploit at-will. Most employees today have a mix of cloud, on-premises, and web solutions. Traditional security tools give way to tools such as access security blockers, cloud-based secure web gateways and firewalls-as-a-service. But often, they purchase different solutions from different providers, leading to gaps. The move towards a unified, integrated approach to access such resources is gaining ground. Enterprises now deploy security solutions from the same vendor for optimization and consolidation. Integration reduces the number of management consoles and consolidates the locations for data decryption, inspection, and re-encryption.

By 2025, eight out of ten enterprises will adopt integrated security service edge (SSE) solutions. Embracing SSE improves both network security and internal efficiencies big time.

5. Zero trust is becoming the norm

Conventional network security adopts an identity and access-control-based approach. Such an approach, based on implicit trust, is becoming obsolete. Maintaining trust has become untenable with the proliferation and spreading out of users, devices, and services.

The zero-trust approach is effective in keeping AI-based attacks at bay. Zero-trust requires the authentication, authorization, and continuous validation of all users and devices.

Zero Trust works on the premise of not trusting anyone without verification. Every user and every device gets access only after confirming who and what they are. The principle of least privilege applies, and users or devices seek re-validation to access a new service or resource every time.

By 2025, 60% of enterprises will have embraced zero trust security. Success, however, depends on a cultural shift to give security prime importance in day-to-day operations.

6. Cyber security will become a business concern instead of an IT concern

The realisation has finally struck many enterprises that cybersecurity is not an IT issue, but a business issue. Such a realisation has deep implications across-the-board.

Companies will affect a formal shift in cybersecurity accountability. By 2026:

  • Corporate boards will become more involved in cyber security. About four in ten boards will have a dedicated cyber security committee.
  • The contracts of C-level executives will include cybersecurity performance requirements. The ability to manage cyber risk is becoming an important component of executive performance.
  • Security considerations will become an important evaluation criteria, when choosing business partners and contractors. 70% of businesses will soon regard cybersecurity risks as a primary consideration when engaging with third-parties.

7. CIOs will focus on building flexibility and resilience

Today’s fluid business environment, with frequent changes in business models and tech stacks, mandates a flexible and resilient approach to security.

By 2025, about seven in ten CIOs will develop a resilience strategy to cope with the uncertain business environment. They would have learned from the failure of their business continuity plans during the COVID-19 pandemic and drawn up better plans for future uncertain events.

Enterprises supporting myriad technologies spread over vast geographical regions need resilience, anyway. A flexible security solution improves security.

Most cybersecurity experts agree that a major cyber disruption is only one crisis away. Preventing threats is outside anyone’s control. But a coherent and proactive cyber security strategy will help thwart attacks or mitigate the damage. Investments in upgrading the computing architecture and systems have become the need of the hour for enterprises.

Tags:
Email
Twitter
LinkedIn
Skype
XING
Picture of IT Knowledge Zone

IT Knowledge Zone

IT Knowledge Zone is the leading source for technology blogs, IT events, and success stories within the APAC region. Our platform offers profound insights aimed at empowering business leaders to make informed decisions and remain at the forefront of innovative technological solutions. Explore our "Ask Chloe" feature for tailored assistance with your specific needs or requirements in the world of IT.
Picture of IT Knowledge Zone

IT Knowledge Zone

IT Knowledge Zone is the leading source for technology blogs, IT events, and success stories within the APAC region. Our platform offers profound insights aimed at empowering business leaders to make informed decisions and remain at the forefront of innovative technological solutions. Explore our "Ask Chloe" feature for tailored assistance with your specific needs or requirements in the world of IT.
Blog or Generic
Ask Chloe
Proofpoint
Tricentis
Proofpoint
Tricentis

Recommended For You

View More
IT Knowledge Zone is the leading source for transformative tech blogs, events, and use cases in the APAC region that provide deep contexts to help business leaders make smart decisions and stay on top of innovative tech solutions.
  • Follow Us On
ITKZ Follow Us On LinkedIn
  • Office Address

9, North Buona Vista Drive, # 02-01
The Metropolis Tower One
Singapore 138588

IT Knowledge Zone is the leading source for transformative tech blogs, events, and use cases in the APAC region that provide deep contexts to help business leaders make smart decisions and stay on top of innovative tech solutions.
  • Office Address

9, North Buona Vista Drive, # 02-01
The Metropolis Tower One
Singapore 138588

  • Follow Us On
ITKZ Follow Us On LinkedIn
2024 © IT Knowledge Zone. | Supported by Pulley Ascent (Asia) Pte. Ltd.
Ask Chloe

Submit your request here, my team and I will be in touch with you shortly.

Share contact info for us to reach you.
Ask Chloe

Submit your request here, my team and I will be in touch with you shortly.

Share contact info for us to reach you.