Cybersecurity has always been a game of one-upmanship between threat actors and security experts. The never-ending cycle of threats and mitigation followed by newer threats shows no signs of abating anytime soon. Here are the top developments in cyber security that will dominate 2023.

1. Increased adoption of Artificial Intelligence  

Threat actors have started to use Artificial intelligence in a big way. Sophisticated AI-powered attacks exploit vulnerabilities and crack open even the most advanced passwords. AI-powered ransomware attacks have taken down even the very best of security deployments. Quantum-based algorithms crack current encryption protocols, making them useless against cyberattacks.

Security teams have always struggled against the never-ending wave of threats. The sophisticated nature of the latest AI-powered threats adds to their burden. Enterprises have realised that maintaining pace through manual interventions is a losing battle. They now invest in automation and Artificial Intelligence (AI) to gain one-upmanship.

Cyber experts use AI and ML technologies to

• Enable automatic identification and response to threats. AI and ML tools perform data analytics in real time. The algorithms use security event data to detect threats faster than human efforts. AI models see subtle patterns of malicious activity that escape human monitoring. 
• Detects and mitigate threats proactively. AI-powered security automation identifies configuration errors and other problems fast. These tools also mitigate such issues in double-quick time. 
• Roll out quantum-based encryption. Several countries, including the USA, are ready to roll out the next generation of quantum-based encryption. One of the priorities of 2-23 is to keep the threat posed by quantum-based algorithms at bay. 

Automation reduces the burden on cyber security experts, allowing them to focus on more strategic matters.

2. The changed threat landscape brought about by the cloud, 5G, and IoT.

The growing use of cloud computing has implications for cyber security. As enterprises store and process more and more data in the cloud, the spotlight turns to the security of such cloud assets. Most cloud vendors have robust security deployments. But cloud services can, at times, introduce new vulnerabilities and risks. 

Failure to secure or configure the data makes the enterprise more susceptible to breaches. 

Storing data on servers outside the physical control of the business makes HIPAA and GDPR compliance difficult. 

Side-by-side, the adoption of 5G is also growing. The GSMA Mobile Economy Asia-Pacific 2022 report estimates 5G adoption to increase across the region. 5G users will be 400 million+ strong, representing 14% of all subscribers in the Asia-Pacific region.

Telecom providers can host 5G on software-only platforms. The switch from hardware-based infrastructures to software-based mobile networks offers several advantages. But it also opens up new attack routes for cybercriminals and increases customer security risks. 

5G will enable mainstreaming of the Internet of Things (IoT). Many IoT “things” are vulnerable. Some devices even come with hardcoded default passwords that the enterprise cannot change. 

The key challenge facing cyber security experts in the changed realities is 

• Maintaining visibility into security events.
• Demonstrating compliance with security requirements
• Implementing the security protocols in a spread-out environment

The following security practices have become critical in the changed landscape.

• Conduct risk assessments to identify potential vulnerabilities and implement mitigation measures.
• Choose a cloud provider who meets regulatory requirements. 
• Train employees to remain vigilant on threats and comply with the changed policies and procedures. 
• Monitor the cloud environment in real-time for potential security breaches or vulnerabilities.
• Periodic testing and auditing of security deployments to validate the applied security controls.  

3. Zero trust is becoming the default.

The zero trust approach entails trusting no one, no matter how ranked or trustworthy the user appears. The approach 

• Verifies the trustworthiness of each device, user, or service every time before granting access. The tool also reverifies reliability at frequent intervals. 
• Work on the principle of least privilege or giving each entity access only to the resources it needs. 

Zero-trust has reduced cyber incidents. Also, the approach works well with the new, distributed nature of the enterprise, as hybrid work becomes entrenched as a way of life.

In the future, enterprises will, by default, check the identity of each entity that seeks access. 

The success of zero trust depends on cooperation among the stakeholders. Enterprises must enable seamless collaboration between security architects, engineers, network administrators, and developers. 

4. Greater coordination with the ecosystem

Businesses have started taking notice of the risks from their supply chain ecosystem. The SolarWinds incident exemplified the vulnerabilities of supply chains. A rogue nation-state may infiltrate a single company. The company, in turn, could sell compromised products to thousands of unsuspecting customers. 

Cyber risk assessments will become commonplace as enterprises try to mitigate supply chain risks. They will induct only vendors who have compatibility with the enterprise cybersecurity policies. The critical elements of a supply chain cyber risk assessment include

• Identifying critical assets and data used by the vendor and assessing the impact of a cyber-attack on these assets.
• Evaluating the vendor’s threat landscape and assessing how such threats will impact the organisation. 
• Evaluating the effectiveness of controls and identifying any gaps in defences.
• Collaboration across the supply chain will increase to monitor, identify and mitigate threats.

By 2025, 60% of organisations will consider cyber security risk a primary transaction determinant. 

5. Better coordination with law enforcement

The global and decentralised nature of the internet makes cooperation with law enforcement expedient. As threat actors operate on a global landscape, greater international coordination and collaboration become essential to thwart threat actors. 

The biggest cyber menace facing businesses today is ransomware. Enterprising hackers breach networks, lock users out of their systems and demand ransom. The nature of ransomware attacks has changed of late. Cyber attackers now focus on data exfiltration rather than encrypting company data. The mere threat of doing damage is enough for many companies to pay up. At this point, cybersecurity teams working in isolation remain helpless.

Organisations now realise the need to collaborate with cybersecurity experts, competitors, and governments. The issue with ransomware has grown much beyond paying a ransom. Enterprises face accountability and compliance threats if ransomware attacks go on unabated.

6. Holding vendors to account

The cyber security market has got tough for vendors also. Enterprises now hold vendors accountable for poor cybersecurity practices that lead to compromises. They demand more transparency into vendors’ security practices and pressure vendors to up their ante. 

Customers also rely on security vendors to offer an integrated approach to security. By 2025, 80% of enterprises will unify cloud services, web, and private application access using a single vendor’s security service edge platform.

In the demanding marketplace, only those vendors who offer comprehensive solutions survive. An example is ProofPoint’s AI-powered defense platform. The platform fights all emergent threats, including ransomware, phishing, data loss, and more. The tool aligns with the in-vogue security mantra of protecting people and defending data. Flexible deployment options make the platform a perfect fit for businesses of all types and sizes.

Cybersecurity is finally getting the seriousness it warrants. Organisations with stagnant cyber response capabilities will soon fade into obsolesce. Gartner estimates that 88% of boards now regard cyber security as a business risk rather than a technical IT problem. 

Here are five steps for a better enterprise-level cyber security program.