banner

Thales Blog

What will 2023 bring in the realms of cybersecurity and privacy?

January 5, 2023

Chris Harris Chris Harris | EMEA Technical Director More About This Author >

As geopolitical tensions persist and economic instability looms, organizations should get ready for a rise in cyber risks. What will 2023 bring in the realms of cybersecurity and privacy? Here are six predictions I think you should consider for the year ahead.

Large-scale layoffs may impact security

The list of corporations that have announced widespread layoffs keeps growing. The over-optimism of investors and the unpredictability of the market have combined to make long-term planning difficult.

Layoffs are a "reputational risk." Tech professionals are in demand and cherish an employer's brand reputation. Over 90% of jobseekers consider a company's reputation important. Business security risk is significant and adds to reputational risk.

In the Thales 2022 Data Threat Report 78% of respondents ranked accidental or human error in their top four threats posing the greatest security risks. With so many people losing their jobs, serious security holes are practically certain to be introduced. I predict that in 2023, there will be a major security breach that can be traced back to inefficient management of redundancies.

Data sovereignty hits the road

The concept of "data sovereignty" refers to both the legality of data collection and storage in accordance with local laws. Data is always in motion due to the global nature of most businesses, whose customers and partners may be situated anywhere in the world. Cloud providers are neutral in terms of data creation, storage, and processing, but the location of data has far-reaching consequences.

in 2023 people will require full access to and management of their personal data and digital identities. I predict that businesses will spend more resources locating and classifying their data. As different applications may have varying needs for cloud access, performance, security, and regulatory compliance, it is important to shift from a cloud-first to a cloud-smart strategy. To avoid being locked into a single cloud service provider, stay in compliance with data regulations, and maintain flexibility, it's a good idea to work with a cloud-agnostic software vendor.

Businesses will speed up consolidation efforts because of the current economic downturn

Investment in the public cloud is expected to grow from less than 17% in 2021 to more than 45% of total enterprise IT spending by 2026, according to Gartner. The cost of cloud computing continues to climb, putting a strain on even the most well-funded businesses. We may currently be seeing what is known as "cloudflation."

How will technology firms react to inflationary pressures in 2023 with regard to corporate spending? What will be prioritized, and what might be left behind or declared obsolete?

Simplifying processes and increasing efficiency will be a high priority in 2023 as we seek to mitigate the effects of the economic downturn, the cost of living problem, and the impending skills deficit. While automation will be helpful, companies still need to collaborate with reliable third parties to guarantee their assets and data are safe and in accordance with all applicable laws and standards.

Ransomware will target connected and electric vehicles

As the market for connected vehicles expands, it will become an increasingly prime target for cybercriminals and criminal software developers to implement ransomware. The biggest problem we have with car security is that manufacturers are overly concerned with functionality. Installing malware into the operating system of a vehicle might entail catastrophic effects — whether it’s disabling brakes on a busy road, locking people out until a ransom is paid, or stealing personal or corporate data. The focus must shift from functionality to cybersecurity, which must be considered throughout the design and implementation phases.

Electric vehicles need more attention. Several countries in the Americas and Europe are preparing for the electric car revolution, with zero-emission automobiles by 2035. Rapid development, necessary to meet environmental goals, could increase security risks. Monitoring and management of electric vehicle charging stations will be essential for finding and fixing security flaws before they can be exploited by hackers.

The security meta-frontier of a Meta-universe

It is challenging to anticipate cyberthreats for a future space that does not yet exist, and which may never be realized at all. Through research into the technology's foundations and an examination of the present cybercriminal landscape, however, we are able to imagine a number of significant dangers existing within the metaverse.

The same level of security and scrutiny should be applied to virtual, augmented, and mixed reality as it is to traditional platforms, as these technologies pose serious security risks such as financial fraud, cyber-physical attacks, and dangers to users' privacy.

Cybercrime as a business: the advent of extortion ransomware

It is likely that the tactics adopted by those who pose a threat to critical infrastructure will not alter in 2023. Cybercriminals, like any other business, adapt their methods as needed to maximize profits. In particular, Moody's predicts a refocusing of ransomware attacks away from the United States, which poses a greater threat to firms in Europe, where such attacks increased by a whopping 63% in 2022.

While phishing and compromised credentials are still often used entry points, we are seeing a shift in how hackers are extorting money from their victims, employing double extortion tactics. As Verizon's 2022 Data Breach Investigations Report notes, "there are now more ways for attackers to monetize data."

In 2023, cyberthreats will only increase in frequency and sophistication. While implementing even the most fundamental security measures can help avoid many breaches, protecting against the catastrophic effects of a successful assault will require more sophisticated measures. Although uncertainty is the theme, Gartner also offer guidance on how to ‘seize uncertainty’ to turn this into opportunity.