2023 Cybersecurity Predictions and Best Practices

As 2022 comes to a close, Professor Avishai Wool, AlgoSec Co-Founder and CTO, provides his top 5 issues organizations will need to be aware in 2023 that will also dominate the cyber community conversation.  

1) Application centric approach to network security will supersede basic NSPM

I think the market has matured to the point where the NSPM approach has reached a tipping point and I see the shift to an application perspective becoming the de facto approach in network security policy management as there are better and more robust technologies in the market that can help organizations get there faster. I see this shift becoming even more viable in 2023 based on recent market trends in which organizations are opting for downsizing and trying to do more with the smaller staff at the expense of losing tribal knowledge. As a result, I see organizations shifting more towards adopting a holistic approach to network security that are more application centric in which they can retain critical knowledge, such as application traffic intent and application policy rules, so that the new generations can step in and pick up where the previous predecessors left off.

2) Containerization will enhance layered security

I expect container security to be increasingly popular in the future, as companies understand that their existing network security mechanisms are not enough for  the communication networks of today.  Containers are seen as a cost-effective light-weight solution for deployment – and deploying them introduces another inner layer where security policies can be applied: behind the perimeter filters, the internal zoning, and the micro-segmentation, organizations can now also consider nano-segmentation at the container level. Vulnerability testing is another dimension of the container platform especially within cloud applications and SaaS products. The common Kubernetes platform offers both opportunities and challenges for vulnerability scanners. Beyond 2023, businesses will need to enhance both their visibility and management capabilities of security within their containerized applications

 3) Security driven IaaS ecosystems to improve network security

I expect the popularity of Infrastructure as a service (IaaS) to continue to soar, making it difficult for security teams to keep up with the associated risks and vulnerabilities. Pre-set security settings may not meet the needs of the organization and customizing these settings can prove to be difficult. The customizability of IaaS offers great potential for productivity, but it also makes it complicated to secure. The bottom line is that companies can no longer depend on their network perimeter to guard sensitive data. In response, I anticipate organizations that begin utilizing an “Always-on Security” approach such as Infrastructure as Code (IaC) which would permit them to construct personalized policies to control the development environments during each phase of the software development life cycle (SDLC) and recognize potential risks, security flaws, and compliance issues on a what-if basis, before deploying flawed settings into production.

4) Cloud-native security tools will reign supreme

I expect that cloud-based security systems will become more commonplace: these security solutions offer a wide range of abilities, such as secure access, identity and access management, data loss prevention, application security, automation of security, detection and prevention of intrusions, security information and event management, and encryption. With companies transitioning more workloads to the cloud, they will want to make use of many of these features. These tools make it possible for remote teams to manage a greater public cloud presence: comfortably configuring services and automating processes, to identify and preemptively tackle any kind of threats.

To bridge the gap in cloud data security, I anticipate the emergence of data safeguarding systems that are designed specifically for cloud usage and are able to link up with public cloud systems in an advanced, agentless manner. This has been classified in the market as Cloud Native Application Protection Platform (CNAPP). These platforms must be able to detect where the data is stored and what sorts of data are stored in the cloud, so that corporations can prioritize on what is most important – defending their most sensitive data and cloud-based applications without interfering with their normal operations.

5) Expect ransomware not to go away and get even more sophisticated

Organizations in 2022 saw no let-up from ransomware threats, some of whom were attacked multiple times and I do not see any reason why this trend will change in 2023. Cyber criminals are getting more resourceful and savvier in their attempts to stay ahead of law enforcement, and I anticipate these attacks will only become more frequent as their perpetrators are proving more capable of infiltrating many organizations’ cyber defenses.

In response, organizations will have to seek more technology solutions to protect data at the source. But that would not suffice. I think organizations will need to look beyond technological solutions and apply better preparedness strategies. Whether it be Zero Trust or something less overarching but more practical for an organization’s business needs, such as Micro-segmentation, it would ensure that threat-actors would not be able to access the data residing inside the security perimeter.