Skip to main content

Back to Blog

Four Cybersecurity Predictions for 2023

What to Expect and How to Prepare 

Cyberattacks made headlines throughout 2022, and 2023 is looking similarly destructive. The methods employed by cybercriminals continue to shift, and now span everything from smishing (that’s SMS-based phishing attacks) to ransomware and from compromised passwords to cloud configuration vulnerabilities.

Organizations of all sizes and in all industries are at risk. 

It’s more crucial than ever for IT teams, stakeholders, and board members to turn their attention and resources to implementing defensive strategies, and staying aware of potential threats. In Mike Wilson’s blog for VM magazine, he outlines four cybersecurity trends to be on the alert for in 2023:

  1. Attacking All Links of the Chain 
    If there’s one thing that’s certain, it’s that cybercriminals pivot quickly. They are often willing to go to any length to reach a goal—whether financial or in some other way exploitative—and just as fast as cybersecurity professionals establish defenses, threat actors are ready to pivot. In the last year, hackers have found ways to bypass Microsoft’s Multi-Factor Authentication—indicating that attacks may be tending toward targeting new or secondary infrastructure. In 2023, hackers will likely continue to turn their attention toward authentication methods as well as the underlying components. Remember—MFA is important, but it’s not a magic bullet.
  2. Vulnerabilities within Digital Twin Systems
    A digital twin is a digital representation of a real-world system. According to Gartner, “the implementation of a digital twin is an encapsulated software object or model that mirrors a unique physical object, process, organization, person or other abstraction.” 2022 saw digital twins deployed in refineries and factories, as the visual representation of physical security systems is useful in spread-out environments. Unfortunately, the connections maintained within these systems are extremely vulnerable, and security hasn’t yet been prioritized. While 2023 might lead to digital twin attacks, it could also be the opportunity to lock this useful technology down before it’s too widely accepted to address.
  3. Threat Actors Will Chase the Data 
    There’s a clear chain reaction as cybersecurity and identity security have entered mainstream digital thought. As cybercriminals target personal and sensitive information within corporate systems, many companies have outsourced their identity protection. In response, third-party security companies have become the targets for threat actors. We can expect this to continue in 2023, with identity security organizations struggling to defend themselves as well as their customers.
  4. The Potential for Passwordless Solutions Grows 
    While we’re still miles away from completely passwordless solutions, 2023 may be the year for some real technological advances in this direction. Apple’s recent OS release enables more frictionless, multi-device, passwordless sign-in—and they may be paving the way for more widespread adoption.

It is, however, unlikely that any company will be able to so dramatically revolutionize passwordless options while staying secure that big changes will happen. It is more likely that compromised credentials and stolen passwords will be the origin points for even more breaches.

What do you think 2023 holds for cybersecurity professionals?