The changing face of the cyber security landscape: Insights into 2023 and beyond
2022 has been an extraordinary year for the cybersecurity industry, one that has had significant ramifications for organisations across the globe, from geopolitical turmoil to an ever-increasing push towards greater regulatory guidance and compliance.
As we close out the year, attention has already turned to the forces that will shape cyber resilience in 2023 and beyond. Experts from across NCC Group have come together to explore these factors in our latest edition of Insights: Future Predictions. Delving into the technological advancements, regulatory changes, market factors and evolving threats, here’s a few highlights of what we expect in 2023.
Increased interventionist approaches will influence the evolution of threat groups and attack types
From a threat perspective, we should brace ourselves for continued flux among key threat groups in 2023, whether it be in the evolution or emergence of new groups, their motivations or techniques.
Though the threat from ransomware remains, increased law enforcement intervention and a collaborative approach to tackling ransomware, has forced perpetrators to look at new ways to operate. Double extortion victim numbers are slightly lower at the end of 2022 than in previous years and at the same time, we’re seeing an increase in the use of DDoS (Distributed Denial of Service).
So, what else could be coming next? We’re expecting that next year there’ll be less of a focus on encryption of data, and more attention on exfiltration, with data being stolen outright. We also expect to see supply chain attacks, particularly within financial services and the telco space, to grow at pace. Thankfully, regulatory efforts to counteract these attacks are in motion, with an increased focus on assuring the resilience of your suppliers or software supply chain. We’re seeing this across the globe: through the National Defense Authorization Act in the US, to efforts from financial regulators in the UK, EU, India, Singapore and others to highlight supplier failure as a key operational risk that must be mitigated against.
Increased cyber and real-world convergence is accelerating – and bringing real-life risks to the fore
In 2023, we’re expecting the proliferation of smart city applications. From smart mobility and transportation to citywide sustainability efforts, we’re already seeing huge advances in sensor-based networks that underpin these systems.
That of course brings increased security threats with it, especially given how smart cities are designed to have real-world interactors. So, as well as, say, the security of data collected or generated through these networks, there’s also the question as to how smart cities themselves could be weaponised against citizens and their safety.
A DDoS attack against a mature smart city environment, could, in theory, tamper with smart traffic lights or pedestrian crossings. In turn, this places citizens in real danger. It’s one example of the convergence of cyber threats and real-world risks that we must protect against in the year to come.
We see this convergence of real world/cyber threats as going beyond smart city environments alone, and is particularly relevant to industrial environments. Thankfully, it appears legislation is attempting to keep pace with these risks. For example, the Network and Information Security (NIS) 2 directive in the EU will strengthen cybersecurity requirements and introduce tougher penalties for organisations that don’t comply, while the EU Cyber Resilience Act will bolster the cyber security of Industrial Internet of Things devices.
Regulatory and legislative change will continue, and a collaborative approach will be vital
We have seen huge advances in cyber regulation over the last 12 to 18 months, which is set to continue in 2023. We’ll also see a welcomed global coordination between governments around the world to regulate jointly against a common enemy. We’re seeing this already in the face of ransomware, for example.
It’s perhaps inspired by greater pragmatism from governments, that recognise ‘reinventing the wheel’ constantly is not the most effective approach to regulating and introducing cyber security requirements.
In 2023, we’re likely to see greater efforts to improve information sharing across borders, but also between public and private bodies. This of course brings political considerations – especially where classified information is involved – but this collaborative approach is absolutely vital to ensuring regulatory change is made possible.
We can’t ignore that different countries still take different approaches in some areas – for example, the EU has taken a fairly horizontal approach to minimum cyber security requirements, while the UK Government continues to take a sector-by-sector approach. What’s important is that the organisations on the ground – especially those that operate in multiple jurisdictions – are given the clarity they need to remain compliant and resilient against attack.
Technological advancements will continue at pace, and legacy systems must be considered as part of this
As you’d expect in an industry like cybersecurity, we are likely to see some significant technological advancements in 2023, across sectors.
From extended detection and response (XDR) to datafication (the process of collecting data points, processing it into information and storing this), technology will be a significant enabler in helping to manage security challenges.
However, many organisations will still be tackling new technologies and handling legacy systems at the same time – least of all in telcos and industrials. For example, the industrials space is contending with the convergence of OT and IT systems, particularly those that traditionally weren't connected to networks.
In industrial environments, you’ll have control systems, building management systems, and SCADA environments all connected to networks, which expands the attack surface. In 2023 we’re likely to see greater consideration of how to protect critical assets and prevent lateral movement between those environments. Similarly, the telco space has a mixture of legacy systems, while also introducing more advanced, innovative technologies. Managing vulnerabilities and threats against this backdrop is going to be a key challenge for the sector in 2023.
These are just a few key trends we can expect to see in 2023, and our latest edition of Insights explores these and more in even greater detail. You can read the magazine and watch the discussions from our global experts here .