This year has seen some unforgettable changes to the world of cyber security. As we step into 2023, we are taking a step back and showcasing predictions for what the industry could face in the year ahead; compiled by our experts with hundreds of years of combined cyber security experience.
Let’s explore cyber security predictions for 2023!
A Rise in Mobile-Specific Cyber Threats
With greater reliance on smartphones in the workplace, remote working, and an increase in mobile device threats, cyber crimes involving mobile devices are likely to soar in 2023, meaning experts will have to quickly monitor and mitigate the influx of the latest mobile threats.
A whopping 70% of online fraud is accomplished through mobile platforms, with a 680% increase in fraudulent transactions originating from mobile apps. In addition, US cyber crime statistics show that 1 in 36 mobile devices have high-risk apps installed.
Mobile device cyber crime statistics show no signs of slowing down in the year ahead. SMS-based authentication has inevitably become less secure, with experts calling for businesses to move over to multi-factor authentication due to the increased risk of SMS-based authentication. Multi-factor authentication can feature an authenticator app using time-sensitive tokens or more direct hardware or device-based authenticators.
Demand for Security Talent
All industries are battling a continuous cyber skill shortage of professionals, with an estimated shortage of 3.4 million cyber security professionals worldwide. The global cyber security workforce must grow by 65% to defend organisations’ critical assets effectively.
With governments beginning to issue hefty fines to organisations suffering from data breaches, this security shortage will only continue to amplify in 2023 and cause havoc in all industries. The gender skill cap in cyber security is another predominant issue, with women accounting for just 25% of the global cyber security workforce.
From 2023 onwards, we expect to see organisations fostering career development and progression for those within junior cyber security roles. Experts also predict that women will represent 30% of the global cyber security workforce over the next three years.
Artificial Intelligence (AI)
With its ability to analyse vast volumes of data instantly, an estimated 72% of organisations rely on AI to expose cyber attacks. AI adoption is anticipated to accelerate next year, allowing security, compliance and privacy teams to maximise productivity during great business transformation.
Artificial intelligence will become increasingly crucial as the data we utilise continues to grow, which we have seen in light of OpenAI’s recent launch of ChatGPT.
In fraud detection, artificial intelligence can help boost security by analysing vast volumes of data much more quickly while detecting unauthorised and suspicious activity. For fintechs, AI can also strengthen the security of existing systems and fintech transactions.
Every 14 seconds, a new organisation is hit by ransomware, and this will only continue to accelerate with ransomware attacks on the rise. In 2023, we expect to see cyber criminals increasing ransomware attacks on vulnerable SMBs. Healthcare will remain a prime target, with the rise of patients turning to telehealth to access healthcare services remotely.
We may expect governments to address ransomware in the next couple of months, with legislation criminalising making ransomware payments. Ultimately, paying ransomware accelerates the drive to conduct ransomware attacks, therefore eradicating ransomware payments may discourage attackers.
Changes in Laws and Regulations
The last 12 months have seen a dramatic increase in the frequency and severity of cyber attacks, so it may be unsurprising to know that new regulations will emerge around the subject of ransomware attacks.
New data privacy laws are also set to go into effect in the United States, meaning that now is the time to assess your current procedures and systems to ensure they comply. At the time of writing, five states have comprehensive data privacy laws passed and set to take effect in the coming months – California, Colorado, Connecticut, Utah and Virginia.
The California Consumer Privacy Act (CCPA) is considered the strictest privacy regulation in the U.S., expanding consumer privacy rights, including the right to delete, opt out and request access to information on file. We expect state privacy regulations to heighten in 2023 and beyond.
Companies must comply with data privacy laws by adapting how data is stored and processed.
With the threat landscape expanding in volume and sophistication, we see the industry come together and unify with shared learnings, intelligence, and resources. Progress and development in cyber security require collaboration and knowledge sharing; therefore, industries need to counter the continuous advance of cyber-enabled crime.
While technological advances make knowledge available to everyone, collaboration and knowledge exchange allow all industries to evolve and stay ahead of cyber threats. We expect to see security vendors and professionals step up and collaborate to fill the void in 2023 while organisations continue to prioritise cyber security.
Those prioritising cyber security will continue to reduce their risk of business disruption and reputational loss from major breaches.
As an ever-evolving field, TryHackMe will continue to lead training on new threats and evolving tools and mitigation techniques. We have some brilliant things in store for 2023 and we can't wait to join you on your cyber learning journey.