Nobody can foretell the future, and with so many cybersecurity forecasts, it’s hard to know what to anticipate precisely as 2023 approaches. However, the experts at KPMG International have identified several directions in which the cybersecurity landscape will change over the coming year.
KPMG researchers recently released the top three cybersecurity forecasts for 2023 to highlight how businesses should change to stay up with the assault of current threats.
Predictions include big tech firms emphasising digital trust to keep up with cyber regulation, the incident response window decreasing as threat actors leverage automation, and approaches to zero trust moving from idle evangelism to active implementation.
Big tech will look to digital trust to keep up with cyber regulation
Leading organisations in 2023 will realise the benefits of building and maintaining digital trust — and its importance for brand, reputation and customer retention in a world where cybersecurity breaches are becoming increasingly inevitable. Expect two big tech firms to embrace this idea — in part anticipating regulation ahead — but, more importantly, recognise the growing societal expectations over the trust.
2023 brings a perfect storm of cyber regulation as regulators worldwide bring forward rules on the security and ethics of AI, supply chain and digital infrastructure security, and corporate transparency around security and ransomware.
It will take time for these regimes to bed in and for supervisory competence to build — but the direction of travel is clear — cybersecurity is no longer an optional retrofitted extra. The challenge will be to avoid compliance-driven approaches and stay focused on enabling the business.
The window to respond to cyberattacks will decrease as attackers turn to automation
The time window to respond to cyberattacks will continue to shrink with a never-ending race between attackers and defenders. AI will play a part in automating corporate and national defences, but organised crime groups will ramp up their automation, too, to scale and accelerate their attacks. In 2023, a day becomes a long time in cybersecurity — and only by integrating cyber threat management will the defenders be able to stay ahead. Our resilience will be tested, demanding that governments and corporations work together to counter the changing threat.
Zero-trust hype will shift from evangelism to implementation
In 2023, zero trust will shift from evangelism to practical implementation as firms take the concept to heart and reengineer their security solutions for a perimeter-less organisation. As we do so, pressure is growing to reduce the security burden and adopt more usable and less intrusive security measures. Simply layering more and more protective controls increasingly risks impeding the business. Getting the right balance between protection and rapid detection and response will be key to success — and people need to be at the heart of that design.