2023’s Forecast: What Inversion6’s Experts Have to Say
Gain insight early this time around – here's what Inversion6’s team sees coming down the pipeline:
Christopher Prewitt – CTOHacktivism is on the rise and will likely get worse.
The Ukraine-Russia War has brought about a new global phenomenon. Cyber mercenaries are taking a stance and attacking opposing infrastructure in quantities that we’ve never experienced before.
This includes the recent Denial of Service (DoS) campaigns that took down some of the largest U.S. airports websites. As well as the attacks on Russian credit card processors, banks, ATM’s and other businesses and industries.
Chris Clymer – CISO – CTOOrganizations will be pushed to increase their security budgets.
Leading companies have a strong desire to keep IT and security costs flat. Outside factors are adding more tools, services and staff; which they have no choice but to get comfortable and acquire.
Organizations trying to keep their budgets flat are going to find themselves in an inevitable position. They will lose talent to competitors who are willing to pay more with greater flexibility.
For underregulated verticals, like manufacturing; these factors bring a reckoning. Businesses aren’t going to risk losing customers. Once the real possibility becomes clear, we expect to see some shifts upward in security budgets.
Craig Burland – CISO – CTOC-suite level expectations will rise leading to shortened response times.
The speed and severity of cyberattacks will increase as attackers perfect their tactics. Expectations will continue to rise with boards of directors, regulators, cyber insurers and customers. Organizations will need to provide that they can – and must – withstand cyberattacks.
Cyber defenders will have minutes to respond, not hours. Think of it as; stop first and ask questions later. We will see auto-remediation embraced to cauterize attacks even at the price of operational disruption. Time spent weighing options will be viewed as time wasted.
The responsibility to hit the kill switch – and hit it fast – will fall to security providers as cybersecurity’s version of first responders. This will drive more focus on threat intelligence, log aggregation and other areas that MSSPs are uniquely positioned to build-out and optimize.
Jason Middaugh – CISOTraditional PAM solutions will no longer be favored.
With the ever-growing complexity of Privileged Access Management (PAM) tools, we expect to see the use of new platforms. These will be much easier to manage and do not require experts to implement them.
We can foresee a focus shifting from traditional PAM solutions like a password rotation to a multi-factor authentication (MFA) requirement. This will also limit the location radius for request initiation.
We don’t foresee the end of PAM, more so the small to medium size markets will likely flock to these fewer complex solutions.
Jack Nichelson – CISOBusinesses in every vector will need cloud security.
As remote work continues, we see an increase in the adoption of cloud solutions. Coincidentally, we’ve noticed an increase in attacks on cloud solutions.
Many cloud solutions do not offer secure authentication, audit logging or security hardening standards. This makes them a prime target for cybercriminals by default.
More businesses will need to add third party cloud security solutions to provide a much-needed layer of protection. Also, it is suggested they implement continuous security assessments to look for misconfigured controls and combat cybercriminals.