What are the key considerations, threats and opportunities for IT security professionals in 2023? To mark Cybersecurity Awareness Month 20233 we polled some leading experts for their thoughts…

“Hybrid work is still on the rise in 2023, a trend which is only increasing complexity for security teams, with geographically separate workforces, using a variety of managed and unmanaged devices, over the internet, accessing a combination of enterprise-hosted and SaaS apps. Traditional security measures are no longer enough to safeguard a business’s sensitive applications and data, therefore businesses must truly understand how to implement a comprehensive Zero Trust Application Access (ZTAA) framework.

ZTAA goes beyond Zero Trust Network Access (ZTNA) to encompass not just networking, but also application usage and activities even after access has been granted. Unlike traditional security models that rely on perimeter defences with “point-in-time” security controls, and policy engines that follow binary “grant/deny” rules, a ZTAA model combines the principles of “never trust, always verify” with granular access and action controls that can be dialled up and down based on circumstances, telemetry or behaviours. This constant vigilance and fine-grained control is where ZTAA truly shines.

ZTAA will evolve rapidly as solutions incorporate AI to aid in continuous monitoring user behaviours and determining the right responses to suspicious activity. As such, ZTAA enables unrivalled protection against unauthorised access and security breaches, as well as unintentional risky behaviour, making it essential for businesses with hybrid workforces, where users expect to be able to log in from anywhere in the world.”

“Over the last two decades, the field of cybersecurity defence has flourished into an advanced, diverse field. However, I think that we will soon see a real evolutionary step take place, which takes us beyond just manning the barricades against digital foes. Businesses are learning that, regardless of whether downtime comes from adversarial attacks or internal technological failures, the bottom-line impact is much the same, and what really matters is getting back to a state of health as quickly and smoothly as possible.

A digital immune system (DIS) approach, built around a mindset which is more agnostic as to the source of problems and more unified in its focus on recovery, will come into focus as a better way of organising teams and technology to create valuable outcomes. The good news for those who have spent years building cybersecurity expertise is that this change will put them closer to the heart of business value. Everything we have learned about resilient systems, designed redundancy, and human psychology will become relevant to business thinking more broadly. Together with more unified data practices and AI tools to action that data, the digital immune system is going to shift the goalposts from the well-defended enterprise to the self-healing enterprise.”

“The last two decades have witnessed consistent evolution in both how we do cybersecurity and the kinds of risk that cybersecurity seeks to mitigate. The most important lesson emerging in this space right now, though, is really a perspective shift around what cybersecurity is for.

For most of IT history we have spoken of defence, prevention, and avoidance, building a suite of tools and tactics to stop bad outcomes. We have been successful and made it very difficult to break into organisations, so bad actors are now compromising organisations’ user accounts with increasingly sophisticated targeted social engineering attacks, and the growing use of AI techniques, only serves to increase the challenge of detection. Going forward, that conversation is going to be re-oriented around minimising damage and recovering quickly and seamlessly from it. Whether through criminal activity, human error, or natural disaster, breaches and outages happen. The most successful businesses in such moments will be those that have invested in resilience strategies which are agnostic about the source of damage and laser-focused on returning to operational status. That demands a holistic approach where recovering data and reinstating services is baked in at every level, just as something like authorising access is today.

The cybersecurity community has developed very mature methodologies for integrating the human and technological aspects of protecting against attack. In twenty years’ time, resilience will be just as embedded in what we do”

“Cybersecurity Awareness Month serves as yet another reminder of the importance of protecting data in our increasingly digitalised world. AI will be on the agenda, as the recent explosion of generalist technologies and data-scraping tools make data more accessible than ever.

For many businesses, data privacy and security represent a minefield. Whether it’s mitigating the risk of employees exposing sensitive data to GPT-based tools or providing rapid responses to personal information requests, the data privacy challenges for business leaders today are wide-ranging. However, the reality is that compliance isn’t optional, and many are finding themselves on the wrong side of the data privacy coin.

And when it comes to compliance, it’s always going to be more difficult for smaller businesses and start-ups. They cannot afford to take the “get fined, pay up” approach of industry giants. This is why we need to be aware of the benefits of AI as much as its potential risks. AI-driven automation can play a key role in helping SMEs or overburdened legal departments understand, centralise, and analyse their enterprise data, ensuring they keep up with what is an increasingly complex and volatile regulatory landscape. The future of data security depends on our collective ability to adapt – and you can be sure that AI will be at the forefront of enabling businesses to achieve data-driven insights into compliance data, automate compliance tasks and mitigate risk.”

“Cybercriminals are using AI and machine learning to develop more effective attacks, such as automated phishing campaigns and AI-driven malware. As technology evolves, so do the attack vectors. Emerging technologies like quantum computing and 5G networks bring new security concerns. This combined with a shortage of skilled personnel and the need to maintain legacy systems and infrastructure is stretching resources as more data and services are moving to the cloud – further pressing the need to protect a wider attack surface, with fewer resources, and skills against determined and developing adversaries.

Addressing these challenges requires a multi-faceted approach that includes technological solutions, strong policies and regulations, employee education, and collaboration among governments, industries, and security experts. Cybersecurity is an ongoing process, and organizations must remain adaptive and proactive in the face of evolving threats.”

“It now seems fair to describe the continuing rise of cyber risk as inexorable. Not a week goes by without an analyst or research report announcing a new statistic about the increasing rate of attacks, the diversification of methods, or the growing financial losses being caused.

This means that it’s no longer feasible for organizations to consider any elements of the service topology as ‘trusted’. Rather than assuming any device on a network must have passed a security checkpoint and therefore can be trusted, organizations should be looking to models which secure the data and assets those networks are there to carry, requiring continuous verification of trustworthiness in order to ensure computer security. And Zero Trust ensures computer security for users, data/information, applications, APIs, devices, networks, cloud, etc., wherever they are – instead of forcing a “secure” network within a company.

By assuming every action is potentially malicious and performing security checks on an ongoing, case-by-case basis, Zero Trust reduces successful attacks and protects organizations in the event of a breach as other data and assets remain secure, rather than being accessible by an attacker. In order to successfully implement and ensure proactive mitigation of cyber threats is commonplace, the industry must establish standards and best practices for Zero Trust, which will also be a critical component of cybersecurity awareness.”

“The digital landscape is in a constant state of evolution, and along with it, the sophistication of cyber threats continues to grow. These threats take on various forms, ranging from phishing attacks and malware infections to data breaches that can compromise sensitive information. For businesses, safeguarding data and systems must be a number one priority.

While data holds the promise of transforming operations and propelling businesses ahead of the competition, when not adequately protected, it can become a double-edged sword, especially in our current AI-powered landscape. Attacks that utilise this technology can automate and enhance the sophistication of threats, making it more vital than ever to stay ahead of the curve.

Implementing strong authentication methods, encrypting sensitive data, and keeping software and systems up to date are fundamental steps in safeguarding your digital assets. Additionally, having a well-defined incident response plan and regularly assessing the cybersecurity practises of third-party vendors and partners can strengthen the overall security posture.

Cybersecurity isn’t a one-time effort; it’s an ongoing commitment. By investing in robust cybersecurity measures, you not only protect your business but also enhance the trust of your clients and partners. Stay vigilant, stay secure.”

Image by joffi from Pixabay