ASIA PACIFIC — 14 December, 2022 — Vectra AI, the leader in Security AI-driven hybrid cloud threat detection and response, has today released its predictions for 2023 across Asia Pacific and Japan, revealing the emerging trends that will shape cybersecurity next year.
As with any predictions, Chris Fisher, Vectra’s Director of Security Engineering APJ believes that we need to look to the past to understand what could happen in the future.
Chris explains, “In 2022, we have seen significant supply chain disruption caused by cyber events, for example, preventing the production of goods in Japan. We have also seen major data privacy breaches in markets like Australia and New Zealand due to attacks on critical national infrastructure and insurers that has impacted millions of lives.”
Vectra’s Fisher also believes that organisations looking to fast track adoption of new technologies may inadvertently be creating vulnerabilities.
Chris comments, “Next year, organisations will face more unknown cyber threats targeting on-premises systems, cloud infrastructure, and SaaS applications as companies rush to adopt new technologies. The skills shortage is growing too, causing analysts to becoming overloaded and burnt-out. Combined, this is creating a perfect storm, leaving organisations more vulnerable to a breach. Organisations must adopt an effective detection and response strategy that reduces the burden on analysts, prioritising the most high-risk alerts. This means using tools that can identify the suspicious behaviours that an adversary will exhibit as part of an unfolding attack, flagging up these signals so organisations can stop an attack before it becomes a breach.”
Read on for Vectra’s 2023 Security Predictions:
Prediction 1: Increased analyst fatigue and resignation will see the tides turn away from protecting the castle walls to detection and response
Attackers are continuing to breach the castle walls, creating fatigue and eventual resignations amongst cybersecurity professionals. Instead of working on preventing these attacks from happening and to prevent employee burnout, we will see a needed shift to focus on reducing the impact of an attack. This means building resilience within the organisation covering people, process and technology and focusing on early detection and sound response as opposed to protection & prevention. This will identify suspicious activities, and the sorts of behaviours that an adversary will exhibit as part of an unfolding attack. The key is being able to spot attacks in progress so they can be stopped before a breach.
Prediction 2: Organisations will use automation to recover from ransomware attacks
Traditional restoration procedures following a ransomware attack are both costly and time consuming for organisations; therefore in 2023 we will see organisations look to automation, via infrastructure as code (IaC), to reduce downtime. Infrastructure-as-Code (IaC) starts replacing configuration/system backups and reduces downtime. Instead of re-building the old, companies start focusing on building the new with the help of CI/CD pipelines, IaC, etc. Applications can be spun up in a matter of minutes and organisations can focus backup and protection efforts on data. This is building resilience from the core up.
Prediction 3: Supply chain attacks will continue but hackers will look beyond the ‘usual suspects’ to cause havoc
Attackers will continue to cause maximum disruption in the form of supply chain attacks, but instead of targeting key suppliers, they will look beyond the ‘usual suspects’ to gain access into networks. For instance, this could include legal or accounting firms. A holistic approach may help turn the tables on the matter: supply chain means partnership – partnership means collaboration and supporting each other. Only as a ‘mesh’ interconnected structure with consistent resiliency can companies thrive in the digital economy. This includes ensuring that they review the security policies of all those in the chain.
Prediction 4: Multi-Factor Authentication (MFA) will continue to be a prime target for attackers With identity attacks on the rise, in 2023 attackers will continue to take advantage of vulnerable MFA methods. As companies continue to roll out MFA, attackers will continue to take advantage, either by flooding end users with requests to brute-force their way in, or by skilled phishing campaigns. End users will be the ones directly targeted by attackers, this means not just organisations, but also consumers will need to be more aware than ever of the risks to their digital identities. Meanwhile, organisations must ensure they have tools in place to detect suspicious login activity and stop it in its tracks.
Predictions 5: As the war for talent continues, security companies will need to develop creative ways to recruit and retain workers
In an increasingly globalised labour market where workers increasingly seek new opportunities, cybersecurity companies are at risk of losing talent to traditional tech companies. As an industry that is no stranger to burnout and stress, cybersecurity companies will have to ensure they can demonstrate they are an attractive outfit to work for. This is to fend off competition from tech companies that can often offer lucrative salaries and superior work-life balance. To achieve this, cybersecurity companies must adopt a more forward-thinking approach, this could include offering flexible working arrangements, performance incentives and health and wellness policies.
Vectra® is the leader in Security AI-driven hybrid cloud threat detection and response. Only Vectra optimizes AI to detect attacker methods—the TTPs at the heart of all attacks—rather than simplistically alerting on “different.” The resulting high-fidelity threat signal and clear context enables cybersecurity teams to rapidly respond to threats and stop attacks from becoming breaches. The Vectra platform and services cover public cloud, SaaS applications, identity systems and network infrastructure – both on-premises and cloud-based. Organizations worldwide rely on the Vectra platform and services for resilience to ransomware, supply chain compromise, identity takeovers, and other cyberattacks impacting their organization. For more information, visit vectra.ai.
Karen Peterson or Lisa Burnet