What does cybersecurity hold in store for 2023?

Check out all the Smart Security Summit on-demand sessions here.

This past year has been a defining moment in the cyber threat landscape. Ransomware continued to dominate the conversation as organizations of all sizes and across industries experienced disruption, often in visible and public ways.

The war in Ukraine provided visible examples of a government leveraging its official and unofficial cyber assets, with Russia employing advanced intrusion groups, a larger cybercriminal ecosystem, and a varied disinformation apparatus. All of these entities have carried out a wide range of malicious cyber activities ranging from destructive attacks to espionage intrusions to information operations.

More traditional threats also continued to affect businesses around the world. The compromise of business email remained one of the most financially damaging crimes. Cybercriminals have discovered new ways to monetize their efforts while leveraging proven methods. Various government organizations have carried out large-scale activities to track individuals or steal intellectual property.

In addition to all this activity, some of the most high-profile intrusions have been carried out by low-level actors like Lapsus$.
Event
On-Demand Smart Security Summit

Learn about the essential role of AI and ML in cybersecurity and industry-specific case studies. Watch the on-demand sessions today.
look here
In short, 2022 provided virtually every type of malicious cyber event possible, as well as the highest volume of intrusions ever.

So what can we expect when it comes to cybersecurity in 2023? Here are five predictions:
Cybersecurity 2023: Ransomware will turn away from encryption
In 2022, we saw a demonstrable increase in ransomware events involving data theft combined with encryption events. Although not new in 2022, attackers' preference for various extortion options has become much clearer. This trend is expected to accelerate in 2023, alongside an emphasis on data destruction to include renewed interest in data backups. These increases will likely lead to a corresponding decrease in encryption events.

Why is this likely to happen? Three reasons are at play.

First, the shared technology and best practices improve the ability of ransomware victims to recover their data without having to pay the attacker for a decryptor. Related to this, several public threads have revealed that paying for decryptors often leads to data loss or consecutive ransom demands, which is why the FBI recommends not paying the ransom.

Second, cybercriminals have realized that the "hack and leak" component of a ransomware event provides a second extortion option or a subsequent way to monetize their efforts. This becomes more pronounced as regulations and governance requirements become more common.

Thirdly, it takes more technical work to create an effective encryption/decryption tool against data theft and then choose a range of methods to corrupt victims' data. This is likely a lower technical lift for ransomware actors to steal data, offer to "resell" it, and otherwise threaten to release it publicly...

Startups Jan 2, 2023 0 74 Add to Reading List

What does cybersecurity hold in store for 2023?

Check out all the Smart Security Summit on-demand sessions here.

This past year has been a defining moment in the cyber threat landscape. Ransomware continued to dominate the conversation as organizations of all sizes and across industries experienced disruption, often in visible and public ways.

The war in Ukraine provided visible examples of a government leveraging its official and unofficial cyber assets, with Russia employing advanced intrusion groups, a larger cybercriminal ecosystem, and a varied disinformation apparatus. All of these entities have carried out a wide range of malicious cyber activities ranging from destructive attacks to espionage intrusions to information operations.

More traditional threats also continued to affect businesses around the world. The compromise of business email remained one of the most financially damaging crimes. Cybercriminals have discovered new ways to monetize their efforts while leveraging proven methods. Various government organizations have carried out large-scale activities to track individuals or steal intellectual property.

In addition to all this activity, some of the most high-profile intrusions have been carried out by low-level actors like Lapsus$.

Event

On-Demand Smart Security Summit

Learn about the essential role of AI and ML in cybersecurity and industry-specific case studies. Watch the on-demand sessions today.

look here

In short, 2022 provided virtually every type of malicious cyber event possible, as well as the highest volume of intrusions ever.

So what can we expect when it comes to cybersecurity in 2023? Here are five predictions:

Cybersecurity 2023: Ransomware will turn away from encryption

In 2022, we saw a demonstrable increase in ransomware events involving data theft combined with encryption events. Although not new in 2022, attackers' preference for various extortion options has become much clearer. This trend is expected to accelerate in 2023, alongside an emphasis on data destruction to include renewed interest in data backups. These increases will likely lead to a corresponding decrease in encryption events.

Why is this likely to happen? Three reasons are at play.

First, the shared technology and best practices improve the ability of ransomware victims to recover their data without having to pay the attacker for a decryptor. Related to this, several public threads have revealed that paying for decryptors often leads to data loss or consecutive ransom demands, which is why the FBI recommends not paying the ransom.

Second, cybercriminals have realized that the "hack and leak" component of a ransomware event provides a second extortion option or a subsequent way to monetize their efforts. This becomes more pronounced as regulations and governance requirements become more common.

Thirdly, it takes more technical work to create an effective encryption/decryption tool against data theft and then choose a range of methods to corrupt victims' data. This is likely a lower technical lift for ransomware actors to steal data, offer to "resell" it, and otherwise threaten to release it publicly...