This year sees heightened cybersecurity risks within an environment defined by rising political, social and economic challenges. In this context it is useful to take stock of the future trends that are expected to shape the cybersecurity landscape.
According to JP Perez-Etchegoyen, CTO of Onapsis, looking ahead “we can expect threat actors to continue to look for ways to exploit already existing vulnerabilities within organisations, as well as those newly introduced, as organisations keep pace with new innovations and applications of technologies in order to stay ahead of the pack in an ever-evolving digital world.”
Perez-Etchegoyen explains to Digital Journal that remote working is an issue, especially as “the number of people working remotely remains higher than before the pandemic with around 22 percent of the UK workforce working at least one day a week from home and 13 percent working exclusively from home.”
This represents “The biggest cybersecurity vulnerability in any organisation is its own employees, this will add additional risk to organisations across the UK.”
Successfully exploiting a vulnerable system allows an attacker to execute a wide range of malicious activities, particularly if the exploitation of a vulnerability enables a malicious actor to access business-critical applications that lie at the centre of every organisation.
According to Perez-Etchegoyen: “This could lead to significant impact on vital business areas such as supply chains and manufacturing processes, and even allow threat actors to redirect financial payments and compromise highly sensitive and potentially heavily regulated data.”
Perez-Etchegoyen explains that mitigating the risk to critical business systems and applications from human error or newly added, complex systems or technologies will need to continue being any organisation’s number one priority in 2023.
A key risk area is with the cloud. Perez-Etchegoyen explains: “It’s indisputable that the world is now adopting cloud computing at an increasingly swift pace. In fact, many organisations across the UK are describing themselves as being “cloud-first” entities as they continue to prioritise the use and adoption of cloud-based offerings when looking to procure new technologies.”
In relation to this trend, Perez-Etchegoyen explains: “While this is leading to increased efficiency, productivity and oftentimes, safety, for these organisations, the rapid adoption of cloud also brings with it a number of new security concerns, fuelled in many cases by the lack of clarity in the responsibilities of implementing and maintaining security, when it comes to cloud deployments.”
This leads Perez-Etchegoyen to surmise: “Over-reliance on the cloud without thought for the security of the applications and services on the cloud can leave business critical applications exposed to threats, especially as the severity of attacks on software supply chains – which target less secure elements within the supply chain – are likely to increase in the coming year.”