Digitalization has made enterprise cybersecurity more complex than ever before. Taking that context into account, Future/Tense: Trend Micro Security Predictions for 2023 looks at some of the key trends organisations will need to address to strengthen their security posture for the year ahead.
This blog focuses on four priority threat predictions—cloud misconfigurations, hidden vulnerabilities, the vanishing network perimeter, and evolving ransomware business models—as well as a growing trend that will redefine enterprise cybersecurity going forward: the shift from point security solutions to a unified platform approach.
2023 prediction: Cloud misconfigurations will continue to undermine cybersecurity
Misconfiguration has been the most significant cloud risk for a couple of years now, accounting for up to 70% of all cloud security challenges. That shows no sign of changing in 2023 given the ongoing pace of cloud migrations, especially as network environments become more distributed and the hybrid workforce grows—opening the door to attacks and the misuse of cloud resources.
Misconfigurations occur because enterprise clouds are complex multi-vendor environments and IT teams seldom have time to get familiar with all the technologies. Creating upfront space for learning and testing can have big payoffs down the road.
For example, different cloud providers may have different restoration procedures for data backups. Giving IT the chance to test those procedures and internalise them means they’ll be prepared to act when company data has to be recovered in the wake of an incident.
Because of cloud complexity, automation is crucial. It’s not practical for teams to manually check the entire environment for correct configurations. Platform-based cloud-native software that can scan and verify settings without human intervention has the double benefit of relieving burden and catching errors in real time so they can be addressed.
Read more: Hybrid Cloud Management Security Tools
2023 prediction: Attackers will continue to exploit overlooked vulnerabilities
Outdated network protocols, hardware, and firmware can all be sources of hidden vulnerabilities that create potential attack vectors for bad actors. At the same time, new applications that use open-source software are also prime targets—and will be throughout 2023. Now that most cloud-native projects depend in some way on open-source software that is subject to fewer vulnerability checks during development, malware and other weaknesses can easily end up embedded in cloud-based enterprise operations.
Technology companies—and legislators in some jurisdictions—are paying closer attention to the risks associated with open-source software. Up-to-date global threat intelligence is now considered vital. So are bug bounty programs designed to catch and patch flaws before they can be exploited, such as the one Google launched last year and the vendor-agnostic Trend Micro™ Zero Day Initiative™.
Enterprises can protect themselves with diligent software patching, virtual patching, open-source software security policies, and automated monitoring to defend against attacks. When it comes to supply chains, they will also want to adopt software bills of material (SBOMs) for their applications, which make it easy to pinpoint affected software versions and systems when security flaws are identified.
"These days, most software is to some extent made up of third-party code that is either commissioned specifically for a software product or an off-the shelf, pre-built component designed for a specific function. This could incentivise attackers to infiltrate popular resources... to pass off their malware as legitimate code."
Future/Tense: Trend Micro Security Predictions for 2023
Read more: Software Patch Management Policy Best Practices
2023 prediction: The perimeter will continue to expand
Hybrid and remote work are hallmarks of the expanding network perimeter. Last year, IBM and the Ponemon Institute determined that the more remote workers a business has, the more a data breach will cost: a company with an 81% remote workforce will pay roughly US$2.39 million more for a breach than a company with 50% remote workers.
Cybercriminals will continue to attack hybrid work structures in 2023, launching network-based worms and exploiting virtual private network (VPN) connections, which are still popular despite hundreds of known vulnerabilities. Business email compromise (BEC) attacks will also persist—on track to cause losses of US$2.8 billion by 2027.
A zero trust approach is the best way to protect data and assets in the context of an expanding—and evaporating—network perimeter, with a Secure Access Service Edge (SASE) architecture to consolidate security and network functions in distributed, cloud-oriented environments. Zero trust network access also solves the VPN problem by securely connecting authorised users only to specific applications or services, not the whole network.
On the BEC front, two-factor verification, stronger password hygiene combined with zero trust authentication can help lessen the threat of email scams.
"Unlike VPNs that provide highway access to the entire network, ZTNA allows authorised users a secure connection to a specific application or service only, preventing threat actors from moving freely across a network."
Future/Tense: Trend Micro Security Predictions for 2023
Read more: A Secure Access Service Edge (SASE) Guide
2023 prediction: Ransomware business models will continue to evolve
Ransomware perpetrators will seek new ways of profiteering in 2023, from directly monetising information like stolen critical data to setting their sights on the cloud. Up to now, ransomware has tended to be designed for on-premises environments, but with all the enterprise investment in cloud, it’s a logical new target—one whose defences remain untested. Since no business is immune to the threat of ransomware, every enterprise, however large or small, needs a proactive approach to defending against these attacks.
Here again, the zero trust approach is a must, paired with regular backups, cultivating an organisation-wide cybersecurity culture, and taking advantage of existing frameworks from organisations like the Center of Internet Security (CIS) and the National Institute of Standards and Technology (NIST). Also, look to shift left in detecting an attack earlier in the lifecycle that can help mitigate a later ransomware attack.
Another way to guard against ransomware, is to adopt a unified cybersecurity platform which can help security teams gain visibility of an attack across the network stack.
Read more: The Near and Far Future of Ransomware Business Models
2023 prediction: Enterprises will shift from point solutions to a platform approach
Organisations deploy an average of 46 individual security monitoring tools, overwhelming security teams with uncorrelated daily alerts and too many false positives, resulting in the very real risk of a genuine attack slipping through the cracks. The traditional security paradigm using a point model is not sustainable: the scope and complexity of today’s cyber threats demand a holistic approach to security, delivered by a unified cybersecurity platform.
The move toward a platform approach will be led by organisations actively seeking more visibility across their attack surfaces like distributed clouds, networks, assets, accounts, and systems. To be truly effective, a platform will need to combine security information and event management (SIEM) with extended detection and response (XDR), artificial intelligence and analytics to provide an integrated view of the entire IT/cloud environment and deeper, contextualised correlations of alerts.
Platforms can also support endpoint detection, network defence monitoring, and more—with automation for continuous, repetitive discovery, assessment, and mitigation. They even help defend against zero-day exploits by checking bug bounty programs.
Read more: How a Unified Security Platform Protects the Cloud
Even more predictions for 2023
Cloud misconfigurations, overlooked vulnerabilities, the vanishing network perimeter and evolving ransomware business models are just some of the forecasted trends in Trend Micro Security Predictions for 2023. While each has unique causes and impacts, the scale and complexity of all will necessitate the enterprise shift toward unified cybersecurity platforms. Companies that get an early start at consolidating their security point solutions will be well positioned to address the threats of the coming year—and beyond.