Many-headed hydra of the economy, open war and cloud complexity will make cybersecurity increasingly challenging
SALT LAKE CITY–(BUSINESS WIRE)–Venafi®, the inventor and leading provider of machine identity management, today released its predictions for the cybersecurity landscape in 2023, indicating that this will be one the most challenging years yet for the cybersecurity industry.
“With economic uncertainty casting a heavy shadow across the globe, the geopolitical landscape the most unstable it’s been in decades and cloud migration marching on relentlessly, cybersecurity has never been more important. This will present unprecedented challenges for security teams in 2023,” comments Kevin Bocek, VP of security strategy and threat intelligence at Venafi.
The predictions include insights from Bocek; Matt Barker, president of cloud native solutions; Yana Blachman, threat intelligence specialist; Sitaram Iyer, senior director of cloud native solutions; and Pratik Savla, lead security engineer, on the year ahead. Highlights include:
“The ransomware cash cow may stop mooing in 2023, forcing hackers to pivot to other revenue generators – like selling stolen machine identities. We’ve already seen a high price for code signing machine identities on dark web markets, and groups like Lapsus$ regularly use them to launch devastating attacks. Their value will only increase this coming year.” – Kevin Bocek
“In 2023, we will see continued efforts to manage the risk posed by software supply chain attacks, with more start-ups and open source tools – like cosign and sigstore – designed to help in this area. Biden’s SBOM initiative has helped bring attention to the requirement, with The OpenSSF leading the charge. As a result, we expect to see some positive movement in this space.” – Matt Barker
“Russian cyberattacks will aim to disrupt the West’s greatest asset – their economies – as Russia is excluded from the international finance community. Cyber-enabled economic warfare will be crucial to Russia’s geopolitical strategy, with the aim of either generating revenue or disrupting rival economies. We’ve already started to see this with recent attacks on the US Treasury.” – Yana Blachman
“Nation state attacks will become more feral as ground war tactics become more untamed and unpredictable, bringing the cyber and physical worlds into a collision course. These will have the potential to spill over into other nations, as Russia becomes more daring, trying to win the war by any means – and could be used as a distraction to target other nations with cyberattacks.” – Kevin Bocek
“The rise of the platform engineering team will be one of the big trends of 2023. Cloud Native reimagines how companies think about building and operating infrastructure; they require a totally new team to build and support it. Platform engineering teams will build on the learnings of DevOps culture, encompassing every persona needed to build and run IT infrastructure – including Dev, Security and Operations.” – Matt Barker
“As we build our knowledge of cloud risk, we’ll start to uncover breaches we knew nothing about. We’ll find that threat actors are ahead of the curve and have already infiltrated cloud networks – perhaps weeks, months or even years ago.” – Yana Blachman
“There will be more failed audits in regulated industries as multi-cloud, multi-cluster complexity causes companies to breach compliance requirements. The increased volume of machine identities in cloud native environments will make compliance with regulations on machine identity management a real challenge. If this process isn’t automated via a control plane, failed audits will become commonplace.” – Sitaram Iyer
“With cloud costs predicted to rise by as much as a third in the coming year, we will see an increased focus on FinOps – i.e., financial operations – a management practice to promote shared responsibility for an organization’s cloud computing infrastructure and costs. How FinOps is implemented in Cloud Native and which tools you should use to help manage it, including security solutions, will come into sharp focus in 2023.” – Matt Barker
“In 2023, API security will rise to the top as one of the biggest concerns and priorities for enterprises as organizations increasingly move to an API-first software development approach. This exponential adoption of APIs will exacerbate security concerns, with the potential to cause significant security breaches.” – Pratik Savla
- “As recession bites, we expect to see more everyday people turning to cybercrime as a source of income in 2023. Ransomware-as-a-Service (RaaS) and Malware-as-a-Service (MaaS) will rise, as they enable people that don’t have technical skills to launch attacks.” – Yana Blachman
For the predictions in full and further 2023 trends, please contact [email protected].
Venafi is the cybersecurity market leader in machine identity management. From the ground to the cloud, Venafi solutions manage and protect identities for all types of machines—from physical and IoT devices to software applications, APIs and containers. Venafi provides global visibility, lifecycle automation and actionable intelligence for all machine identity types and the security and reliability risks associated with them.
Jetstack, a Venafi company, is a cloud native products and strategic consulting company working with enterprises using Kubernetes and OpenShift.
An open source pioneer, Jetstack has achieved notable industry recognition as the creator of cert-manager, the open source industry standard for cloud native machine identity management. Jetstack’s open source products and solutions protect the application environments and platform infrastructure of global banks, multinational retailing companies and defense organizations by providing enterprise platform and security teams the power to build, scale and security their cloud infrastructure.
With more than 30 patents, Venafi delivers innovative machine identity management solutions for the world’s most demanding, security-conscious organizations and government agencies, including the top five U.S. health insurers; the top five U.S. airlines; the top four credit card issuers; three out of the four top accounting and consulting firms; four of the five top U.S. retailers; and the top four banks in each of the following countries: the U.S., the U.K., Australia and South Africa.