Top Cybersecurity Trends in 2023
As organizations continue to catch up to increased remote work and digital processes, the current trends and issues drive future legislation. Here are some of the big trends organizations should pay attention to in 2023:
1. Using Cloud-Based Infrastructure
Many companies and governments currently use antiquated infrastructure, which comes with significant cybersecurity risks. Lenz says current apps and systems are developed for the modern environment, but companies still use old technology designed decades ago.
For example, the financial services sector still relies on mainframe technology. “Many of the companies hit by ransomware attacks operate in a legacy environment that’s not up to the job of implementing best practices,” says Lenz.
By moving to cloud-based infrastructure, organizations can reduce security risks. With cloud adoption, businesses have full visibility and access to experts across the county, which eliminates many of the risks of operating outdated equipment.
2. Moving Toward Digital Identities
In 2023, digital identities will continue to push paper identities into history. Lenz says he sees a similar problem with privacy legacy identities that were created decades ago as paper documents. For example, it’s still common to be handed multiple pieces of paper to fill out with your medical history and other personal information when you go to a new doctor. Those pages are then read by a human and entered into the computer system.
While shredding those documents is a best practice, that doesn’t always happen. Lenz says that to create true privacy, organizations must use new authentication and protection techniques. By moving to digital identities, organizations can use cybersecurity techniques to secure sensitive data properly. Additionally, digital identity authentication across platforms and systems proactively identifies potential threats more quickly.
3. Holding Executives Accountable
While fines assessed to companies have increased and been leveled due to cybersecurity and privacy issues, company executives have not yet been held accountable. Fining the company, in essence, fines the organization’s shareholders — not the leaders responsible for the security deficiencies that allow issues to occur, Lenz says.
One of the greatest challenges he notes is that there is no sense of accountability at a corporate level. “We need to start holding senior executives accountable. When you hold people personally accountable, we will see changes,” Lenz adds.
4. Adopting Zero Trust
With an increase in remote work over the past few years, protecting the perimeter no longer properly secures an organization. To protect the new way of working, organizations are increasingly moving to zero trust, which is a framework that starts by assuming all apps, devices, and uses are not authorized. Organizations use strategies such as multi-factor authentication, encryption, and microsegmentation to ensure that only authorized users access the network.