This past year has been an eventful one for cybersecurity. From the events between Russia and Ukraine to the Twitter and Uber hearings, we have had much to unpack. As we learn from the past year and look at some of the technological advancements we have seen this year, we have to ask ourselves what will the future look like?
It’s important to make some predictions, not only because it’s entertaining but more importantly because it is a big part of the cat and mouse game that cyber attackers and security teams play – you always want to be one step ahead. With that in mind, here are three things I foresee unfolding in 2023:
Adoption of a more modern security framework
We will see most security frameworks continue to fail in 2023 for a simple reason: complexity. Most frameworks layer hundreds of controls across dozens of domains and create environments that are unwieldy and, thus, nearly impossible to defend. In their place, we will see an increase in the adoption of the “security fabric” approach, which is far more straightforward and powerful.
Adopting this framework makes interconnecting all security functions with underlying foundational components possible. It is built on a cloud-native, virtual security approach that’s available outside of traditional data center environments. A security fabric is better at defending organizations with remote employees, allowing security teams to focus on knowing what assets exist in their organization’s environment. Once a security team understands the assets, or in other words, has ‘structural awareness ‘of their environment, it is far easier to get a handle on what events or activities are happening within that environment. It’s difficult enough to detect malicious actors who are becoming more clever by the day, but it is nearly impossible if boundaries around where to look haven’t been established.
The final advantage revolves around long-term analysis and continued ongoing security. With a security fabric, businesses can improve their security maturity by connecting the dots within their cybersecurity architecture and using this as a knowledge base to avoid making the same mistakes twice. In other words, a properly implemented security mesh constantly analyzes what is happening and improves over time.
CISOs will demand a seat at the table
The past year has shown the effects that whistleblowing (Twitter) can have when an organization ignores its employees flagging activity they consider fraudulent, unsafe, or illegal. But over the past year, we have also seen the consequences when CISOs actively ignore or hide security issues. For example, in the Uber situation, we saw for the first time criminal charges filed and then later a conviction. These contrasting stories create a potential no-win situation for CISOs who, on the one hand, may be ignored for calling out issues or could face jail time if they actively turn a blind eye (and/or hide) them.
We are likely to see one of two outcomes. First, the role of CISO is elevated to be on the board or reporting directly to the CEO, which is often not the case. Alternatively, we will see many CISOs quit. If CISOs take on the risks associated with being on the board, they need to get the same authority and influence.
Greater dependency visibility
With the beginning of 2023 fraught with enormous economic and regulatory uncertainty, we will likely see a consolidation of tools and a greater focus on which tools are necessary. The nature of tech is that many organizations adopt tools to fix immediate problems, and often these tools have overlapping functionality and use cases. Although security budgets are likely to be a bit safer than other departments in a business, security teams will still need to consider what they must have to be successful with fewer resources. To do this, they will need to understand complex dependencies in cloud environments and asset relationships to prioritize security decisions and risk response effectively.
The plus side is that simplifying environments can also positively impact security. When there are too many dashboards or tools that don’t integrate smoothly, there is a risk that crucial alerts are missed and malicious activity goes unnoticed. My advice to any security leaders facing a situation like this is to approach it like spring cleaning rather than stressing over the tools you won’t be able to keep – in the end you may find the simplified tech stack is actually more effective.

