Timothy Liu is CTO and co-founder. hillstone networks.
As we look to 2023, 2023 seems to be shaping up as a “rinse and repeat” of the cybersecurity challenges we’ve seen in the past few years. There are some notable new trends and changes that security professionals will undoubtedly be paying attention to holistically.
Ensure a distributed workforce
Although the Covid-19 pandemic has subsided and employees are finally returning to the office, most companies still maintain policies that allow full or part-time work from home. The need to adapt infrastructure to support a hybrid workforce will continue to have a significant impact on security strategies.
Instead of the massive rush to remote work seen early in the pandemic, expect to see improvements across the board, from secure access policies to asset inventory control and visibility. The latter should be extended to include end clients, BYOD, mobile devices, servers, applications, and other elements. Asset discovery and management should further improve inspection of asset IDs, health checks, vulnerabilities, patch levels, and other security considerations.
A hybrid workforce will also need to drive adoption of many key technologies, such as cloud and SaaS, to increase agility and flexibility. At the user access level, Identity and Access Management (IAM), Zero Trust Network Access (ZTNA), and Secure Access Service Edge (SASE) can all gain traction. Another new product category, Security Service Edge (SSE), should coalesce and become more tangible.
Overall, the transition from the traditional edge-based security model to the new hybrid/distributed workforce model is a dramatic change that will most likely occur gradually over time.
OT/IoT security attracts attention
The number of recent attacks against operational technology (OT) and the Internet of Things (IoT) has made it abundantly clear that these areas require greater focus and attention to security. In a 2021 attack on a water treatment plant in Oldsmar, Florida, a hacker temporarily increased sodium hydroxide (lye) content more than 100 times his. This was a serious attack that could pose a serious safety risk to consumers. Fortunately, an observant power plant operator detected the change and quickly returned to normal settings, avoiding potential harm to the townspeople.
OT, IoT, and the Industrial Internet of Things (IIoT) have become commonplace in many industries as part of Industry 4.0. This is also called digital or smart manufacturing. The 4th Industrial Revolution relies on the generation, analysis and interaction of data to automate processes and support better decision-making.
However, recent attacks have revealed that many large-scale OT/IoT networks are demonstrably poorly protected or not at all protected. Geopolitical risks further emphasize the importance of securing critical infrastructure to protect these elements from attack and abuse. To compound the problem, new technologies such as networked cameras, cars, and other devices can introduce new security issues.
In 2023, given the rapidly changing nature of Industry 4.0, security professionals will need to continuously monitor these assets through asset inventory processes, ideally using automated discovery. should focus on doing. In addition to providing accurate threat detection and protection, mechanisms must be in place to identify and defend against anomalies that could be indicators of compromise. Perhaps above all, you should devise a good security incident response plan so that you can respond quickly when your OT/IoT/IIoT devices are compromised.
Investing in cloud and security
Among many other impacts, the Covid-19 pandemic has accelerated cloud adoption as organizations turned to maintain continuous operations in a challenging environment. Unfortunately, increased cloud adoption has only increased cloud-related security incidents, both in terms of type and number of attacks.
The 2022 IBM Data Breach Cost Report found that 45% of breaches occurred in cloud environments, with average costs in the millions. In this way, awareness and demand for cloud security have also increased, and this trend is expected to continue beyond 2023. However, the focus should strategically shift toward supporting hybrid cloud environments that span private data centers and public clouds.
We also anticipate that this evolution will require a shift in management strategy. The scope of hybrid cloud deployments makes a piecemeal approach no longer work. Being able to manage security seamlessly is essential as part of cloud operations management.
Security Operations Trends
As mentioned earlier, the data center ecosystem has changed significantly over the last few years. In 2023, we believe there will be a new emphasis on better integration between security operations (SecOps) and security infrastructure. This finally brings it all together and gives you better visibility and a “single window” view into SecOps.
Industry analysts and others predict that the adoption of extended detection and response (XDR) will also increase. This should be driven primarily by her XDR’s ability to provide better analytics to help security personnel understand and respond appropriately to incidents. Additionally or in conjunction with the richer information and guidance of the MITER ATT&CK framework, we should see greater adoption of its use for security analysis.
Another trend we’ve been keeping an eye on is improving automation for handling specific incidents. Using automation, security professionals can set up playbooks to trigger automated mitigation and remediation actions for common security scenarios. This frees staff from more mundane incidents and allows them to deal with complex or high-risk attacks and breaches.
Overall, we believe that organizations will increasingly recognize the value of building response plans for the various types of security incidents that are becoming critical to their business operations.
In short, 2023 presents new challenges and new opportunities for security practitioners. However, a rational and strategic approach to the many challenges ahead can lead to a safer and healthier cybersecurity environment.
The Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. am i eligible?