The future of data centers — and everything else, for that matter — is a mystery. If nothing else, COVID taught us that everything can change in unexpected ways. Anomalies aren't the norm, though, so Mission Critical reached out to some industry experts and asked them to share their educated guesses about what to expect in the year to come. Here's what they had to say.
Cloud
"Hybrid computing will cease to exist as everyone transitions to the cloud. Sales teams at Azure, AWS, and Google will continue to focus on moving legacy applications and organizations to the cloud because it’s where they make the most money, contributing to the death of hybrid computing."
— Uma Chingunde, vice president of engineering at Render
Construction
"In 2023, the ubiquity of 5G will drive a tremendous amount of traffic into the core center and cloud. Data center construction will ramp up significantly, and power demand will spike in response to ongoing digitization priorities. U.S.-based original equipment manufacturers (OEMs) and data center designers are considering lowering reliance on other countries for materials and labor, as national security and economic concerns remain at the forefront for US enterprises."
— Vito Savino, data center segment leader for ABB Power Conversion
Critical infrastructure
"A major water treatment plant will suffer a cyber-physical breach. The protection of critical infrastructure industries continues to receive increased attention as attacks on these organizations run rampant. While many attacks against sectors like utilities and manufacturing have remained digital, 2023 will bring about physical cybersecurity attacks against vital organizations like water treatment plants that shut down entire city supplies for days. Water facilities represent a softer target than power plants for example which are used to fending off attacks traditionally. Especially on the heels of the Jackson, Mississippi water crisis, attackers will look to take down water systems in heavily populated areas to cause significant disruption since the damage would be longer-lasting."
— Nick Tausek, lead security automation architect at Swimlane
Cryptocurrency
"Threat actors will lean in on romance scams, where cyber criminals adopt a fake online identity to gain a victim's affection and trust, and large-scale consumer fraud in order to reap massive profits in the new year. And while there won’t be a massive change in BEC attack tactics, which have run rampant in 2022, we’ll specifically see an increase in pig butchering scams, a form of romance scam that convinces victims to invest in cryptocurrency platforms."
— Ronnie Tokazowski, principal threat advisor at Cofense
Cyber insurance
"Today, cyber insurance policies are developed very naively – looking at the organization’s number of employees and revenue alone to build premiums, but this does not provide an accurate view of a company’s security posture. As vendors and cyber insurance providers work together in 2023 to converge on the best way to underwrite a cyber insurance policy, they will begin to look at a “company’s bloodwork.” This will include meaningful metrics that are demonstrative of the maturity and resilience of the organization’s cybersecurity posture, much like what is done for an individual’s life insurance policy."
— Rohyt Belani, CEO and co-founder of Cofense
"For the last decade, organizations that paid premiums were able to bail themselves out when a disaster struck. But as cyber insurance premiums continue to rise amid the proliferation of ransomware, insurance companies are struggling to manage the cost and premium relationship. In 2023, we will see a new evolution of cyber insurance emerge with specific coverage criteria tied to cyber hygiene. Cybersecurity teams will be required to demonstrate the efficacy of their strategy, and organizations that fail to maintain proper safeguards will be excluded from coverage when an attack occurs."
— Cody Cornell, co-founder and chief strategy officer at Swimlane
Cybersecurity
"2022 brought many splashy headlines from threat groups like Lapsus$ successfully attacking major organizations like Uber and Nvidia, and state-sponsored Lazarus exploiting Log4j flaws to hack US energy companies. In 2023, we predict a major threat group will be discovered to have been dwelling in the network of a Fortune 500 company for months, if not years, siphoning emails and accessing critical data without a trace. The organizations will only discover their data has been accessed when threat groups threaten to take sensitive information to the dark web."
— David Anteliz, senior technical director at Skybox Security
"The CISO’s role is all about prioritization, especially as they face economic pressures and uncertainty. When looking at the threat landscape, more than 90% of an organization’s threats come in via email and end at a system’s endpoint. As CISOs plan for 2023, email and endpoint security will be on the top-three list of priority security solutions they invest in and are areas that they are not willing to compromise on."
— Rohyt Belani, CEO and co-founder of Cofense
"As the conflict between Russia and Ukraine continues, we will see Russian threat actors double down on ransomware efforts as physical, on-the-ground tactics see little return. To make an even greater impact, threat actors will target countries that support Ukraine to “punish” their allegiance to the country, targeting critical infrastructure like healthcare and energy."
"There is a common 5-year pattern when it comes to the consolidation of tools that we see across the security market. This pattern is due to economic fluctuation, business shifts and simply because people's memories are short when it comes to past major breaches. As economic uncertainty continues in 2023, the pattern will rise again. Organizations will decide that their email security tools are enough and forgo additional vendors, leading to an increase in attacks that do not get blocked."
— Josh Bartolomie, vice president of global threat services at Cofense
"As threat actors continue to share what works on their side in terms of attack vectors and tactics, security leaders and cybersecurity organizations will increase their communication with each other in 2023 on what is working best to defend against threat actors. This crowd-sourced threat intelligence will allow organizations to learn how to better defend themselves."
"Attacks have made a clear list of what tactics work over the years and always defer back to what is successful for quick and easy money. Leveraging this strategy, attackers will place increased efforts on business email compromise (BEC) attacks like employee impersonation fraud. Many organizations lack security protocols for reviewing items like invoices that seemingly look like they are coming from a vendor. Not only are these tactics quick wins, but they are also often almost untraceable."
— Tonia Dudley, vice president and CISO at Cofense
"Browsers power just about everything we do and are undoubtedly the most used applications, especially as more applications like CRM tools migrate from native applications to existing fully in the browser. Because so much of our daily work and personal activities live in the browser, it’s the perfect gateway for threat actors to reach an organization’s core. As browsers become more complex with new features and uses, threat actors will heavily target browser bugs and vulnerabilities in 2023 to breach organizations and access sensitive data.
Today, the gap between less sophisticated and highly sophisticated attacks is getting lower and lower. Anyone can find and purchase sophisticated tools that can bypass most current security solutions on the dark web. Because of this, software leveraged by highly sophisticated actors like state-sponsored hackers is now becoming increasingly common to much less sophisticated actors that target organizations in all industries just for profit, which is highly alarming.
While unsophisticated threat actors are on the rise, sophisticated threat actors like advanced persistent threat (APT) groups are still busy at work. APT groups will continue to leverage their complex tactics to remain undetected in networks but will place a renewed emphasis on the critical infrastructure and public sector verticals."
— Avihay Cohen, CTO and Co-founder of Seraphic Security
"As economic uncertainty looms in the air as organizations plan for 2023 budgets, the conversation around purchasing cybersecurity solutions will transition from “what are we buying?” to “why are we buying it?” With leadership looking to tighten budgets, the c-suite will begin to question the effectiveness and outcomes of security tools rather than just worrying about having solutions in place, ensuring the budget is spent on tools that bring value to the business.
Today, many organizations are finding that their SIEM and data lake stories are no longer providing enough value. Most of the alerts that they're responding to are being identified downstream by their threat detection tools, not via their SIEM. In 2023, organizations will begin to move their response to high-fidelity alerts to their automation system, as opposed to running it through a data lake or some type of SIEM as it's very cost prohibitive and slow to respond to high-fidelity information. Through the combination of things like the broad applicability of automation and the move away from aggregation as the sole mechanism for response, automation will begin to have more use cases across the cybersecurity industry."
— Cody Cornell, co-founder and chief strategy officer at Swimlane
"As tensions between nation-states like Russia and China continue, these countries will leverage social media manipulation like Twitter bots, fake Facebook news and even TikTok to influence the security posture of the federal government. Platforms with ties to hostile foreign governments like TikTok present an even greater opportunity to manipulate voters in the U.S. and other western democracies, and those governments have shown great willingness to exploit this opportunity. While this tactic isn’t a direct cyberattack, these nation-state threat actors can influence public behavior to bring about large-scale changes within society.
In 2023, as we head into the 2024 U.S. presidential election, this will only increase. Election denialism and conspiracy theories will continue to be promoted by foreign and domestic agents hostile to democracy with the purpose of delegitimizing elections in western democracies. This tactic will prove successful and election conspiracies will run rampant, causing huge swaths of the population to refuse to acknowledge the results of legitimate elections.
As sanctions continue to tighten around hostile nation-state threat actors, particularly Russia amid the war with Ukraine, we will see these countries ramp up ransomware attacks. This attack method, which is seen as easy, effective and profitable, will help nation-states mitigate the impact of sanctions during times of conflict and tension."
— Nick Tausek, lead security automation architect at Swimlane
"Many experts were surprised at the evident ineffectiveness of Russian cyber espionage during the Ukraine war. However, Russia’s unsuccessful attempts thus far are not to say we won’t see one occur in 2023. Russian cyberattacks have succeeded in shutting down Ukraine’s power grid in the past and Ukraine has already reported numerous instances of Russian hacker attempts to cut off its electricity this year. In 2023, we can expect a higher level of sophistication coming from Russian hackers."
— Ryan Slaney, threat researcher at SecurityScorecard
"With the uptick in massive third-party data breaches, conversations around business ecosystem risk have escalated to the senior leadership level. Organizations have also begun taking the security posture of vendors into account before doing business with them. Gartner forecasts that the majority of enterprises will use cybersecurity risk as a core determinant in conducting business engagements and third-party transactions by 2025.
Network defenses such as firewalls and identity management solutions are still essential to maintaining a strong cybersecurity posture. However, in 2023 organizations will need to place equal investment in threat intelligence and monitoring tools that can illuminate hidden cyber risks across their extended business ecosystem. With increased visibility into third- and fourth-party risk, more enterprises are likely to withdraw from partnerships that pose a threat to their business."
— Sam Kassoumeh, COO and co-founder of SecurityScorecard
"It’s no secret the economic downturn has meant significant budget cuts for many companies. As cyber threats escalate, cybersecurity investments are either staying put or increasing in 2023—that is, only if security teams can rightly prove the value of their cybersecurity programs to senior leadership and the board. However, the majority of CISOs are struggling to effectively express the business impact of cyber risks to their board. In 2023, this ability will go from a nice-to-have to a must-have, and we will see an influx of CISOs losing their jobs if they can’t adapt.
With the economy remaining uncertain next year, CISOs will feel increased stress from their board and senior management to justify the spend on their cyber tech stack. To ensure their security program is well-financed, CISOs will need to set specific management-level cyber metrics that can help them properly articulate whether the cybersecurity products and tools they have purchased provide a sound return on investment."
— Aleksandr Yampolskiy, CEO and founder of SecurityScorecard
"Historically, malicious actors targeting APIs would leverage only one of the tactics outlined by the OWASP Top 10 – a standard awareness document for developers and web application security that represents a broad consensus about the most critical security risks to web applications – for an attack.
The reality is that APIs are under attack from several different vectors. In the year ahead, we will see attackers evolve to use a combination of three different tactics–Broken User Authentication (API2), Excessive Data Exposure (API3) and Improper Assets Management (API9)–to bypass common security controls and achieve their end goal. The increased combination of these three threats indicate that attackers will be performing new levels of analysis to understand how each API works – including how they interact with one another and what the expected result will be."
— Jeremy Kowalczyk, senior security architect at Cequence Security
"Historically compliance standards have forced organizations to flatten their investments horizontally across a broad array of controls, allowing them to earn their green checkmarks without regard to true control effectiveness.
The reality is that enterprises are at war, and they need to actually test their capabilities in real-world environments, not just on paper. In late 2022 we began to see a shift, with CISA recommending for the first time in September that companies adopt automated continuous testing to protect against longstanding threats. The authoring agencies recommend exercising, testing, and validating your organization's security program against the threat behaviors mapped to the MITRE ATT&CK for Enterprise framework.
This is only the beginning. In 2023, we will see organizations shift from a reactive mindset to a proactive one in order to better prevent and remediate cyberattacks. Security operations teams will do this by turning to tools that leverage automated, continuous real-time testing to help them better manage risk and ensure less impactful security events with greater effectiveness."
"A CISOs primary responsibility is protecting the business. This must be measured, benchmarked and aligned to the needs of the organization based on the risk profiles of the business. It has nothing to do with technology. It is about looking at each information security function and the level of protection it delivers to business.
Historically, CISOs were technical individuals that got promoted into management positions. In the year ahead amid a tighter financial period, we will see the strategic clarity of security’s function within the organization matter more than technology decisions. This will cause CISOs to shift their thinking to measuring security program performance as a result of increased pressure on to create real business outcome-oriented measurements."
— Brett Galloway, CEO of AttackIQ
"Instead of using common programming languages like Python, threat actors will begin leveraging languages like Rust that cybersecurity tools aren't designed to catch, causing attacks to go undetected. Some organizations today continue to neglect to implement cybersecurity basics that detect and prevent basic attacks, let alone attacks built on uncommon languages."
— Terry Olaes, senior technical director at Skybox Security
Digital transformation
"With a backdrop of challenging economic waters and the increasing cost of capital, M&A headwinds experienced during 2022 are expected to continue into the new year; appetite for risk is on the wane. However, investors and corporate business development functions will continue to prospect for value, particularly in privately-held ventures (who may have abandoned plans for public offerings). Digital transformation remains table stakes for enterprises; the technology and solutions which power core to cloud to edge compute, data management (and memory), and will enable AI and machine learning, will continue to be of high interest as fundamental to the imperative."
— Mark Adams, CEO of SGH
Economy
"Economic headwinds challenged industries universally in 2022 and are expected to continue well into 2023. Consumer tech had been down for 6-9 months, and while enterprise has held reasonably strong throughout, it too is starting to show softness. The cycle is proceeding with little visibility, but the semiconductor industry is often seen as an indicator leading into and out of recessions. As enterprises continue to navigate through this downturn, they recognize the need to protect long-term investments. That means a greater emphasis on constructing the business of the future and continuing to invest in the technologies that get them there—AI/ML, Data Analytics, decentralization, etc.—even through the down cycle. If history is any indication and the trend holds true, for the first time in nearly a year, conditions indicate that a turning point may be in sight, and it may come as early as mid-2023."
— Mark Adams, CEO of SGH
"In 2023, we will see fewer resources and tighter security budgets in corporate settings thanks to economic uncertainty, resulting in subpar security posture across organizations. Because of this, threat actors will capitalize on this asymmetry and evolve faster, creating the perfect storm for an amplified number of breaches across all vectors in 2023, especially using email as an attack vector."
— Rohyt Belani, CEO and co-founder of Cofense
Health care
"Expect to see organizations start to coalesce around scientific platforms to optimize research and development (R&D). We know scientists working on life-saving discoveries from cancer research to food scarcity struggle with their data in silos, using dozens of favorite apps to aid them in the process. Anticipate seeing life sciences organizations transition to end-to-end platforms that can integrate legacy applications and instrumentation all utilizing the same data core, in a similar way to how Amazon and Google have in their respective ecosystems. Ultimately, such moves will free biotech’s to focus their time, money, and expertise on what matters most—the science that will help them make better therapies faster and increase their chances of success in a volatile market."
— Thomas Swalla, CEO of Dotmatics
Power
"Data center computing capacity needs continue to increase to support modern applications and propel the next wave of innovation. Supporting this exponential growth will require higher-power facilities and equipment, which means data center designers and operators will need to rethink their power architectures. As such, they will continue to explore highly scalable, decentralized DC power architecture to address growing density, efficiency, and computing demands."
— Vito Savino, data center segment leader for ABB Power Conversion
Regulations
"According to Gartner, digital immune systems that deliver resilience and mitigate security and operational risks will be a key strategic technology trend in 2023. We’ve already seen considerable mentions of security by default practices in the past several months within CISA’s Strategic Plan for 2023 - 2025 and the White House’s guidance on enhancing software supply chain security. In 2023, we’re going to see increased guidance and legislation surrounding secure development practices that include specific metrics and timelines for federal agencies. As technology companies seek government contracts in the coming year, it will be increasingly crucial that they collaborate with the public sector and look at these government regulations as a baseline to build foundationally secure software."
— Aleksandr Yampolskiy, CEO and founder of SecurityScorecard
Retail
"Much like changing regulations for government agencies, retailers are preparing to navigate a new standard: the Payment Card Industry Data Security Standard (PCI DSS) 4.0. Effective in 2024, this new standard will impact all organizations that store, transmit or process cardholder data and sensitive authentication data. The new standard allows organizations to customize their approach to proving compliance with each PCI DSS security requirement. If organizations take this direction, there are growing opportunities for threat actors to exploit retailers who may have taken non-standard routes to achieve compliance. Additionally, the long lead time to implement these regulations gives attackers more opportunity to use those requirements as a blueprint to breach retailers before they have time to implement changes to their cybersecurity strategy."
— Terry Olaes, senior technical director at Skybox Security
Supply chain
"Semiconductor supply constraints – an improved situation compared to six months ago (as much to do with softening demand in certain verticals) – underscored critical need for upleveling U.S. production. Passage of the CHIPS Act and recently announced domestic manufacturing investments by Intel, Micron, IBM and others will be seen as significant moments in returning momentum to U.S. silicon – a trend expected to continue in 2023 and beyond. With U.S. design and manufacturing promising a range of benefits -- job creation, self-reliance and improved security – impact will be decades-long. Having lost sight of the value of semiconductors as the critical brains of much of our innovation, these recent developments will prove to breathe some swagger back in to the industry."
— Mark Adams, CEO of SGH
"The U.S. Government has made great strides in reducing direct attack threats through initiatives like expanding the Cybersecurity and Infrastructure Security Agency (CISA) along with several guidances on strengthening responsibility and community-driven threat detection. While the government has revolutionized how they respond to direct cybersecurity threats, federal agencies now must pivot their focus to third parties. In 2023, we’ll see third-party and supply chain attacks become much more debilitating to infiltrate federal agencies despite the increased focus on cybersecurity."
— Nick Tausek, lead security automation architect at Swimlane
"The Cybersecurity and Infrastructure Security Agency (CISA) has issued a number of new guidance this year. Most recently, Binding Operational Directive 23-01 mandates federal agencies to take necessary steps to improve their asset visibility and vulnerability detection capabilities in the next six months. In 2023, we will see threat actors ramp up their attacks on before new cybersecurity controls are implemented ahead of 2023 deadlines. This increase in attacks will likely come in the form of supply chain attacks as malicious actors seek to do their worst before they get caught."
— David Anteliz, senior technical director at Skybox Security
Sustainability
"As organizations move to reduce their carbon footprint and meet sustainability goals, sustainability metrics in the IT space will be crucial and put IT executives front and center of environmentally friendly initiatives."
— Amit Dhingra, executive vice president at NTT
Telecommunications
"Roughly 31%, or 5 billion of the 16.7 billion malicious transactions targeted unknown, unmanaged and unprotected APIs, commonly referred to as shadow APIs in the first half of 2022, making it the top attack vector. That is because shadow APIs are relatively easy for attackers to discover by analyzing an organization's exposed APIs and then simply fuzzing or modifying the values, enumerating through other API endpoints on different versions, under different hostnames to find other API variants.
In 2023, threat actors will seek to build off this momentum to exploit telecommunications companies that lack visibility into APIs due to their many sub-companies and partners. Blended with the rapid adoption of new technology telecom companies face, a global telecom organization will experience a major data breach thanks to a shadow API that impacts millions of users’ information and results in subsequent breaches."
— Aakash Tiwari, senior security engineer at Cequence Security
Workforce development
"Talent will continue to search for flexibility and the opportunity to work anywhere but for employers, a rising need for connectivity across a multitude of devices no matter wherever they are will require a greater emphasis on edge computing."
— Amit Dhingra, executive vice president at NTT
"The cybersecurity skills gap that has plagued the security community for the last several years won’t be closing any time soon. Research reveals that 80% of organizations suffered from at least one data breach in the past 12 months due to a lack of cybersecurity talent or awareness. The public sector is especially at risk, with more than 700,000 unfilled cybersecurity positions as of July 2022.
In 2023, the inability to hire and retain appropriate talent to defend against a high volume of attacks will leave the public sector highly vulnerable. To fill the widening cyber skills gap, the public sector must improve compensation packages to prevent losing talent to well-paid roles within the private sector, as well as expand diversity within their workforce."
— Sachin Bansal, Chief Business Officer of SecurityScorecard
"PaaS will make a major resurgence. Companies are scaling back after a frothy period in the industry, and adopting a PaaS can slash hiring costs by reducing the number of workers required to maintain infrastructure. Moreover, an increased focus on automation will see SREs coalesce into internal platform teams."
— Uma Chingunde, vice president of engineering at Render
