What lies ahead for cybersecurity in 2023? SentinelOne’s researchers and thought leaders offer their predictions for the coming year.
Consolidation, But Not At All Costs
The sheer number of cyber-security products covering different surfaces and use cases means that customers are looking to consolidate when and where possible. With that said, there are many sides to consolidation – security teams will not satisfied with just “buying more products from the same vendor vs multiple vendors” or “pushing everything to one data-lake” – they will demand holistic workflows, unified agents and cross-product synergies that actually deliver value that is greater than the sum of its parts when consolidating around a platform as opposed to endless point solutions.
Demand for More Vendor Collaboration
As much as we expect consolidation, customers will always end up using more than one vendor. We’re already seeing security teams demand more integration and more value from the collaborations between vendors. Gone are the days when a “technological alliance” could mean little more than a shared video. In 2023 this will range from a demand for integration across more types of use-cases and standardization of data models to a very legitimate expectation that every new vendor will not only provide value on its own but also help extract more value from the existing products in the security stack
SOCs to look for alternative solutions for Analytics and Data Storage
SOCs will start looking for alternative solutions for Analytics and Data Storage that make more sense in terms of cost, scale, performance and ease-of-use. They’ll be looking for improvements across the board – from “How we get the data in” to “How we can access historical data”, “How fragmented the data will be” and ultimately “How much does it cost”.
Cost Will Be a Driving Force
The economic turmoil will pressure enterprises and organizations to save on costs and be more effective. As a result, expect more consolidation of pinpoint tools and teams and more utilization of growth and efficacy enablers like moving to the cloud.
Prediction: With less security budget, efficiency-driven products will strive. The cost will become the main consideration for cybersecurity programs.
We Are Entering A Golden Era of Social Engineering
As we’ve seen in the Cisco breach, it’s enough to compromise a user to gain access to the entire network. With social networks, multi-tasking, and the evolution of devices around us, it just makes sense for adversaries to keep investing in social engineering.
Prediction: Phishing is a problem that is not solved and will continue to be a leading factor in compromising identities.
Deep Fakes Will Enhance Social Engineering
As we get better at defending the endpoints, threat actors will need to up their game in order to penetrate harder targets. Social engineering remains a popular vector of attack, especially as workforces continue to remain decentralized and remote. Increases in computing power and availability of AI/ML engines will accelerate the effectiveness and authenticity of social engineering attacks through audio and video.
Lapsu$ Shows Flaws in Adult Thinking
Lapsu$ have caused a lot of disruption. This was a group of 16-21 year olds who out thought and outwitted some of the most sophisticated cybersecurity defenses and professionals in the world. How? Because it doesn’t matter how we look at the problem. It only matters how our adversaries look at the problem. Expect more attacks and disruption by younger threat actors who refuse to limit their thinking to the proverbial way of doing business.
No More Hiding Behind Our Macs
Indicators of what we might expect in 2023 can be read in the tea leaves of our roundup of macOS threats in 2022. The year just ending saw something rare in the macOs threat landscape become common: the inclusion of Mac payloads appearing in numerous cross-platform attack frameworks. While this wasn’t entirely unheard of in the past, it was not the norm, and Mac payloads were generally poorly written, unreliable and, frankly, unsuccessful.
More attacks on macOS and unpatched Macs
In 2023, expect to see threat actors target macOS more successfully with cross-platform malware and to expend more effort on finding windows of opportunity to compromise unpatched Macs with known bugs.
Deploying a native Mac security solution is the default first step to combating the increased attention of threat actors on high-interest targets like developers and senior management in 2023.