The scale of cyberthreats are growing, spilling into the mainstream. In 2023, expect the spotlight to add pressure to businesses that have underinvested in security.

There are a few certainties in cybersecurity: ransomware will cause headaches for companies; third parties will spark cyber incidents; and every December, cybersecurity analysts will put together lists of their predictions and trends they believe will have an impact in the coming year. 

Most of the predictions are designed to help organizations build out their security programs, but every so often a trend will build slowly over time until its impact is clear.

Sometimes these trends will reach far beyond an individual company and impact society at large. 

Here are some of the biggest trends Cybersecurity Dive is watching this year. Are there any security patterns you are watching closely? Email us at cybersecurity.dive.editors@industrydive.com.

The global impact of state-sponsored activities

State-sponsored threats trend every year, but as we begin 2023, those threats have a different, more menacing, feel to them. The countries responsible for much of the state-sponsored activity — Russia, China and Iran — are embroiled in conflict. 

“In the past year, we’ve seen [Russia’s] invasion of Ukraine; a worsening of the relationship between China and the West combined with tightening control by Xi Jinping and further pressure on Taiwan; and a growing concern in Iran about dissident activity and pressures on the regime both internally and abroad,” said Mike McLellan, director of intelligence for the Secureworks Counter Threat Unit. 

All those factors affect state-sponsored threat group tasking and activities and will be reflected in what they do in the coming year.

“While cybercriminal threats such as ransomware are an ‘equal opportunity’ risk for organizations lacking robust cybersecurity defenses in all sectors, state-sponsored threats can be more targeted,” said McLellan. 

As political tensions rise in these countries, it is expected that nation-state actors will use that to their advantage to broaden their attacks. 

China, for example, is often interested in obtaining intellectual property from high-tech targets, and there is concern that other Russian groups will carry out large-scale covert foreign intelligence gathering activities, spurred by concerns about Russia’s general standing in the world.

Certain sectors or countries have always been at greater risk of state-sponsored attacks, but 2023 may be the year that risk against critical infrastructure sectors, government, and high-tech companies escalates — especially if a nation-state sees outside interference.

Resource : https://www.cybersecuritydive.com/news/cyber-security-trends/639480/