2023 Will Be the Year of New Technology and 2 Other Lessons Learned from 2022 These are the top security concerns, priorities and next steps following a year of C-suite conversations.
By Scott Lundgren Edited by Kara McIntyre
Opinions expressed by Entrepreneur contributors are their own.
As the new year gets into full swing, business leaders continue to become more involved with and concerned about security. The increased attention should come as no surprise, as simultaneously, cyberattacks have skyrocketed, with 65% of cybersecurity professionals saying the volume of attacks has significantly increased since Russia invaded Ukraine a year ago.
Against this stark backdrop, I've spent 2022 speaking with dozens of entrepreneurs and business leaders — from early-stage startups to public enterprises — about their primary security concerns, reflections following their shift to the cloud, as well as actions to take in 2023 to bolster their security posture. Here are the key learnings.
Related: Cybersecurity Is No Longer An Option. Your Money Is in Immediate Danger.
1. The more things change, the more they stay the same
As 2022 witnessed new attack methods from cybercriminals — like the malicious use of deepfake technology to compromise organizations — it also brought about older, more traditional security concerns that have resurfaced with a vengeance.
First, ransomware made news headlines and caused major business disruption yet again. The Verizon Business 2022 Data Breach Investigations Report found that ransomware increased by 13% over the past year, representing an uptick greater than the past five years combined – with no relief in sight for the next year ahead. Typically, defense evasion is one of the most common tactics used by popular ransomware families like REvil and DarkSide, with encryption and obfuscation techniques then being used by the attackers to hide their code and data while in environments, enough to keep any business leader up at night.
Additionally, many organizations shifted to multi-cloud environments, which means adopting a cloud-native approach as part of business operations. This, in turn, means more open-source upstream projects, creating a greater reliance on the supply chain. Cybercriminals also took advantage of this trend in 2022, targeting weak points of entry through third-party supply chain providers to gain the keys to the kingdom of a larger or more valuable organization. This method, known as island hopping, will continue to be a primary attack tactic by cybercriminals in 2023, as organizations learn you're only as secure as the weakest link in your supply chain.
Related: Cybersecurity is Now Essential to Corporate Strategy. Here's How to Bring the Two Together.
2. Business continuity remains paramount
As generalists, business leaders across the board have expressed one priority against the evolving threat landscape: Are their systems up and running? Business continuity, especially amid a security incident, is paramount to the organization's success — every minute that a system is down means more lost revenue. During a period when economic experts predict a recession is near, organizations simply cannot afford to have their IT systems down for any amount of time.
Business continuity is especially critical in the case of ransomware preparedness. Today's organizations must operate under the assumption that they will be hit by ransomware. When that happens, it's not just about recovering, detecting and protecting data but also the ability to ensure business continuity with minimal data loss or disruption and minimal downtime. This can be done by staying up to date with patches, increasing visibility for teams through tools and collaboration, as well as implementing XDR, or Extended Detection and Response, into the master security plan.
3. A year to embrace change and simplify operations
A final unifying theme I found after speaking with several business leaders is that 2023 is finally the year to digest the sea of technological changes that the past decade has brought. For nearly a decade now, business leaders have been warned of increased, evolving cyber threats and as a result, many of them have increased security spending on tools and resources to adapt to the heterogeneity. This created a lot of noise amid a massive transformation period in security.
Then, more recently, business operations shifted to the cloud. This change was viewed as a one-way street; there's no going back, it's here to stay forever. Now, as organizations better understand their infrastructure and become accustomed to the cloud, it's time to embrace the change and better streamline operations to adapt to the circumstances.
Related: 10 Business Strategies and Trends to Consider in 2023
As budget constraints hamper businesses worldwide, this also serves as a driver to operate more efficiently. Leaner doesn't always mean weaker, especially when evaluating the security arsenal. Now is the time when organizations can trim costs on shiny security tools that simply don't do it all, and reduce the number of vendors in the tech stack, ultimately leading to increased visibility. Less is more, especially when it comes to bolstering security posture amid a time of constraint.
With 2023 upon us, it's important to reflect on the past year - but not let it hamper the outlook for the year ahead. As business leaders, let's continue innovating, transforming and better serving customers, all without sacrificing security.