Lessons Learned 2022 & Outlook 2023

Published

How do we adapt today, to protect ourselves tomorrow?

Written by Senadin Alisic, Strategy Advisor @ Combitech

The digital transformation and connectivity of society undoubtedly brings benefits, but also complex risks. Coupled with complicated digital supply chains and an evolving global threat landscape, businesses today are facing some of the most pressing cybersecurity challenges of our time. In a digital and complex ecosystem, it is important to prioritize cybersecurity practice to protect against potential threats.

Even if we have made some progress in 2022, there is still work to be done to educate, enhance our ability to respond to attacks, and grow confidence in our organizational cyber resilience. We must move from only responding to existent attacks, to a more pro-active protection against potential future threats. A more solid cybersecurity operating model should be considered for all organisations.

We need to ask ourselves: how do we adapt today, to protect ourselves tomorrow, with business leaders taking the lead in the developmen of new capabilities for the organization.

2022 has been an extraordinary year in cybersecurity. While we have seen positive advancements in technology and regulatory protections, we have equally experienced stark reminders of the role cyber can play in creating significant disruption to everyday lives. Here are some of my predictions on what will become priorities for organisations the coming year.

Policy and regulatory change

We can expect greater coherence and coordination of like-minded governments around the world, working together on regulating cyber and technology as they realize that reinventing the wheel is not an effective approach.

Geopolitical instability and the threat landscape

We can expect that the threat from ransomware remains, but that cybercriminals shift from data encryption to data exfiltration.

Technological development

The datafication challenge for organizations will increase, particularly the processes for collecting and sorting data at scale. We can expect technological advances in how to manage these challenges, and we can expect an increase in trends like “policy as a code” and “security as a code”.

Market change

Organisations struggle to manage the increasing amount of cybersecurity products. In 2023 we can expect that they will want to use fewer, more comprehensive, cybersecurity technology products, especially for cloud security.

Smart City Development

We can expect an exponential growth in smart city solutions, and most of the solutions will be underpinned by sensor-based networks. The proliferation of smart city solutions and the number of vendors involved means a potential lack of governance and oversight that must be addressed.

Industrial advancement

Industrial Internet of Things is transforming factories into smart factories (microcosm of a smart city). This transformation opens up to new threats and vulnerabilities and creates new cybersecurity risks including increased attack surfaces.

Government laws and policies

There are some very significant regulatory changes coming throughout 2023 and 2024 across e.g. financial services. They all circle around the operational resilience of financial services and the supply chain.

Supply chain complexity, threats and risks

Industry supply chains has been in the spotlight globally as an area of cybersecurity weakness and source of potential compromises against organisations. We can expect more cybersecurity regulations emphasised at improving the cyber resilience of supply chains.

The cyber treats facing public sector

We have seen an increase in cybercriminals targeting municipalities and the educational sector. Relatively immature cybersecurity controls made these sectors easy targets. Unfortunately, we can expect to see similar cyber threats in 2023.

Bridging skills, services, and security gaps

As the pace of the digital transformation increases, we will experience an even greater shortage of workers with the right skills, particular in cybersecurity.

To summarize, the year ahead will be an eventful one. If 2022 made us aware of the challenges and opportunities of digitalising our society, 2023 will certainly be a time of acting and ensuring that we continue towards a smarter and more resilient society.