IT disaster recovery, cloud computing and information security news

Dirk Schrader, VP of security research, and Michael Paye, VP of research and development at Netwrix believe that there are five trends that will impact cyber resilience and security developments in 2023…

The business of cybercrime will be further professionalised

The return of malware strains like Emotet, Conti, and Trickbot indicates an expansion of cybercrime for hire. In particular, the growth of ransomware-as-a-service is enabling criminals without deep technical skills to make money, either by extorting a ransom for decryption keys or selling stolen data on the dark web or to a victim’s competitors.

Accordingly, organizations should expect an increase in phishing campaigns. Vital resilience strategies include timely patching and updating of software, as well as locking down network access with multifactor authentication (MFA) and privileged access management (PAM) solutions.

Supply chain attacks will intensify

Modern organizations rely on complex supply chains, including small and medium businesses and managed service providers. Adversaries will increasingly target these suppliers rather than the larger enterprises knowing that they provide a path into multiple partners and customers. To address this threat, organizations of all sizes, while conducting a risk assessment, need to take into account the vulnerabilities of all third-party software or firmware.

Understaffing will increase the role of channel partners

Demand for cyber security professionals is far outpacing supply. This shortage of cyber security talent will increase risks for businesses as attacks become even more sophisticated. To overcome this challenge, organizations will rely more on their trusted security partners, such as channel partners, system integrators, MSPs and MSSPs

The human factor will become a top security concern

Users have long been a weak link in the cyber resilience chain, prone to opening infected email attachments, clicking malicious links, and other risky behaviour. Now, rapid advancements in social engineering and easy-to-use deep fake technology are enabling attackers to trick more users into falling for their schemes. Accordingly, comprehensive auditing of user activity will become even more crucial for spotting abnormal behaviour in time to prevent serious incidents. In addition, implementing a zero-standing privilege (ZSP) approach will help organizations prevent abuse of their most powerful accounts, either unintentionally by their owners or by adversaries who compromise them

Vendor consolidation will continue gaining momentum

To combat cybercrime, organizations keep investing into cyber security and resilience. But more tools don’t always mean better security — point solutions from different vendors operate separately, offer overlapping or conflicting functionality, and require organizations to deal with multiple support teams. To minimise the security gaps caused by this complexity, organizations are now looking to build a security architecture with a select, smaller group of trusted vendors, which offers the additional benefit of reduced costs from loyalty pricing. In turn, it leads to a faster return on investment (ROI) which is increasingly important in the current economic climate

Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.