New beginnings provide an opportunity to plan. But planning for the unknown can be difficult.
That's why we asked Illumio experts and business leaders their thoughts on what to expect from the cybersecurity industry in 2023.
Keep reading to get their insights on what kinds of security industry changes, enterprise challenges, and leadership evolutions 2023 has in store.
1. Prepare for more ransomware attacks due to economic uncertainty
Economic data points to a recession in 2023. This economic uncertainty will be a boon for bad actors, says Illumio CEO and cofounder Andrew Rubin.
"Just as physical crime rates increase in times of crisis, economic uncertainty will create more opportunities for cyber criminals who will take advantage of an unstable market. Ransomware will continue to have major impacts on businesses, governments, and critical infrastructure," he explained.
Ransomware will also affect a greater number of businesses. Small and mid-sized enterprises - beware. Bad actors know smaller organizations oftentimes have fewer security resources.
According to Mario Espinoza, Illumio Chief Product Officer, 2023 will see "more targeted ransomware gangs go after smaller enterprises that have vulnerabilities they can easily exploit."
Get ESG research on the impact of Zero Trust on small and mid-size enterprises.
Which industries will be most targeted? Healthcare and energy.
Trevor Dearing, Illumio's Industry Solutions Marketing Director explains: "The current energy crisis combined with economic instability and pressure to cut costs will elevate energy and healthcare to the top of attackers' target lists. With services more critical than ever, these sectors will come under fire from both nation-state attacks and criminal gangs, as well as activist groups looking to stand up to those that continue to profit amid rising prices."
Find out how Illumio Zero Trust Segmentation protects healthcare organizations here.
These threats are coupled with organizations creating more workloads in the cloud with a (still) largely hybrid workforce. The pressure of rapid digital transformation in the last few years made it easy for organizations to overlook basic cybersecurity hygiene.
Espinoza expects to see an increase in security breaches as a result: "As cloud adoption continues to accelerate, we'll see more organizations leverage a lift-and-shift approach - moving an application and its associated data to a cloud platform without redesigning the app - tremendously increasing the attack surface in the cloud. Because of this, in 2023, we could witness an uptick in attacks targeting cloud infrastructure."
Learn how to secure the cloud against the spread of breaches.
Organizations will find that 2023 requires them to seek new ways to stop attacks from disrupting operations and maintaining the availability of essential services.
2. Expect consolidation of organizations' cybersecurity platforms
With an increase in ransomware and breaches - and the pressure of an economic downturn - expected in 2023, experts see organizations changing the way they measure the success of their cybersecurity investments.
The exponential increase in cyberattacks in the past year has shown that breaches are inevitable.
No longer can stopping breaches be the measure of a security platform's success; organizations will look for solutions that enable them to achieve cyber resilience, says Raghu Nandakumara, Senior Director, Industry Solutions Marketing at Illumio.
"As breaches become part of daily life, cyber resilience will become an industry-recognized metric for all companies to achieve and measure against. Stringent testing and the development of industry-wide metrics to benchmark what 'success' looks like will force organizations to think about their appetite for risk," explains Nandakumara.
The result: Organizations will consolidate the number of security platforms they're currently using.
"Decision makers are looking more closely at their investments and reevaluating vendors based on the value they can deliver to their business ‚Äî in tandem with tightening security budgets," says Rubin. "For some organizations, this will mean consolidating or eliminating certain vendors."
However, Rubin warns organizations against taking their consolidation too far: "This is not the time to take shortcuts when it comes to cybersecurity."
Nevertheless, the cybersecurity industry must prepare for these changes. Security companies will need to prove their ROI more than ever, especially as a recession looms.
In 2023, Rubin expects to see "more security teams realize that traditional prevention solutions, unable to prevent all of today's inevitable breaches, cannot provide reliable ROI alone. Instead, they need to make a major shift to breach containment to realize a reliable ROI in cybersecurity."
Get reliable ROI with Illumio Zero Trust Segmentation. Learn more here.
3. Take advantage of the tough economy to build future business success
Economic recessions leave few organizations unaffected - and this will be no different in the security industry. But experts encourage business leaders to turn 2023's economic uncertainty into a runway for their business's future success.
"We can expect this recession to cull some of the noise that we're seeing across markets. The companies that make it through will be leaner, stronger, and healthier because they have been focused on building more sustainable businesses during the tough times," says Anup Singh, Illumio Chief Financial Officer.
Building a business, especially a successful one, in the midst of economic uncertainty isn't an easy task. The role of cybersecurity leader will become even more difficult in 2023, says Illumio's Rubin.
"Security is a challenging and, at times, a thankless task," explains Rubin. "2023 will be a challenging year for CISOs around the world who have more work, more pressure, and less help."
But CEOs can - and should - take steps to ensure their security teams are supported.
"It will be critical for CEOs to get on board with an 'assume breach' mindset. Having the right tools and strategies in place to contain inevitable attacks will be critical for protecting not only an organization's assets but also its people in the age of ransomware," says Rubin.
Ultimately, flexibility and agility will make or break businesses in 2023.
"As we head into an economic downturn, we can anticipate that there will be plenty of changes to come," expects Illumio's Singh. "To practice flexibility, think through different scenarios as you plan your business. We know that especially in a recession, things change fast. You have to pay a lot more attention to managing risk, maximizing ROI, and maintaining operational excellence."
The good news? Businesses in the security industry - and all industries - have the opportunity to emerge successful and strong after an economic downturn.
"When times get tough, focus on the things you can influence and control. The ones that are able to make it through the next few months or even years will be the ones who are best able to adapt on the fly," encourages Singh.
Learn more about how Illumio Zero Trust Segmentation can contain inevitable breaches in 2023. Contact us today to schedule a demo and consultation.