2023 in the Cyber World: A Year of Challenges and Progress
2023, a year characterised by significant challenges and progress, marked a turning point in the cyber security landscape. This review highlights the central moments and developments that have shaped information security and our work as security experts over the past year. From the increase in sophisticated cyber attacks to innovative protection strategies, here are the most important features we have observed.
- Increase in cyber attacks: 2023 was characterised by the increased frequency and sophistication of cyber attacks. The threat landscape has evolved and organisations face an ever-increasing number of sophisticated attacks.
- Shorter and more concentrated: The period between the first successful intrusion into a network and a large-scale assault, such as a ransomware attack, has fallen drastically. What would take several weeks a few years ago may now only be a matter of hours.
- Ransomware as a persistent threat: Ransomware attacks continue to be one of the biggest threats that companies face. Attackers’ tactics have become more complex and ransom demands have reached new record levels. Companies have had to invest more in security measures and backup strategies to protect themselves against ransomware and avoid having to pay ransoms.
- Importance of supply chain risk management: Attacks that revolve around compromising suppliers have become more frequent. The security-centred selection and continuous monitoring of (key) suppliers has become a central issue.
- Stricter regulatory requirements: Data protection and security regulations have been further tightened (rev DSG; ISO/IEC 27001:2022). We have been able to go to considerable lengths with our customers to ensure compliance with these regulations. The fully revised FINMA Circular 2023/1 “Management of operational risks and ensuring resilience” comes into force on 1 January 2024 and tightens up the requirements for the management of ICT, cyber risks and operational resilience.
- Integration of information security and data protection: As the significance and sensitivity of data continue to rise, coupled with an escalating risk of malware and IT system attacks, the need for a closer link between information security and data security has increased. This year, we have made significant progress in the transition to an integrated management system that takes comprehensive account of both information security and data protection.
- AI-supported information security: The use of artificial intelligence (AI) and machine learning in security solutions is increasing. These technologies help to detect anomalies and suspicious behaviour earlier, allowing companies to respond to threats more quickly. The benefits of AI can also be seen in many other business processes – albeit not always in a controlled manner. The need for clear framework conditions and guidelines is therefore becoming increasingly important to guarantee data security and data protection.
- Shortage of skilled labour: The skills shortage in information security remained a challenge in 2023. Organisations continue to struggle to find and retain qualified security experts – including CISOs – in the long term.
- Poor implementation of cyber-hygiene best practices: Studies indicate that the failure to apply best practices to ensure basic resilience is still one of the most common causes of compromise. This includes deficient vulnerability management, insufficient separation of privileged access rights, insufficient or absence of network segmentation, using standard configurations in hardware and software and insufficient monitoring for suspicious activities.
- Digitalisation and automation of business processes continue unabated: Companies continue to utilise new technologies with the aim of making their processes more efficient. However, this entails additional challenges in terms of information security and data protection.
What Does the Future Hold? Cyber Security Trends for 2024 and Beyond
As we approach the new year, indicators in cyber security suggest change is afoot – both in positive ways, such as more effective defence strategies, and in concerning ways, such as the evolution of the threat landscape. The following outlook focuses on the trends, challenges and innovations that we can expect in the near future.
- Multi-factor authentication (MFA) becomes standard: MFA is increasingly becoming the norm for access security in order to minimise the risk of cyber attacks. There is also growing interest in biometric authentication methods, which offer additional security.
- Alternative to passwords: The use of what are termed “passkeys” affords significant potential as a secure and convenient alternative to passwords. This method is supported by a growing number of online services. However, interoperability issues between different services pose challenges at the present time.
- Security-by-design: Security is increasingly being integrated into the development of software and systems from the outset (security-by-design). DevSecOps practices, in which security aspects are integrated into the development process, continue to gain significance.
- Cloud security: As the use of cloud services grows, CISOs are increasingly focusing on cloud security and compliance in the cloud environment.
- Co-operation with external partners: Organisations will work more frequently with external partners, including security service providers and authorities, to guard against threats more effectively.
- Digital networking of supply chains: Cooperation with key suppliers will continue to intensify and companies will work more closely together to leverage synergies. The result will be greater networking of digital structures, leading to an increase in complexity, interdependence and a latent risk of supply chain attacks.
- Security awareness and training: Employee training on security risks will be a central factor in the future. Companies need to invest more in comprehensive security awareness and training programmes to reduce human error, which is a common cause of security breaches.
- Quantum computers as a threat: As the development of quantum computers progresses, the encryption of data becomes more vulnerable to attacks. In order to protect against this threat, it will therefore be essential to agree on new post-quantum encryption algorithms and methods and to adapt existing systems accordingly.
- Zero trust as standard: Zero-trust security models are increasingly establishing themselves as the standard for companies. Our experience over recent months shows that neither network components nor users will be automatically considered secure in future and therefore require constant identity and security checks.
- Security for the Internet of Things (IoT): A as IoT devices and other cyber-physical systems spread, the challenge of keeping them secure grows. The networking of everyday objects and industrial systems opens up new attack vectors for traditional information and communication technologies. The integration of IoT security protocols into existing monitoring systems (such as SIEM) will therefore become a key element of the security strategy.
- Ethics and data protection: The ethics of information security are taking more of a front seat. The processing of data and the protection of the privacy of employees and customers are becoming key issues, both from a regulatory and an ethical perspective.
- Security automation: The automation of security tasks will continue to increase to enable an appropriate response to the growing frequency and speed of cyber attacks (some of which are also automated). This requires investment in solutions for security orchestration, automation and response (SOAR).
- Decentralised identity management systems: The management of identities and access rights is becoming more complex. Decentralised identity management systems based on blockchain technology could increase in importance as they can improve security and control of personal identity data.
- Cybercrime and geopolitical tensions: Cybercrime will increasingly play a role in geopolitical disputes. Companies must therefore be increasingly prepared for attacks by state-supported actors and politically motivated cyber attacks.
- Security with artificial intelligence (AI): AI-supported security solutions are increasingly being used to identify and fend off attacks in real time. At the same time, the security of AI models themselves is becoming an important issue as they can also be the target of cyber attacks.
The Bottom Line: Cyber Security Is an Ongoing Journey
Information security remains a dynamic and constantly adapting field. It is crucial for CISOs and security experts to remain agile and to stay abreast of new threats and technological developments. This is necessary to ensure the integrity, confidentiality and availability of data and systems, taking the constantly changing threat environment into account.
Stay Up to Date With Our Cyber Security Blog
Would you like to keep receiving the latest analyses, trends, tips and exciting insights from our cyber security experts? Then you shouldn’t miss any of our blog articles. Subscribe to our blog updates now and receive the latest articles delivered conveniently to your inbox!