What is the future of cybersecurity?

When looking ahead at the future of cybersecurity, there’s one major caveat to keep in mind: it could all change in a moment.

Year after year, the industry changes. Cyber threats evolve, and the tools that defend against them mirror those changes, evolving in their own right to better defend increasingly complex networks. Here's a quick snapshot of that evolution:

So: what's next?

We’ve explored how cybersecurity changed in 2022, threats to keep an eye on, and security trends small businesses should watch for, and now it’s time to look further ahead. In this blog, Field Effect’s experienced analysts share their thoughts on what the future of cybersecurity may look like.

Cyber threats that will remain an issue

Certain attack tactics are bound to stick around—and that’s because they work. These are the threats that our experts believe still pose a serious cybersecurity risk.

Are you worried about your threat surface?

Covalence offers peace of mind when it comes to cybersecurity. Its holistic threat monitoring, detection, and response capabilities and actionable threat alerts make it easy for companies to take charge of their defense.

Increase in cyber activity related to the Ukraine-Russia conflict

Unfortunately, 2022 began with major changes that had wide-reaching implications in the form of the Russia-Ukraine conflict. After nearly two months of tension, Russian troops amassed on the Ukrainian border and invaded, leading to a widespread and prolonged conflict.

The invasion was preceded by coordinated cyberattacks on 70 Ukrainian government websites, compromising 10 and defacing them with threatening messages; further activity targeting Ukrainian systems involved a wiperware campaign in February of that year.

It's hard to understate the severity and reach this conflict has had on the cybersecurity world at large. Businesses everywhere have had to look closely at their digital supply chains to ensure they’re not dependent on partners or providers directly linked to or impacted by the conflict; what’s more, it’s widely accepted and expected that cyberattacks on Ukraine’s allies and supporters will continue.

The current status quo represents a dramatic shift in the cyber threat landscape, one whose full effects are still being understood. The existing cybercrime economy has been transformed by this conflict, and new threats continue to emerge. The Ukraine-Russia conflict will likely dominate numerous cybersecurity conversations in 2023 and beyond.

Threats to remote and distracted workers

The most apparent “normal” cybersecurity challenge revolves around remote work. With the hybrid office model here to stay, remote work (and the cyber risks it brings) will remain prevalent.

Malicious actors look for vulnerable or misconfigured systems that connect to the internet—a much easier task after companies encouraged remote work due to pandemic concerns.

“The biggest cybersecurity trend this year is the shift toward working at home,” says Ernie Sherman, a Field Effect partner and the President of Fuelled Networks, a managed IT and security services provider that helps companies plan, manage, and align these services with their customers’ business strategies.

“The challenge this brings is that we can no longer assume that corporate resources are protected by perimeter security; we need to adopt a zero-trust model and assume that corporate resources and unsecured devices are sharing the same space and need to be secured accordingly."

Cybercriminals have also been taking advantage of preoccupied or distracted remote workers and may continue to do so.

Cybersecurity is not just for enterprise organizations

Covalence was built with small and medium businesses in mind: easy to use and budget for, without compromising on power. Read about how it can help SMBs to address the growing threat surface.

Highly targeted cyberattacks

The last few years have been transformative for the cybersecurity industry—including the bad guys. The rapid digital transformation brought about by changing office environments has given attackers a greater opportunity to target victims.

Because of the growing cybercrime-as-a-service (CaaS) economy, attackers can now rent or buy tools for an attack. This has freed up time to research and strategically target companies more likely to pay a ransom or otherwise provide a better return on investment.

With regulations like the General Data Privacy Regulation (GDPR), Personal Information Protection and Electronic Documents Act (PIPEDA), and California Consumer Privacy Act (CCPA) now in full force, data breach victims may face fines should confidential data become exposed. Attackers are exploiting this, adjusting ransom demands accordingly to make paying up more appealing than paying the regulatory penalty.

Are you prepared for tomorrow’s threats?

Dive into the past, present, and future of cybersecurity with The State of Cybersecurity eBook.

Download now

Abuse of open-source and legitimate tools

Dual-use tools are continuously supported and developed by legitimate penetration testing communities and thus prove effective for a variety of complex attacks that would otherwise take years to develop and test.

Several recent leaks of major malware that took years and millions of dollars to develop have proven that off-the-shelf tools are often more cost-effective and are easier to hide in the noise of network activity.

Ongoing disinformation campaigns

The past two decades have revealed a growing demand for information. Widespread adoption of social networking sites and applications has given users everywhere a way to access news and a wide variety of content—but they’ve also made it easier for malicious actors to exploit this need for information.

These actors manipulate content, images, and videos to pursue their political agenda. Deepfakes, bots on social media, and other tactics are frequently used to spread false information or otherwise influence opinion. This is particularly evident in the immediate cyberwarfare efforts resulting from the Russia-Ukraine conflict as deep fakes and AI-enabled disinformation have been put to regular use for malicious purposes.

Cybersecurity roles likely to remain unfilled

The cybersecurity talent gap has long been a topic of discussion within the industry, and it’s not going away any time soon. A recent report by (ISC)² found that the global cybersecurity workforce grew by 11% in 2022, and the talent gap continued to grow by 26.2%.

Demand vastly outpaces the supply of cybersecurity professionals as the need for talented staff rises throughout every sector. Cybersecurity has become a major concern for businesses everywhere. Labour market data company Emsi analyzed cybersecurity job postings and found that for every 100 openings, there were fewer than 50 qualified candidates.

What’s next for the cybersecurity industry

Cybersecurity spending is unlikely to slow down any time soon. The International Data Corporation (IDC)forecasts that worldwide cybersecurity spending will reach $174.7 billion in 2024, with security services the largest and fastest-growing market segment.

The rise in cyberattacks, especially ransomware, has fuelled the cyber insurance market. GlobalData, a leader in data and analytics, predicted that the industry would hit $8.92 billion in 2021 and more than double to $20.6 billion by 2025. Yet change has come to insurers offering coverage for cyberattacks.

Data privacy regulations heat up

The regulatory landscape continues to develop, even years after the introduction of the GDPR and CCPA. Both regulations have proven to be influential, shifting the conversation around data privacy away from harm prevention and towards the protection of rights.

The European Union–United States Data Privacy Framework, introduced in late 2022, creates further controls and protections for individual data rights, such as the transfer of data between the two regions and the surveillance policies of various intelligence agencies. The EU–U.S. Data Privacy Framework is still under review by the European Commission.

In the United States, four additional states are following California’s lead with the CCPA and introducing state-level legislation of their own, due to take effect in 2023—Colorado, Connecticut, Virginia, and Utah—and 20 states have inactive data privacy regulations that could be revived.

Likewise, numerous Canadian provinces have introduced additional privacy legislation, such as Quebec’s Bill 64. This legislation, along with proposed laws in British Columbia, Alberta, and Ontario, is giving authorities greater power to address data breaches and privacy concerns. These laws create further responsibilities for organizations headquartered or handling data within the province that go beyond existing PIPEDA controls.

Growing insurance requirements

Once upon a time, simply having a cyber insurance policy in place was more than enough, and insurers could be counted on to simply cover the costs of an attack without question. Yet amidst the global coronavirus pandemic and the resulting surge of cyberattacks, insurers became far more stringent, suddenly leery of simply footing the bill for every attack—“Gone are the five-question applications,” said KPMG analysts.

Premium rates increased the board, contributing to the growth of the industry; in 2021, the estimated value of the cyber insurance market was US $12.83 billion—and by 2029, it is expected this will increase to $63.62 billion. However, this growth came at a price: small and mid-sized businesses (SMBs), already forced to stretch every dollar, were stuck with the bill.

2023 brings with it good news, though. After this unsettled period, the market looks set to stabilize, albeit with the caveat that it’s not returning to pre-pandemic accessibility. Underwriters everywhere will be far more judicious and demanding when offering coverage, expecting to see some degree of cybersecurity maturity from their clients.

Businesses looking to access the protections offered by a cyber insurance plan should expect greater scrutiny of their cybersecurity program, including some detection and response capabilities and evidence of ongoing education and awareness efforts.

AI in cybersecurity

Artificial intelligence (AI) has become a buzzword in industries everywhere, and cybersecurity is no exception. We’ve all seen the transformative potential of these tools—as well as the outlandish promises and claims that AI will solve all our problems.

The truth of things is that most so-called AI is, in fact, a machine learning system that has been trained to identify specific patterns. The future of AI in cybersecurity is not quite as magical as slick marketing and sales speak would have you think.

While automation is necessary to handle the sheer volume of threat data modern solutions ingest, human intelligence is just as important—if not more so. All that data needs to be interpreted to spot emerging threats and stop attacks in their tracks.

Looking ahead into 2023 and beyond, expect to see renewed interest in applying so-called AI or machine learning to reduce the amount of manual effort needed to parse the vast quantities of alert data generated by cybersecurity tech stacks.

New and emerging cybersecurity trends

There are a growing number of trends and potential threats that businesses should continue to keep an eye on, regardless of size or industry.

Cybercrime-as-a-service (CaaS)

The cybercrime-as-a-service economy puts the accumulated knowledge and tools of thousands, if not millions, of hackers and cybercriminals at the fingertips of an individual attacker. This makes it easy for inexperienced hackers to rapidly stage complex attacks. CaaS marketplaces continue to operate despite several major takedowns by law enforcement agencies as malicious actors adapt their tactics and techniques to stay under the radar.

Malware automation

Malware attacks are increasingly automated, continuing a recent trend that has forced the cybersecurity industry to catch up. Security experts are no longer dealing with lone hackers testing their skills with hard-to-execute attacks. Now, hackers can use a machine to automate cybercrime activities, letting them execute thousands of attacks a day. Ransomware is so common that only the largest attacks seem to garner media attention.

Polymorphic malware

A greater number of malware variants now contain polymorphic characteristics, which means they constantly change their identifiable features to better hide from security teams and common detection techniques. Many CaaS offerings contain some element of code that can mutate so it can remain hidden.

Third-party risks and threats

As companies continue to ramp up their efforts and adopt digital technologies, many turn to third parties, outsourcing some IT and security support needs. As we’ve discussed before, reliance on third parties increases cybersecurity risks, especially for companies that do not have a strategy in place for managing these risks.

The human element

The one constant in cybersecurity is the human element. As Matt Holland, Field Effect’s co-founder, CEO, and CTO once commented, “The human element is often the problem the large majority of the time, be it clicking on a link or misconfiguring a network, and that is something I think goes understated.” Humans are always present in technology at some point, whether developing, configuring, or simply using it — and humans make mistakes. Education, training, and vigilance are necessary to help reduce the likelihood of a mistake having a serious impact.

Long-term cybersecurity concerns

Looking past 2023, there are a few threats and trends that may make up the future of cybersecurity:

The growing use of the internet-of-things (IoT)

In the next five years, the use of IoT technology will increase as more people use it in their day-to-day lives. According to data from IoT Analytics, there were 10 billion connected devices in 2019 and we could see that triple to 30.9 billion by 2025. For added context, 2019 was also the year that the number of IoT connections outpaced that of non-IoT.

Despite connecting to networks and other devices that access highly sensitive information, IoT devices continue to have relatively weak security controls. Many businesses already struggle to provide the added defense measures that will keep these devices (and everything they’re connected to) secure.

Focus on social engineering techniques

In five years, internet communications will likely become more secure, especially with the potential rise of quantum networks which will make network-based threats less relevant. One ongoing challenge is that of human error. Intentionally or not, employees will still enable data loss and attackers will still rely on social engineering tricks such as phishing and business email compromise.

The changing shape of financial fraud

Payment modernization means that financial transactions may become almost entirely digital, requiring support from various platforms and methods. These platforms will likely be less centralized, and regulations will take time to catch up.

This will expand the threat surface for financial institutions, resulting in more fraud-oriented security solutions focused on digital currencies, the blockchain, and real-time payment security.

Difficulty prosecuting cybercrime

Despite a growing number of countries prioritizing cybersecurity, a lack of attributable data for criminal acts conducted online will make it hard for law enforcement to prosecute cybercriminals.

A shortage of cybersecurity professionals will also contribute, making it harder to proactively find cyber threats.

The future of cybersecurity and threat detection

Looking ahead, a few themes around the future of cybersecurity appear.

For one, a greater focus on prevention and preparedness will be vital. Response planning for a security incident or data breach is necessary. Incident preparedness and response playbooks will likely become more commonplace. Employee training at every level will mitigate the role of human error.

Set your staff up for cybersecurity success.

Armed with The Employee Cybersecurity Handbook, your team can be a strong first line of defence.

Download the eBook

What's more, as regulatory concerns become more urgent, ensuring cybersecurity programs are robust enough to pass muster during audits or compliance assessments will likely be top of mind.

Businesses may want to focus on how they can secure their business today. Building a strong foundation of good cybersecurity habits and best practices is necessary as attacks continue to evolve.

It’s hard to look at the calendar and make predictions about what the future will hold, especially in an industry as complex and fast-paced as cybersecurity. But by taking the time now to build that baseline, you can set your business up for lasting success as changes arise and new threats appear—whatever they may be.

What’s in store for cybersecurity?

Find out what’s in store for cybersecurity—including emerging trends, insights, and predictions from the experts at Field Effect—in our eBook, The State of Cybersecurity