From the war in Ukraine and accelerating global inflation to ongoing supply chain issues and a looming recession, 2022 was an eventful year. As we know from monitoring data security trends, breaches, and attacks, last year was particularly momentous from a cybersecurity perspective. Perhaps most prominently, Conti crippled Costa Rican infrastructure with a series of targeted terroristic cyber-attacks.
Infrastructure in the United States was also threatened. Both major healthcare providers like Kaiser Permanente and localized medical record databases sustained major data breaches. Vice Society leaked an enormous cache of sensitive data when Los Angeles Unified, our second-largest school district, refused to pay ransom after a cyberattack.
Corporations and small businesses suffered, too. Student loan servicers, social media platforms, rideshare companies, and e-commerce sites were also victims of data breaches and other cyberattacks in 2022. From Otka to GitHub, there were many software supply chain attacks across the globe.
Given all the above, it’s no wonder that both cyber insurance premiums and policyholders have increased dramatically over the last year. In 2023, the spotlight on cybersecurity will continue to grow wider and shine brighter. From renewed focus on zero trust architecture to the economic future of cyber security firms, the conversation has only just started.
Whether you’re a small business owner, government official, or shareholder in a major corporation, there are dozens of data security trends to track. Below are five of the many data security and data storage trends we expect to see in 2023.
Data Security Will Be an Ongoing Issue for Companies with Remote Workers…
87% of workers choose “to work flexibly” when given the chance, so remote work is likely here to stay. Unfortunately, remote work poses several inherent data security risks. With resources spread thin and employees dispersed across the globe, remote work presents a much larger attack surface for cyber criminals to exploit.
According to IBM’s Cost of a Data Breach Report 2022, “costs were an average USD 1 million greater…when remote work was a factor.” This amounts to a difference of $4.99M versus $4.02M USD. The latter figure reflects the cost of data breaches when remote work was not a contributing factor.
Data security was lost in the shuffle as companies scrambled to adapt during the pandemic, but those major security gaps are now painfully obvious. In 2023, we expect companies with remote and hybrid workforces to allocate more resources to encryption, data storage, and other security measures.
…But More Companies Will Utilize Zero Trust Architecture to Resist Cybersecurity Threats Posed by Remote Work
Next on our list of the top cybersecurity trends for 2023 is increased implementation of zero trust architecture. This approach means access to such resources is limited solely to verified users who absolutely must utilize those assets. Those users are authenticated in multiple ways, and their access is constantly re-evaluated to ensure data is secure and uncompromised.
In its many forms, a zero trust architecture is designed to protect against external data breaches and unauthorized internal data sharing. Zero trust should fill the many security gaps left open by VPNs and other data security measures.
Zero trust consistently permeates conversations about cybersecurity threats posed by remote work. In an article for Forbes, Jeff Abbott explains why the zero trust approach appeals to companies with remote and hybrid teams. Abbott writes that zero trust allows companies to eliminate “standard password protection…a leading cause of phishing schemes.”
With zero trust, many security measures are automated. This means companies need not rely so heavily on employees to make the best cybersecurity decisions.
Large-Scale Data Security Breaches Will Impact Major Corporations, Healthcare Providers, and Government Agencies
Major corporations, healthcare providers, and government agencies were all impacted by large-scale data security breaches in 2022. With more attack vectors than ever before, cyber criminals have every opportunity to cripple infrastructure and impact our daily lives.
If the Conti and Vice Society attacks are any indication, cyber criminals are becoming more brazen, and the consequences are becoming more dire. While we should expect such large-scale data breaches to continue in 2023, as they seemingly already have, the world is paying closer attention.
Thankfully, government agencies and other leaders are taking initiative. Back in March, President Biden proposed a massive increase in the federal cybersecurity budget for 2023. According to Eduard Kovacs in an article for Security Week, Biden requested “$10.9 billion for civilian cybersecurity-related activities.” Biden’s proposed cybersecurity budget for 2023 is 11% greater than last year’s budget.
Federal and State Governments Will Publish Additional Cybersecurity Guidance for Securing Data at Rest
In addition to spending more on cybersecurity, we also expect government agencies to implement ZTA strategies and educate the public about cybersecurity practices. Last year, President Biden signed the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA). This law requires certain companies to report cyber incidents to the CISA within a reasonable amount of time.
We anticipate Congress will pass additional legislation in 2023. In addition, government agencies might release research results and publish further guidance for private citizens and corporations alike.
Data Security Firms Will Weather Any Recession
Despite decelerating inflation, economists are mixed on whether we’ll experience a recession. Certain industries — i.e. real estate development, retail, and hospitality — typically suffer during periods of economic downturn. Some survive, while others thrive. Given the many threats, skyrocketing demand, and growing spend, data security might be one of those “recession-proof” industries.
More companies are viewing cybersecurity as a necessity – an unavoidable cost of doing business. Quoted by Sydney Lake inan article for Fortune, Steve Morgan of Cybersecurity Ventures underscores this. Morgan tells Lake that “‘cybersecurity is mandatory…without digital protection, a business will go out of business.'”
According to this resource from Boise State’s Institute for Pervasive Cybersecurity, the cybersecurity industry is thriving and shows no signs of slowing down. To this point, “global spending on cybersecurity products and services will accumulate to $1.75 trillion between 2021 and 2025.”