The cyberattacks we saw across industries last year are a sharp escalation to the disruptive threats facing businesses. In 2022, cybercriminals targeted critical infrastructure with ransomware attacks. They also continued to find new ways to exploit the cryptocurrency boom, hybrid working, and, more recently, unsecured APIs.
As per Palo Alto Networks’ latest ‘What’s Next in Cyber Survey,’ almost all respondents admitted their organization experienced cybersecurity incidents and data breaches in the past year, 11 on average. However, a cause of concern is that only 2 in 5 say their board’s recognition of cyber risk has increased significantly alongside accelerated digitalization strategies.
Palo Alto Networks’ 2023 APAC cybersecurity predictions feature the top 5 insights from our leaders to help organisations pursue a more secure future. In cybersecurity, predictions are highly relevant because, apart from the attacker's behaviours, they consider a broad view- from technology to workplace trends and evolving laws and regulations.
Sean Duca, vice president and regional chief security officer, Asia Pacific and Japan, Palo Alto Networks, said, “The fluidity of today’s cyberattacks will require business leaders to reimagine their cybersecurity approach constantly. Leaders must consider innovative solutions, technologies, and approaches that outperform traditional mechanisms. Organizations have much to consider in 2023, but remaining vigilant and aware will empower them to defend against the evolving threats.”
“From prevention-first Al to adopting Zero Trust strategy and architecture, it will be imperative to adopt the broadest and deepest cyber expertise and threat intelligence into their defences to stay ahead of the curve. But, more importantly, they must build resiliency to respond and recover from those that inevitably get through,” he added.
Palo Alto Networks has identified five key cybersecurity trends to watch out for in 2023:
Accelerated 5G adoption will deepen vulnerabilities
5G connections in the Asia Pacific (APAC) are expected to reach 430 million in 2025, up from 200 million at the end of end-2021, according to a recent report by the industry association GSMA. In Singapore, Singtel has reached 95% of 5G coverage nationwide, ahead of the regulatory target of 2025, with plans to expand standalone 5G coverage to its seaport by 2025. While cloud provides greater agility, scalability, and performance, it also exposes the 5G core to cloud security vulnerabilities. Large-scale attacks could come from anywhere, even from within the operator’s network
Securing connected medical devices will be critical
Digitisation enables new healthcare capabilities, e.g., virtual healthcare and remote diagnosis. The prevalence of legacy systems and sensitive data attractive to cyber criminals makes healthcare a soft target, and cyber threat actors will focus on it. The closer a device is to a patient, the more likely it is to impact patient safety, and the more likely a threat actor will weaponise it. Ensuring the cybersecurity of medical IoT will be important as ever for patient safety.
Cloud supply chain attacks will disrupt businesses.
Companies adopting cloud-native architectures are also inherently consuming third-party code in their critical applications. Log4J recently demonstrated how many organisations can be immediately vulnerable due to a piece of dependent code tucked deep into the software packaging process. We have also seen attackers targeting the volunteers who maintain these open-source code constructs to infiltrate organisations through the package update processes. This issue falls under the cloud supply chain, and we will see more disruptions due to cloud adoption trends in the coming year(s). Hence, in our latest research, 37% of organisations expect software supply chain attacks to increase most in 2023.
The debate on data sovereignty will intensify
As the world becomes more reliant on data and digital information, the volume of regulations and legislation emanating from a desire to control and protect citizens and ensure the continued availability of critical services will increase. As a result, the conversations around data localisation and data sovereignty will likely intensify in 2023.
Metaverse to be the new playground for cybercriminals
With an estimated $54 billion spent on virtual goods every year, metaverse could open up a new playground for cybercriminals. The immersive nature of the metaverse will unlock new opportunities for businesses and consumers alike, as it allows buyers and sellers to connect in a new way. Companies will take advantage of mixed reality experiences to diversify their offerings and cater to the needs of consumers in the metaverse.
Palo Alto Networks