2023 cybersecurity predictions for business and fintech organisations

By António Vasconcelos, Technology Strategist at SentinelOne

 

It’s been a difficult year, as the world emerged from the global pandemic only to face a war in Ukraine and global economic uncertainty. And alongside the physical front lines, a new virtual battlefront has appeared – cyber warfare with wipers being used to hit targets inside and outside the physical world.

Meanwhile, new attack surfaces have risen in popularity, as cybercriminals have shifted their attention to exploiting identity to gain access, and to cloud workloads to gain assets, privilege escalation and lateral movement.

But it’s not all bad news. Security technologies have been evolving, too. Solutions like Extended Detection and Response (XDR) are helping organisations to fill the gaps in visibility, join the dots in defence, and hunt for hidden threats in the enterprise.

As 2022 draws to a close, here are some predictions as to the key cybersecurity trends that will impact business and FinTech organisations in 2023.

Simplified and more affordable data retention

Data is an important business asset, and therefore increasing data security is key for many finserv organisations. In the next year, we’ll be seeing some changes to the historical price and also the complexity of facilitating secure data retention.

António Vasconcelos

We expect to see cyber security professionals exploring alternative means for analytics and data storage, which will also take cost, scale, performance and ease-of-use into consideration. Security Operation Centre (SOC) teams will want to see improvements across the board in how efficient and easy it is to get the data in, the ease of access to historical data sets and fragmentation of data, and how much it all costs.

Attacks will be bigger and bolder

Year-on-year attacks haven’t just grown in number, they’ve also become more significant. This is rooted in vulnerable products led by Microsoft as an operating system provider and a security vendor, in the way information is exchanged, and in how quickly a serious threat is exploited by cybercriminals.

The upcoming year will bring more breached organisations and bigger attacks. The FinTech industry, an ever-popular target for cyber attackers, won’t be an exception.

Social engineering at its peak

Phishing is one of the most popular tools in the hacker arsenal as it yields results time and time again. One unconscious click can compromise a user enough to give access to the entire network. But it’s not just malicious emails. Adversaries rely on the fact that people are so busy keeping up with social media, digital multi-tasking and an increasing number of online channels that they aren’t paying enough attention to spot a phishing attack.

Although organisations have become better at securing endpoints from being exploited by malicious actors, in the year to come, social engineering attacks will level up using deep fakes powered by AI/ML engines. As the technology improves, introducing audio and video elements to social engineering attacks, the effectiveness and authenticity of these attacks will accelerate.

What this means for the finance industry is that social engineering and phishing will continue to be one of the main avenues for identity compromise in 2023. Therefore, hardware multi-factor authentication, short lived sessions, and severely curtailed account privileges will become the new baseline requirements for high-standard corporate security.

Investing in cost-effective cybersecurity programmes

Throughout 2022, the cyber security community has emphasised how important it is to invest in ramping up cyber defences. However, in the current economic climate, enterprises and organisations will be pressured to save on costs and be more effective.

Unsurprisingly, it’s expected that financial service organisations will favour solutions that will allow consolidation when and where possible, as the sheer number of products that are covering different attack surfaces and use cases is still rising. Notably, there are many sides to consolidation and even though cost will be a driving force, SOC teams won’t be satisfied with just paring down to fewer vendors or pushing everything to a single data lake, where all data is centrally stored.

IT security teams will demand holistic workflows and unified agents and cross-product synergies that truly deliver value that’s greater than the sum of its parts, such as when consolidating around a platform as opposed to endless point solutions.

As a result, in 2023 consolidation of pinpoint tools and teams is expected to dominate, along with increased utilisation of growth and efficiency-driven products.

Conclusion

Undoubtedly, there will be new threats rising to the surface in the New Year, as cybercriminals and hackers continue to evolve and explore new ways to exploit vulnerabilities. But more and more, finance firms are recognising that achieving strong cyber defences doesn’t happen by playing catch up with adversaries. While no one has a cybersecurity crystal ball, one thing is for certain. Organisations that cover their bases, kill off low-hanging vulnerabilities, and implement coverage across cloud, identity and endpoint will be far safer than those that don’t.

spot_img

Explore more