Cybersecurity trends to watch in 2023
Cyber attacks are becoming more sophisticated and harder to detect. As we enter a new year, we take a look at some of the biggest cybersecurity trends that will continue to be a priority for businesses in 2023.
Work-from-home cybersecurity will continue to be a priority for businesses.
As the world has been recovering from the COVID-19 pandemic, 2023 sees us settling into a new ‘normal’ that includes more remote workers. Many workers have returned to the office, but there are still many who continue to work from home, which has led to an increase in cybersecurity issues.
In the past, when all employees were based in the office, it was easier to ensure that company computers and laptops were updated, free of malware and had anti-virus software installed, as well as any other preventive measures.
Although companies were initially unprepared for this abrupt change, the past few years have given them the opportunity to implement measures to reduce security risks as workers need to protect confidential information and avoid cyber-attacks from outside of the office.
Raising cybersecurity awareness
As cyber-attacks become more sophisticated and harder to detect, businesses should encourage employees to be more cautious. An important part of maintaining cybersecurity is raising awareness about fundamental security issues that everyone can take into consideration. Rather than leaving cybersecurity to the IT department, individuals can play their part by taking relatively simple steps, such as:
- Using complex passwords, for example, that consist of three random words and a combination of capital letters, lower case letters, symbols, and numbers.
- Setting up two-factor authentication that may require input of a code that is received by text to validate your identity.
These habits will benefit individuals in their work and personal life, as scammers approach people directly as well, not just through businesses.
Increased use of Artificial Intelligence (AI)
It can be difficult for cybersecurity experts to manually track all the potential threats, so machine learning algorithms can be used to track data and identify patterns that could indicate a threat. Companies that use AI and automation to detect and respond to data breaches can save millions of dollars.
However, AI growth and availability means it can also be used by hackers to identify weak security systems or computers/networks that may hold valuable data, amongst other uses. This leads to an ‘arms race’ where security agents race to use AI against hackers, while the hackers also race to use AI against security agents.
Strategies and Laws
The UK government has been taking a number of steps to improve cybersecurity, recognising the opportunities and threats that the expansion of cyberspace provides.
£2.6 billion was dedicated to The National Cyber Strategy 2022, which encourages at-risk businesses to improve their cyber resilience and make the UK digital economy more secure. It has outlined the following pillars:
- Pillar 1: Strengthening the UK cyber ecosystem - investing in our people and skills and deepening the partnership between government, academia and industry.
- Pillar 2: Building a resilient and prosperous digital UK - reducing cyber risks so businesses can maximise the economic benefits of digital technology and citizens are more secure online and confident that their data is protected.
- Pillar 3: Taking the lead in the technologies vital to cyber power - building our industrial capability and developing frameworks to secure future technologies.
- Pillar 4: Advancing UK global leadership and influence for a more secure, prosperous and open international order - working with government and industry partners and sharing the expertise that underpins UK cyber power.
- Pillar 5: Detecting, disrupting and deterring our adversaries to enhance UK security in and through cyberspace - making more integrated, creative and routine use of the UK’s full spectrum of levers.
The Network and Information Systems (NIS) Regulations, which came into force in 2018, will be strengthened to protect services from increasingly sophisticated cyber-attacks. One of its aims is to protect essential everyday services, including water, energy and transport, from online attacks. The updates include improving cyber incident reporting of a wider range of incidents to regulators such as Ofcom, Ofgem and the ICO.
The Product Security and Telecommunications Infrastructure Act will provide protection against insecure ‘smart’ products, for example, by requiring manufacturers not to use default passwords and be clear on how long security updates will be provided.
These steps demonstrate the UK government is taking an active role in improving cybersecurity across the nation on a long-term basis.
Can we help you?
J&L help business of all sizes with a range of tailored solutions that can improve cybersecurity and raise awareness. Talk to us today.