What QoS Expects to See in 2023

Happy New Year from QoS!

Image by Gerd Altmann from Pixabay  

New Year, New You?

January 1, 2023 – As the sun began to peek through the curtains, you slowly open your eyes. WAKE UP It’s 2023! Forget your headache, grab a bottle of water because it’s time to get back to business. If you are joining us from our 2022 recap, we hope your New Year’s resolutions include improved online hygiene because 2023 is expected to be an even crazier year. With last year in the rear-view mirror and 2023 with that new car smell, we wanted to give our take on what we expect to see in the next twelve months.  We will review everything from workforce trends to the growing threat landscape that you should be aware of, so let’s get into it.

Ugh, Where is the Remote… Workforce?!

Groggy, and still trying to shake off the lingering effects of last night, you stumble into the living room to find the TV blaring at full volume. You groan and search for the remote, but it was nowhere to be found. You checked under the couch, and behind the curtain, but no luck. Your headache continues as you cannot locate the remote…

This is of course a long-winded analogy: Do not lose track of your remote workers! QoS believes that attacks on the remote workforce will only accelerate. We have adapted to work anywhere, but our technology has not caught up from a security perspective. AT&T’s yearly study of the United States’ workforce predicts that the hybrid work model is going to be used in 81% of organizations by 2024. Additionally, OpenVPN found in their study that 73% of VP and C-Suite IT leaders believe remote workers pose a greater security risk than onsite employees. Do not let your remote workers give you a headache, therefore, security leaders should look beyond traditional approaches to monitoring, detection, and response to manage a wider attack surface.

A Third Party?! Please, I’ve Had Enough

Just when you thought the party was over, more people showed up… exacerbating your already pounding headache. Another often overlooked security risk that will continue to impact organizations in the coming years is third-party vendors. One of the key reasons why vendor security will be important this year is the increasing reliance on third-party vendors and service providers. Many businesses rely on external vendors for critical services such as cloud storage, software development, and data management. Gartner predicts that by 2025, 80% of enterprises will adopt a strategy to unify web, cloud services and private application access from a single vendor’s SSE platform.  While these vendors can provide valuable services, they can also pose a significant risk if they are not properly secured. Believe it or not, in 2021 software supply chain and vendor attacks increased by 300%!

More Women in Cyber!

A steady trend we have been ecstatic to see in the last decade is the increase in cybersecurity jobs held by women. According to Cybercrime Magazine, in 2013 women were present in about 10% of cyber jobs, and in 2022 that number is now 25%. With that, they predict that by 2025 women will represent 30% of the global cyber workforce. It’s important for both the tech industry and society to address the issue of women being underrepresented in cybersecurity. This can be done by providing education and training opportunities for women, promoting female role models in the field, and addressing discrimination and bias in the workplace. By doing so, we can help to create a more diverse and inclusive cybersecurity workforce. In a study performed in 2017 with over 150 companies around the world, it was found that organizations with at least 20% of their management positions filled by women were more innovative than those with a smaller percentage. A diverse workforce can also help to prevent groupthink, which can lead to poor decision-making. If you are interested in learning more about this, check out the Girls Who Code website, an organization committed to increasing [SC1] [MJ2] the presence of women in tech.

Honorable Mentions

Do not forget about these! I wanted to briefly touch on a few industries that we expect to see experience an increase in attacks:

  • Healthcare – The Journal of Cybersecurity estimates that there is a 1 in 4 chance of another Anthem sized breach (Roughly 37 million health records being stolen) will occur before 2025. In today’s cyber-world, it is often a matter of when, not if. Given the sensitivity of the data in question, we believe Healthcare hacks in 2023 will increase.
  • Gaming: Yogonet, a popular gaming news site reported that in 2022 gaming, financial services, and tech represented 88% of all attacks. Also, gaming companies saw an 85% increase in fake account registrations. We expect this trend to stick around for 2023 and years to come.
  • Startup Companies: There are only two types of companies: those that have been hacked, and those who don’t know they have been. For new organizations, especially ones in software, security is not usually a priority, making them the perfect target for hackers. For those starting a software company, please read our Top 10 tips on how to code securely (Click here)!

QoS wishes you a happy new year! As always do not hesitate to reach out to us with the contact information below if you are interested in speaking with cyber experts that are equipped to get you through the new year!