20 Cybersecurity Predictions from Industry Experts for 2023

cybersecurity predictions

The editors at Solutions Review have compiled a list of cybersecurity predictions from some of the top leading industry experts.

As part of the fourth annual Solutions Review #InfoSecInsightJam, we called for the industry’s best and brightest to share their Identity ManagementEndpoint Security, and Information Security predictions for 2023 and beyond. The experts featured represent some of the top Cybersecurity solution providers with experience in these marketplaces, and each projection has been vetted for relevance and ability to add business value.

20 Cybersecurity Predictions for 2023


Ali Ahmed, GM, Enterprise Applications at Cloud Software Group

Cloud migrations will lead to better security.

In the last three years, the move to the cloud has been key for organizations’ digital transformation. As security increasingly becomes a concern, the cloud will play a key role in more than just digitizing but also creating operational efficiency and security. The cloud helps to manage security at a macro level. As organizations move to the cloud, having a robust security system will make them more successful in overall digitization and scale, especially if operating in multiple clouds.

Gerry Plaza, Field CTO at Netskope

Enhancing the protection of current networks and application ecosystem…

Companies will move their budgets to projects which enhance and strengthen their ability to perform their core functions. Budgets that would have ordinarily gone to Infrastructure expansion projects will now go to automation, consolidation of disparate or overlapping tools, and most importantly cybersecurity initiatives. This will finally bring security to the forefront over Infrastructure teams as they look for ways to enhance the protection of their current Networks and Application ecosystem that have been stuck in the “this is how we always do it” ways.

Torsten Staab, PhD, Principal Engineering Fellow, at Raytheon Intelligence & Space

Quantum Day defense strategies will become more of a priority.

Heading into 2023, developing and deploying quantum-resistant security strategies will become a growing priority for organizations in order to better defend their systems, networks, and data from future quantum attacks. While Quantum Day or “Q-Day”, might be still 5-10 years out, it is coming faster than we would like. Q-Day represents the day that quantum computers will be powerful and stable enough to use the superpositioning power of qubits (i.e., quantum bits that can assume multiple states at once) to break widely used asymmetric encryption algorithms such as RSA. Unfortunately, these quantum-vulnerable encryption algorithms are widely used around the world to secure many of today’s ecommerce, finance, healthcare, critical infrastructure, and defense systems. Once Q-Day arrives, adversaries will be able to decrypt sensitive and classified communications and information if these algorithms stay in place.

The U.S. Department of Commerce’s (DoC) National Institute of Standards and Technology (NIST) announced it was getting ready to standardize the first set of four Post-Quantum Crypto algorithms.. Standardizing such algorithms means organizations around the world can begin replacing existing quantum-vulnerable encryption algorithms, helping to counter the “collect now, decrypt later” strategy currently being used by adversaries. Experts predict that globally it will take well over a decade to upgrade or replace affected systems with quantum-secure, Post-Quantum Cryptography-based (PQC) systems.

Uri Dorot, Sr. Security Solutions Lead at Radware

The automotive industry will see a rise in cyber-attacks on EV charging stations in 2023 and beyond.

In 2023, we will start to see more cyberattacks on EV charging stations and web applications across the automotive industry. The surge in connected EV vehicles and the transformative progress it breeds is also creating greater levels of cyber risk. The industry is not yet required to adhere to the same security regulations as other sectors like e-commerce or banking. Given the use of personally identifiable information and various API connections, we should expect to see more account takeover attempts, data breaches and DDoS attacks. I believe that within the next couple of years, we’ll see heightened awareness around automotive cybersecurity, new security standards and regulations, and increased adoption of cyber security tools for EV charging applications and infrastructures. The priority will be to maintain service availability, as well as keep both data and drivers safe.

Stephen Ritter, CTO at Mitek

Next year will see the rise of transparency as an important component of maintaining consumer trust.

Consumers will have a clear understanding of exactly who and/or what technologies they are interacting with and how the data being provided is being used. In 2023, we can expect top enterprises to lead by example – setting their own rules of engagement and standards for collecting and managing data. Consumer behavior has shifted over the years to prioritize finding the most efficient means to achieve their end goal and they are more willing to adopt AI powered security tactics because of the convenience it affords. However, this trust is earned because enterprises have proven over time that they can deploy these technologies in an ethical manner.

Olivier Gaudin, CEO and Co-Founder at SonarSource

Organizations recognize that code security lapses are not actually security issues.

When it comes to code security, most developers think of traditional threats like malware, phishing and SQL injection. Enterprises have rightly invested significant money and resources in combating those threats. However, organizations are starting to realize that the majority of code security breaches are not caused by explicitly malicious behavior (i.e., backdoor attempts), they’re caused by coding mistakes that result in vulnerabilities. In 2023, developers will change how they approach security, realizing that it’s mainly an issue of code quality – and if that’s addressed, there will be fewer security issues. To avoid vulnerabilities and potentially catastrophic breaches, devs will adopt new methods that make it easier to write clean code.

Dean Zwarts, Global Business Manager for Cybersecurity at UL Solutions

We’ll see an encouraging trend in connected consumer devices, with cybersecurity resilience taking precedence over speed to market.

For decades, the tech world’s “move fast and break things” mentality has led to tremendous innovation and groundbreaking new hardware and software products. However, as cybersecurity threats increase, and as digital products shift from just laptops and cellphones to more personal devices – security systems, doorbells, thermostats, kitchen appliances, etc. – in 2023 and beyond, I expect device manufacturers to adopt more deliberate product rollout timelines in order to ensure the security of their products. Consumers will demand a product that they know is secure, from an organization they know will be a good steward of their data. And while consumer technology companies will continue to innovate, we’ll see product development timelines that reflect an increased prioritization of security and privacy at the core of each product.

Dave Ratner, CEO at HYAS

In the face of another major software supply chain attack, we’ll see businesses increase their cyber resiliency.

From an attack perspective, I predict that we’ll see another large and globally impactful supply-chain attack in 2023. It will occur via a malicious update to a small library utilized in at least one popular service. Similar to a SolarWinds or log4j attack, the impact will be global in scale and the response will be costly, time-consuming, and potentially have long-lasting effects.

From a security stack perspective, I predict that increasingly more organizations will focus on business continuity and resilience as opposed to a pure-prevention cyber security strategy. There are too many ways to break into the enterprise, and the cat-and-mouse game of blocking each one has proven impossible. Leading organizations will shift their focus and resources to complement their prevention-techniques with the business resilience required to ensure that any and all “little B” breaches get identified, stopped, and remediated before they turn into a “big B” breach, across their corporate, production, and development environments.

Marcus Fowler, CEO at Darktrace Federal

Crypto-jacking neglect gets dangerous.

The hijacking of computer resources to mine cryptocurrencies is one of the fastest growing types of cyber-threats globally. These attacks are often overlooked as unthreatening ‘background noise’, but the reality is that any crypto-mining infection can turn into ransomware, data exfiltration or even an entry point for a human-driven attack at the snap of a finger. To achieve the scale of deployment that crypto-jackers are looking for, illegitimate network access must have been enabled by something relatively low-cost – a pervasive software vulnerability or default, weak or otherwise compromised credentials. This means that the basics aren’t being done right somewhere, and if a crypto-jacker could do it, what’s stopping a ransomware actor from following the same path?

In 2023, crypto-jackers will get more savvy and we might start to see the detrimental effects of what is usually considered inevitable or negligible. Security leaders need to ask themselves: “How did this person get in?” – and shore up the easiest points of entry into their organization. Companies should not live with rogue software and hackers siphoning off their resources – particularly as rising energy prices will mean a greater financial loss is incurred as a result of illicit crypto-mining.

Jessica Hetrick, Senior Cyber Strategy and Resilience Leader at Optiv

We’ll see an increase of cybersecurity awareness on the Board.

Boards of directors have seen an increase in cybersecurity expertise in recent years, which won’t slow down going into 2023. This is because organizations are now understanding that cybersecurity is a business risk that requires the attention from all levels of leadership – even the board. And – especially following the SEC’s proposed cybersecurity disclosure rules, we can expect to see C-suites add more board members with a background in cybersecurity. Additionally, boards will start to demand that their companies have answers for security preparation, strategies, processes, issues, etc.

This increase in board involvement gives organizations the opportunity to fine-tune their cybersecurity speak, since they will need to translate it into a language the board can understand. Then, to engrain cybersecurity in the culture and mindset of everyone at the organization – from the junior employees to the Board – organizations will look to uplevel the language so everyone can understand and implement best practices. By prioritizing this partnership and alignment across the enterprise, organizations can then focus on risk quantification, business impact and the financial consequences of an attack, which will only benefit them in the long run.

Andrew Hollister, CISO at LogRhythm

Ransomware operators will stop encrypting in favor of corrupting files.

Ransomware has been an attack vector in continual development over the years and is perhaps the one common threat that keeps all CISOs awake at night. In 2023, we’ll see ransomware attacks focusing on corrupting data rather than encrypting it. Data corruption is faster than full encryption and the code is immensely easier to write since you don’t need to deal with complex public-private key handling as well as delivering complex decryption code to reverse the damage once the victim pays up. Since almost all ransomware operators already engage in double extortion, meaning they exfiltrate the data before encrypting it, the option of corrupting the data rather than going to the effort of encryption has many attractions. If the data is corrupted and the organization has no backup, it puts the ransomware operators in a stronger position because then the organization must either pay up or lose the data. Therefore, the importance of backing up critical business data has never been higher.

Caitlin Johanson, Vice President at Coalfire

We’ll see an increase in compartmentalization of Application Security. 

In the past, we’ve seen a lot of companies ‘lift and shift’ as they move to the cloud, even with their application environments. Hopefully in the future, teams will be better about not just taking a physical application environment and standing up a bunch of virtual machines within a cloud provider. Instead, we are hoping to see more compartmentalization and modernization of applications with the use of containers and serverless infrastructure. This will reduce the overhead that traditional application environments require, with the idea of securing the image that we’re using to deploy the infrastructure and updating that image periodically with security best practices. In the new future, we will see more companies adopt modernization trends as they shift to the cloud.

Chad Skipper, Global Security Technologist at VMware

Remote desktop protocols will fuel “island hopping” attacks.

Many organizations have learned the hard lesson that you’re only as secure as the weakest link in your supply chain. In 2023, cybercriminals will continue to utilize island hopping, a technique that aims to hijack an organization’s infrastructure to attack its customers. Remote desktop protocol is regularly used by threat actors during an island-hopping campaign to disguise themselves as system administrators. As we head into the new year, it’s a threat that should be top of mind for all organizations, but particularly those in the healthcare industry given the sensitive nature of personal health data and the regulations across the sector.

Dor Dankner, Head of Research at Noname Security

APIs are data pipelines that will attract more attackers.

While traditional databases allow users to find, store and maintain data, application programming interfaces (APIs) enable users to access and review the data as it transfers between the company, customers, and third parties. Software code has come under attack in innovative and deeply troubling ways as APIs have become the critical pipeline in modern organizations, and because of this, we can expect to continue to see API hacking as a major threat vector when it comes to critical data. Whether it be through a mobile application or website, APIs interact with business logic and allow adversaries to understand exactly how a company is processing information and data, making APIs a major area of vulnerability for organizations. We expect 2023 to be the year that the risk becomes so apparent that companies can no longer ignore it.

Dr. Ian Pratt, Global Head of Security for Personal Systems at HP Inc.

Rise in hijacking remote access sessions could result in high-value domain servers and cloud admin portals – or even physical OT environments – being breached.

Session hijacking – where an attacker will commandeer a remote access session to access sensitive data and systems – will grow in popularity in 2023. Increased use of features like Windows Defender Credential Guard are forcing attackers to pivot – either capturing users’ passwords to enable lateral movement, or hi-jacking the remote session itself to access sensitive data and systems. The latter is particularly powerful. By targeting users with elevated rights to data and systems – such as domain, IT, cloud, and system administrators – these attacks are more potent, harder to detect, and more difficult to remove. The user is typically unaware that anything has happened. It takes just milliseconds to inject key sequences and issue commands that create a backdoor for persistent access. And it works even if Privileged Access Management (PAM) systems are being used to employ Multi Factor Authentication (MFA), such as smart cards.

If such an attack connects to Operational Technology (OT) and Industrial Control Systems (ICS) running factories and industrial plants, there could also be a physical impact on operational availability and safety – potentially cutting off access to energy or water for entire areas. Session hijacking does not rely on exploiting a fixable vulnerability; it is about abusing legitimate and necessary functionality of remote session protocols – like Remote Desktop Protocol (RDP), Independent Computing Architecture (ICA), and Secure Shell (SSH). Strong isolation is the only way of avoiding these kinds of attacks and break the attack chain. This can be done either through using a physically separate system, like a Privileged Access Workstation (PAW), or virtual separation, via hypervisor-based approaches.

Eilon Elhadad, Senior Director Supply Chain at Aqua Security

In 2023, software supply chain threats will continue to be a significant area of concern.

We’ve seen time and again how business demands guide technology innovation, and along with this advancement comes new areas of risk. Over the past few years, increasing pressure to deliver software faster has widened attack surfaces and introduced severe vulnerabilities — much like in the early days of cloud adoption. New tools, languages and frameworks that support rapid development at scale are being targeted by malicious actors, who understand the catastrophic impact that results from attacks to the software supply chain. In 2023, software supply chain threats will continue to be a significant area of concern. We will see less sophisticated attacks like SolarWinds and more attacks like those targeting Log4J, Spring4Shell and OpenSSL, which are used massively across code and production. These attacks have a larger potential blast radius to allow hackers to impact entire markets and wreak havoc for organizations.

Rafael Umann, CEO at Azion

Edge developers will embrace open standards and frameworks.

Developers who create apps through platforms that don’t offer easy portability will have little recourse if those platforms decide to increase prices or make other significant changes. Vendor lock-in is unacceptable for companies that must carefully plan their budgets. As a result, in 2023, expect a strong focus on ensuring that edge web apps rely on open standards and frameworks. This focus will increase interest in WebAssembly, Jamstack, and other technologies not tied to a specific provider. Building apps using these technologies allows developers to shift from platform to platform as needed to optimize cost and performance.

Avihay Cohen, CTO and Co-founder at Seraphic Security

The browser, the gateway to an organization’s endpoint, becomes the main target for threat actors.

Browsers power just about everything we do and are undoubtedly the most used applications, especially as more applications like CRM tools migrate from native applications to existing fully in the browser. Because so much of our daily work and personal activities live in the browser, it’s the perfect gateway for threat actors to reach an organization’s core. As browsers become more complex with new features and uses, threat actors will heavily target browser bugs and vulnerabilities in 2023 to breach organizations and access sensitive data.

Raj Dodhiawala, Cybersecurity Evangelist and Former CEO at Remediant

Identity exploits will continue through 2023.

Hackers will continue to find creative ways to gain control of organization’s crown jewels though techniques like lateral movement and credential compromise. Due to the fact that more than 80 percent of cyber-attacks involve leveraging privileged identities, it’s clear that protecting only credentials, such as usernames and passwords, is no longer enough to keep organizations safe.

Rajesh Khazanchi, Co-Founder, CEO at ColorTokens

Access management will see a drastic increase in exploitation as authentication becomes commoditized.

We will see an increase in exploits of Access controls, as “access” will become more commoditized and purchasable, and hackers will continue improving their tools. Known as Initial Access Brokers (IABs), these underground and dark web bad actors are building their inventories of access codes, and increasing the likelihood of unauthorized users on corporate networks. Once they are inside, they can move freely unless an essential control, such as micro-segmentation, is deployed.


Mike Costello