Check Point Cybersecurity Predictions in 2023

Hacktivism, deepfakes, attacks on business collaboration tools, new regulatory mandates and pressure to reduce complexity will be at the top of organizations' security agendas next year

H Check Point Software Technologies Ltd. global provider of cyber security solutions, has published its cyber security predictions for 2023, detailing the key challenges organizations will face in the coming year.

cyber security

Cyberattacks in all sectors of industry increased by 28% το τρίτο τρίμηνο του 2022 σε σύγκριση με το 2021 και η Check Point προβλέπει ότι θα συνεχιστεί η απότομη αύξηση παγκοσμίως, λόγω της αύξησης των εκμεταλλεύσεων ransomware και του κρατικά κινητοποιημένου χακτιβισμού λόγω διεθνών συγκρούσεων. Ταυτόχρονα, οι ομάδες ασφαλείας των οργανισμών θα αντιμετωπίσουν αυξανόμενη πίεση καθώς το παγκόσμιο χάσμα εργατικού δυναμικού στον κυβερνοχώρο of 3,4 million workers is expanding further and governments are expected to introduce new cyber regulations to protect citizens from breaches.

In 2022, cybercriminals and state-linked actors continued to exploit the hybrid working practices of organizations, and the growth of these attacks does not appear to be slowing down as the Russia-Ukraine conflict continues to have a profound impact globally. Organizations need to consolidate and automate their security infrastructure to allow them to better monitor and manage attack surfaces and prevent all types of threats with less complexity and less need for staff.

Check Point's cybersecurity predictions for 2023 are divided into four categories: malware and phishing, hacktivism, emerging government regulations, and security consolidation.

Increases in malware and hacking exploits

 No respite from ransomware: she was the main threat for organizations in the first half of 2022 and the ransomware ecosystem will continue to evolve and grow with smaller, more agile criminal groups forming to evade law enforcement.

  Collaboration tools: while phishing attempts against business and personal email accounts are a daily threat, in 2023 criminals will expand their targeting of enterprise tools like Slack, Teams, OneDrive and Google Drive with phishing exploits. These are a rich source of sensitive data, as employees in most organizations continue to work remotely. 

Hacktivism and deepfakes are evolving

 State-motivated hacktivism: in the last year, hacktivism has evolved from grassroots social groups (such as Anonymous) to state-sponsored groups that are more organized, structured and sophisticated. Such groups have recently  attack targets in the US, Germany, Italy, Norway, Finland, Poland and Japan and these ideological attacks will continue to increase in 2023.

 Weaponizing deepfakes: in October 2022, widely circulated one deepfake of US President Joe Biden who sang "Baby Shark" instead of the national anthem. It was a joke or an attempt to influence the important ones Mid-term US elections? Deepfakes technology will increasingly be used to target and manipulate opinions or to trick employees into handing over their access credentials.

Governments are stepping up measures to protect citizens

  • New data breach laws: η infringement on Australian telco Optus led the country's government to introduce new data breach regulations that other telcos must follow, to protect customers from subsequent fraud. We will see other national governments follow suit in 2023, in addition to existing measures such as GDPR.
  • New national cybercrime task forces: more governments will follow The example of Singapore to establish inter-agency task forces to tackle ransomware and cybercrime, bringing together businesses, government departments and law enforcement agencies to combat the growing threat to commerce and consumers. These efforts are partly the result of questions about whether the cyber insurance sector can be considered a safety net for cyber incidents.
  • Enforcing security and privacy by design: the automotive industry has already moved to establish measures to protect vehicle owner data. This example will be followed by other sectors of consumer goods that store and process data, making manufacturers responsible for the vulnerabilities of their products.

Integration matters

  •  Reduce complexity to reduce risks: the global cyber skills gap will increase by more than 25% in 2022. However, organizations have more complex, distributed networks and cloud deployments than ever due to the pandemic. Security teams need to consolidate their IT and security infrastructure to improve their defenses and reduce their workload to help them stay ahead of threats. Over two-thirds of CISOs said that working with fewer vendor solutions will increase their company's security.

Predictions from Check Point executives:

Mark Ostrowski, Office of the CTO, Check Point Software

"Deepfakes will go mainstream with hacktivists and cybercriminals leveraging video and voice messages for successful phishing and ransomware attacks."

Maya Horowitz, VP of Research, Check Point Software

“We are entering a new era of hacktivism, with increasing attacks motivated by political and social causes. Threat actors are becoming more brazen and will turn their attention to critical infrastructure.”

Micki Boland, Office of the CTO, Check Point Software

"We will see a nation-state lead a sustained and prolonged assault on the US power grid, leading to blackouts that affect critical business and social functions."

Deryck Mitchelson, EMEA CISO, Check Point

"Cloud transformation will be slowed by cost and complexity, with many companies considering moving operations back in-house or to private data centers to reduce their overall threat surface."

Deryck Mitchelson, EMEA CISO, Check Point Software

"There will be a lot of discussion and we will push for security policy as the current carrot and stick approach has not worked."

Dan Wiley, Head of Threat Management, Check Point Software

“The cyber insurance industry is undergoing significant tectonic changes. Companies likely won't be able to rely on insurance as a safety net for cyber incidents. As we've seen with the auto industry, policymakers will act to protect their constituents with legislation that makes manufacturers liable for software defects that create cyber vulnerabilities. In turn, this will put the onus on software vendors to create security validations.

Jeremy Fuchs, Research Analyst, Avanan, a Check Point company

“While email and phishing go hand in hand and will continue to be dangerous and proliferate, in 2023 cybercriminals will also turn to business collaboration compromise, with phishing attacks used to access Slack, Teams, OneDrive , Google Drive, etc. Employees are often relaxed about sharing data and personal information when using these business applications, making them a lucrative source of data for hackers.

Jony Fischbein, CISO, Check Point Software

“In our multi-hybrid environment, many CISOs struggle to build a comprehensive multi-vendor security program. In 2023, CISOs will reduce the number of security solutions deployed in favor of an integrated, single solution to reduce complexity.” 

Oded Vanunu, Head of Product Vulnerability Research, Check Point Software

“Dramatic increase in digital fraud due to global economic slowdown and inflation. Cybercriminals will increasingly turn to social media campaigns via telegram, WhatsApp and other popular messaging apps. There will also be more cyberattacks on Web3 blockchain platforms, mainly to take over the platforms and their users' crypto assets." The Best Technology Site in Greece
Follow us on Google News

cybersecurity, Security, Check Point

Written by newsbot

Although the press releases will be from very select to rarely, I said to go ... because sometimes the authors are hiding.

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).