Challenging macroeconomic conditions will cause companies to re-evaluate traditional IT cybersecurity spending, however these same companies will prioritise and proportionally increase security spending on their much more critical Operational Technology systems. The consequences of high-profile events like Colonial Pipeline have demonstrated that the risk to OT is higher and boardroom cybersecurity discussions almost always include securing OT.
Nation states will begin to target cloud service provider, CSP managed services as companies migrate more of their attack surface to these managed services. Cloud adoption continues to rapidly rise, in fact, CSP managed service market is projected to grow to $117.65 billion by 2028, a 14.5% spike from 2020. While there are numerous benefits to cloud adoption and outsourcing cloud services to an MSP, the opportunities for exposure increases significantly, which attackers will without a doubt capitalise on.
Extortion will be an increasingly disruptive force to enterprises in all industries
We can anticipate a significant breach of a SaaS provider in 2023. Given the adoption rates of SaaS applications, the shared responsibility model and limited monitoring, this attack surface is ripe for compromise.
Nation states will begin to target cloud service provide managed services
Extortion will be an increasingly disruptive force to enterprises in all industries in 2023. In the past year, we have seen threat actors of all motivations moving to extortion-only attacks and forgoing the more complex tactics like data-encrypting malware, ransomware. The notoriety and success of extortion groups like Lapsus$ means that other groups will continue to mimic their tactics.