What lies ahead amid so much global uncertainty and clouded geopolitical perspectives?

One of the greatest challenges for cybersecurity teams is the constantly shifting security landscape. Evolving geopolitics, the resulting tension between economic progress and security, and the perceived cyber threat drives a lot of the negative perceptions around cybersecurity.

However, while it is easy to get distracted by eye-catching headlines about cybersecurity lapses, cybersecurity capabilities are also being continuously enhanced with new and exciting technologies to help us address the ever-changing threat landscape. Security is also as much about soft skills as the specialized technical skills typically associated with the field.

According to Information Systems Audit and Control Association’s research, soft skills in communication, flexibility, and leadership represent the most significant skills gap identified by cybersecurity professionals.

Phil Rodrigues, Head of Security, Commercial, Asia Pacific & Japan, Amazon Web Services

In such a dynamic environment, it is always difficult to make predictions, but we can provide our insights about the future of cybersecurity for 2023 and beyond.

    • Cybersecurity will be the cornerstone of everything
      In the digital economy this aspect will become a top priority for all organizations. Moving forward, instead of conducting periodic cybersecurity reviews, the future entails organizations shifting to continuous automated cybersecurity.

      This will create an environment where it is easier to make the best cybersecurity decisions earlier in the development of business processes and digital products.

      Cybersecurity will thus be truly built into everything organizations do. This new culture of security will drive more cybersecurity automation which allows organizations to innovate and scale safely. As a result, we will see widespread benefits to organizations and governments of all sizes, including improvements in data protection.

      Around the world, the public is becoming more discerning about how personal data should be gathered, stored, and processed, and governments are responding by creating new legislation to protect personal data. By 2024, three quarters of the world’s populations will have introduced or implemented data protection legislation, and large organizations are expected to budget US$2.5m for investments into privacy technology, such as encryption, advanced access control, and more granular logging.

    • New ways to address cyber skills gaps
      There was a global shortage of cybersecurity practitioners in 2022. While the number of security threats continues to increase, we can be better prepared to address them by training today’s workforce in soft skills, cloud computing and security awareness.

      We predict there will be a trend towards prioritizing diversity and finding new and innovative perspectives to recruiting cybersecurity professionals. We also predict that organizations that do this will outperform in cybersecurity compared to those that do not.

      In practice this will mean prioritizing hiring people with diverse educational and career backgrounds, people from different cultures, and people who are neurodiverse. Diversity in cybersecurity is about more than just equality; it is about optimizing defensive and offensive capabilities by having access to the widest possible range of problem-solving abilities.

      There is also growing recognition that the mounting costs of university education and lack of access to the right cybersecurity training can hamper the ability of economically disadvantaged individuals, limiting their involvement in the cybersecurity sector. We expect that more global initiatives will be launched to address this issue.

    • New technological horizons for cybersecurity
      In 2023 and beyond, we predict that new and emerging technologies will continue to strengthen cybersecurity by making existing processes easier and more efficient, and driving new cybersecurity approaches for organizations.

      Automation is rapidly emerging as essential to effective cybersecurity practices. AI/ML approaches will extend this, adding a critical layer of automation to cybersecurity in cloud environments. Cloud-based AI/ML offers predictive capabilities derived from collected information that can play a significant role in making cybersecurity more proactive.

      Quantum computing will continue to develop rapidly and will become ubiquitous and applicable to practical use cases. In the long run, that will help make data more secure by prompting organizations to reconsider their current encryption algorithms and processes.

      We also predict that mechanisms such as multi-factor authentication will become fully normalized as core components of practical cybersecurity across all organizations. Future MFA approaches will move towards biometric and multimodal forms of authentication. These approaches will greatly increase the security of authentication for organizations.

    • Securing the cloud with the cloud
      Wider access to cloud technology will allow organizations to build cybersecurity practices more effectively into their everyday operations.

      Once an organization has adopted cloud computing, it can tap on a broad range of cybersecurity tools available natively in the cloud to stay protected in line with industry best practices.

      Cybersecurity is becoming a central pillar in how governments and businesses plan and execute new digital initiatives. Cloud computing tools will help organizations to adapt to the changing cybersecurity landscape and can play a particularly integral role in empowering them to leverage emerging technologies.