Seceon 2023 Cybersecurity Predictions by Seceon Thought Leadership - Seceon
                     Seceon 2023 Cybersecurity Predictions by Seceon Thought Leadership - 
Seceon
 +1 (978)-923-0040  [email protected]
Seceon 2023 Cybersecurity 
Predictions by  Seceon Thought 
Leadership
by Pushpendra Mishra | Feb 3, 2023 | aiSIEM, aiXDR, Cyber Security Company, 
Ransomware  Detection, Service Security Providers | 0 comments
Seceon 2023 Cybersecurity Predictions by Seceon Thought 
Leadership - Seceon
This is Part II of our first blog of the new year, one in which we tackle 2023’s top 
cyber  challenges and provide the information you need to make you ready. We’ll 
share our insights  and recommendations so that you can make cybersecurity a part 
of your healthy business  strategy and best prepare for the path ahead. In our 
opening segment we reviewed the events  in 2022 we forecasted in 2022 in terms 
of their impact and what we learned from them
Now let’s discuss some common themes we see occurring with even more 
frequency or  velocity in 2023 along with how to prepare for these developing 
trends and some proactive  cyber strategies to implement for the coming year.
2023 Seceon Prediction One: The emergence of cloud-native security solutions to  
protect cloud-based systems and applications.
In 2022, outsourcing code development led to a 65+% increase in code leaks. Even 
with  “airtight” outsourcing contracts or SLAs, the risk of poor privacy practices, 
storage and  development practices has led to this significant increase. Public 
repositories are clearly not  well protected. GitHub frequently leaks API and 
Cryptographic keys. According to a study from  North Carolina State University, over 
100,000 GitHub Repos leaked API or cryptographic keys  in 2022. They also found 
that thousands of new API or cryptographic keys leak via GitHub  projects every day.
Lets continue down this API Security path, however. We’ve seen a 300% increase in 
API traffic  and a 600% increase in API attacks. API security is a key component of 
modern web  application security. APIs may have vulnerabilities like broken 
authentication and authorization,  lack of rate limiting, and code injection.
The exposure to insecure APIs has sky-rocketed and only a nary few are paying 
attention to the  expanding exposure.
The first step is to find and catalog every API on our network. Who does this today? 
Almost no  one. Why? Because of the intense pressure of developer convenience, 
John Kindervag, the  Forrester analyst who coined the term “zero-trust”, claims 
developers have more power than  Cybersecurity folks these days, rapid coding and 
website development, combined with the  increasing drive toward federated 
services all contribute to random APIs popping up  everywhere, and entirely without 
any sort of registration structure acting as the grown up in the  room.
Finding and cataloging need to be taken seriously as even one missed API 
right now, can leave  your company open to cyber-attack.
Seceon 2023 Cybersecurity Predictions by Seceon Thought 
Leadership - Seceon
Setting up security and performance automation for every API is the next step. That 
 performance automation accommodates API testing, critical to security readiness. 
Both  functional and non-functional tests are essential as it is not enough to know 
that the API  performs as advertised, but also that it does so in a secure and 
reliable manner. Failing APIs  are common, but what isn’t common is understanding 
the consequences of the failure. Non-  functional testing will do that.
When pen-testing and securing an API, start with behavioral analysis. Here’s where 
you match  reality to documentation – it is a good time to discover what happens to 
your system as a whole  when an API fails. You may also determine whether the 
build package is buggy and/or  vulnerable.
You will want to assure the process service levels are prioritized for the right service 
levels, rate  limiting for transactional APIs, min/max request latency settings, and 
availability windows.  Some of these details are important to identify slow memory 
leaks or garbage collection issues  that might be a long-term threat to the integrity 
of the server(s) and network.
Authentication issues should come right out of the Zero Trust handbook and 
determine the  levels of trust you assign for the API’s users. Apply the standards 
required for specific DAAS  access and test the limitations before use.
When responding to an API attack, the first rule should be to kill access – an API 
should never  fail in an open state. Whether you caught the attempt yourself or 
via AI/ML detection, follow  your normal recovery process and never shift down just 
because it’s an API.
By the end of 2023, API security will separate the mediocre CISO, focusing solely on  
infrastructure from the masterful CISO who addresses actual business threats and 
ensures  survivability.
Creating a system for API security, and reusable interface testing automation that 
keeps your  API inventory up to date will pay off big when those headlines start 
talking about API security  and not just our old nemesis, ransomware.
2023 Seceon Prediction Two: A heightened focus on leveraging 
Artificial  Intelligence (AI) and Machine Learning (ML) to identify and 
counter  sophisticated and stealthy cyberattacks, as well as using AI 
and ML to  generate advanced cyber threats.
Everyone uses AI and ML so why is this an important area to consider? Because 
interests and capabilities of the good s take a 
bgrueyas.c hLeets’ at  organizations with fully delpolooky.ed Security Artificial Intelligence and 
Machine Learned  automation spend less than half on a data breach, than those who 
do not have this automation  in place.
Here is a second consideration. Simply put, the bad guys are using these tools against the
Seceon 2023 Cybersecurity Predictions by Seceon Thought Leadership - 
Seceon
The arrival of the amazing AI-enabled chatbot called ChatGPT last month has been 
wowing the  tech community with their ball caps facing forward, while it is also 
allowing hackers behind  email and text-based phishing attacks (along with 
malware gangs) to speed up the  development of their schemes.
Those who pooh-pooh the under-achieving Open AI chatbot have 1) never spent any 
time with  her, 2) don’t grant slack to a product that has been released in beta 
during only its second  month of field trials with millions of users and 3) ignore the 
billion + VC investment in the space  in the last couple of months even under the 
shadow of the great conman, Samuel Bankman-  Fried’s attempt at billionaire crime.
Here are some early instantiations of high noteworthiness:
Several serious cybersecurity researchers have been able to get the ChatGPT to 
write really  good phishing emails and malicious code for them in the last 30 days, 
mirroring what the  Malware mafia were getting good at – incorporating plausible 
humanlike and undetectable  tactics into their recent attack portfolio.
Researchers at Check Point Research verified that they got a “plausible phishing 
email” from  ChatGPT after directly asking it to “write a phishing email” that comes 
from a “fictional web-  hosting service.”
Abnormal Security tested ChatGPT to write an email “that has a high likelihood of 
getting the  recipient to click on a link.”
On the question of liability, OpenAI has implemented a few content moderation 
warnings into  the chatbot, ones that researchers are finding easy to side-step and 
avoid penalties.  Remember, this is a beta release 1.0 on the market under intense 
conditions for 45 days.
For those who do not take ChatGPT seriously, we say this: Organizations are already 
struggling  to fend off the most basic of attacks — including those in which hackers 
use a stolen or leaked  password to log in to accounts – would be hard-pressed to 
stave off costly breaches using  simple AI capabilities.
2023 Seceon Prediction Three: The Role of the CISO is Harder and More Dangerous  
Than Ever Before
Four years ago, the threat landscape was such that a CISO could get the job of 
asset  protection done by twisting a few knobs and turning some dials. It could have 
been argued at  that time that CISOs should report to the CEO, not because the job 
was so integral with the rest  of a company’s functions, but because there could be 
clear and direct communication between  the one person able to assess the technical 
threat and operational risk, and the one person
responsible for the business outcome.
Seceon 2023 Cybersecurity Predictions by Seceon Thought Leadership - 
Seceon
Today, I argue that the CISO should still report to the CEO, but for entirely different 
reasons. In  just four years, the threat landscape has evolved into impossible 
complexity with amazingly  smart adversaries launching continual attacks with new 
and hideously polymorphic vectors with  multiple business units pushing digital 
transformation programs regardless of the cost of  security and protection.
Today, the job of asset protection and threat defense is not only integral to the 
company’s  business functions, but most of those functions could not exist without 
it.
No one at the C-suite or Board level understands this however, because even today, 
very few  senior executives take the time to understand the issues, risks and 
vulnerabilities around  Cybersecurity and most CISO’s and CIO’s do not explain them 
well and in business terms. To  make matters worse, very few if any understand the 
actual liabilities and fiduciary care  requirements of their role.
If you did a random poll, I think most would say today’s threats are very 
sophisticated and  therefore difficult to prevent. The truth is that the bulk of today’s 
attacks cannot be categorized  as sophisticated at all. The reason we are attacked 
so successfully and so often is we continue  to maintain poor hygiene which leads to 
unpatched known vulnerabilities, misconfigured  containers, unsecured DNS and 
APIs exposed to the Internet. In addition, our development  rigor is sloppy. We 
build code without knowledge of the transitive dependencies inherent in the  open-
source libraries, APIs, and software we incorporate into our agile pushes.
Today, we don’t design code with security at the beginning. We often don’t design 
code with  security at all. But, it seems the Board and C-suite want to believe 
that we are attacked  because we are being outsmarted by our adversaries. While 
we are occasionally, sophisticated  attacks are rare.
Until the CISO role is perceived as peer, the rest of the C-suite will continue to think 
o20f 2s3e cSuercietyo n f oPlrkesd iacsti othne F doeurra Cnygbeedrs deecpuarirttym peronfte ossf inoon aalsn dw icllo snetien aune  itnoc rigeansoerde   them.
emphasis on active, real-time security monitoring and analytics.
If you are a business with a traditional insurance carrier, there is a fair chance 
you’re not getting  renewed. You’ll need to understand your ‘residual’ risk since you 
may not be able to get cyber  insurance. And the price is certainly going up, on 
average by up to 20% what you paid  previously, if your program is proven to be in 
order and working well.
Recent research reports that hundreds of millions of attempted cyberattacks 
that occurred  every day throughout 2022 show that malware increased by 
358% overall as compared with  2021 with no end to the rise in sight.
Seceon 2023 Cybersecurity Predictions by Seceon Thought Leadership - 
Seceon
76% of IT Professionals believe a successful attack against their firm is imminent, 
deepening  pessimism, precipitated by steep rises in remote work, BYOD, 3rd party 
risk, insider error, and  stepping into the cloud without knowing how to defend it. 
Cyber insurers have taken notice and  are placing demands on the industry to have 
continuous security monitoring and the ability to  mitigate or remediate threats, 
every minute, every day.
It is no longer acceptable to have nearly 80% of senior IT leaders believing their 
organizations  lack sufficient protection against cyberattacks as they did in 2021. 
With cyber incidents on the  rise, here’s what to expect and what you can do to best 
position your organization when  shopping for cyber policies.
Do you have a mitigation and remediation cyber capability for these top 10 Risks?
Vendor Risk 
Management  Access 
Control
System Security 
Plan  Contingency 
Planning  
Employee 
Mitigation  Data 
Classification
Logging and Monitoring  
Incident Response 
Planning  Configuration 
Management  
Cybersecurity 
Governance
Do you have the right technologies in your top actions list such as multi-factor 
authentication  (MFA), encryption, vulnerability management and security event 
management?
Have you developed a skilled Security Operations function?
Have you focused on emerging and special challenges like IoT?
Key points about incidents we’ve handled in 2022 – it isn’t just ransomware (but as 
we pointed  out at the top, that’s the headline) – but how do we fall victim? We hear 
a lot about the end  result but, unfortunately, our experience is we are hearing 
less about why it happened – and  this is the critical point. What do you need to do 
to not fall victim?
Interesting point: phishing has trended down (from around 50%) to 30% – it’s 
becoming easier  to exploit vulnerabilities now, than it was in the past. What does 
this tell us?
First thing is to not get tunnel vision – you still need a comprehensive cybersecurity 
program  (many orgs focus on just phishing!)
Vulnerability Management is still a huge problem, as are weak passwords, poor 
security  controls, and employee training, and mobile device security. Having 
an Incident Response  capability is a must-have but so are pre-determined 
policies and procedures to accelerate
Seceon 2023 Cybersecurity Predictions by Seceon Thought Leadership - 
Seceon
recovery from ransomware and other attacks along with a set of playbooks to 
mitigate or  remediate (these two terms are not the same, mitigate buys you time, 
remediate stops the  aberrant action).
Other “smart” actions:
Invest in modern malware detection and cyberthreat hunting
Have analytics than can determine whether any data was compromised or leaked
Seek out automation and autonomous response capabilities to work more 
cohesively and  comprehensively with fewer resources.
Visibility is key. Log as much as you can, and have data visualization tools to 
mine key  metrics and gain context.
Insurers in some high-risk sectors are reducing their exposure by reducing 
coverage limits or  reducing coverages, and placing lower limits on ransomware 
payouts. Some of the industries  where insurers have reduced their exposures 
include health care and education.
Some insurers have been reducing their cyber risk exposure by adding more 
restrictive policy  terms and including additional exclusions to their cyber and non-
cyber policies.
Every company will face cyber risk in 2023, no matter its size. The more diverse you 
are, the  more areas of vulnerability you have so the ramifications are serious. You 
must take a digital  asset approach to cybersecurity in our digitalized world. Seceon 
is here to help.
As we welcome you to 2023 we want to be sure to thank everyone that is working 
hard to make  cybersecurity effective and valuable, something that is respected. 
This is hard work and we  certainly never expect anyone to do it alone. 
Cybersecurity is about people as much as it is  about business, and we value each 
and every one of you. We’re looking forward to working  with many of you during 
2023 and doing our very best to ensure we’re all prepared and  protected from all 
that is and what is to come.
Address - 238 Littleton Road Suite #206 
Westford, MA 01886
Phone no - +1 (978)-923-0040 
Email Id - [email protected]
Website - https://www.seceon.com/