When an offense shifts, the defense must shift along with it. In the early years of cyberthreats, all you needed was a sturdy wall. Now, it seems, you need a bigger wall, more alerts, extended visibility, and more people to manage operations. According to the Gartner® Hype Cycle™ for Security Operations, 2022: "Organizations need to support a complex and sometimes competing array of approaches to security, while also supporting the growth of the organization via traditional IT infrastructure deployments, cloud-based deployments and hybrid approaches."
Budgeting and security risk planning go hand in hand, which is why we asked our security experts to offer their thoughts on emerging trends and technology considerations for 2023 and beyond.
Security Leaders Must Adapt to Change
It's no secret that attackers are becoming more sophisticated, but that doesn't mean everyone believes it. In an ExtraHop survey of IT decision makers, 77% or respondents remain confident in their ability to mitigate threats, yet 64% also claim that half of reported data breaches are due to outdated security postures. As ExtraHop Senior Principal Data Scientist Edward Wu explains, it's critical to know your attack vectors and how security leaders might rethink defense spending when they're securing budget:
Spending on perimeter network defense still outpaces spending on post-defense strategies. The consequence of this imbalance in spending is that attackers are finding very easy ways to bypass all these network defense tools and, once inside the environment, they have their run of the place. The current network defense spending trend is based on an assumption of how attackers attack, and that assumption is outdated. In 2023, organizations will need to adapt to these changes and shift their spending allocation to combat today's attack methodology.
Attacks on vulnerable infrastructure also continue to escalate, especially among healthcare IoT and educational organizations. Karl Werner, Area Vice President in Germany, expects to see more executives weighing in on preventative measures:
As high-profile attacks grip the news cycle, security is no longer exclusively the "headache" of the IT department. It's everyone's problem. The C-suite is taking note of the impact ransomware attacks could have on their operations and reputation. Top executives across Germany understand that an attack today could potentially ruin the company.
Companies Will Embrace XDR and Integrated Partnerships
High-fidelity integrations will also play a key role in the fight for data protection. Combining resources also helps alleviate friction and allows teams to share valuable information. Karl Werner sees this trend shifting from nice to have into a business priority:
Integration is crucial to today's enterprise security landscape. Most businesses do not value silos or standalone solutions that make it harder to solve their business challenges around today's complex threats. They prefer solutions that integrate seamlessly into existing IT infrastructure. From a network monitoring perspective, many businesses are now very interested in combining NDR with EDR and SIEM to form more powerful solutions that combine context and action.
Of the many integration solutions out there, extended detection and response (XDR) has been at the forefront of many conversations revolving around security measures. This strategy continues to grow in popularity as we come to understand its true potential, as VP of Sales Engineering in EMEA John Titmus explains:
The promise of XDR is clear: Contextualized, coordinated data helps teams streamline, prioritize, and automate work. However, the roadmap to actually get there continues to be a challenge for organizations. In 2023, we will see more vendors embracing open frameworks to assist in the actual implementation of XDR that works for each bespoke organization. The cybersecurity industry has struggled with a one-size-fits-all approach to XDR so 2023 will bring about more integrations, options and, hopefully, adoption.
One approach to XDR is managed detection and response (MDR), which merges SIEM, endpoint data security, and network visibility into a single platform. John Titmus also expects this implementation to continue as we face more advanced cybersecurity threats:
More businesses are leaning on MDR providers to enable XDR as it ensures they get the best-retained talent to monitor their networks on a daily basis. XDR is complex, with huge amounts of data analysis needed, that specialist talent is critical. However, most organizations hire generalists, which can lead to a "jack of all trades, master of none" situation. By embracing MDR, businesses can rest assured that they are dealing with experts in specific clouds, NPM, and incident response.
As Cybersecurity Budgets Tighten, Spend will Remain Critical
After talking about security planning, the next conversation will almost certainly be about cybersecurity spending and what solutions will provide the best ROI. As ExtraHop Vice President of APAC Ken Chen warns, the cost of getting hit by an attack without the proper defense could be even more costly:
It seems like a global recession is imminent. As priorities shift, it is possible that gaps in the cybersecurity framework will be left open. Budget, staffing or capacity issues may leave businesses at risk or under-prepared for a cyberattack. The downtime and potential loss in revenue from a cyberattack could be detrimental to many businesses who are already feeling the impact of a strained economy. Depending on the type of company impacted (manufacturing or supply chain), the financial implications could trickle down to other entities affiliated.
While the global economy's future is uncertain, Ken remains hopeful that 2023 security budget allocations will hold steady, if not increase:
Securing budget for comprehensive IT and cybersecurity initiatives has been challenging in the past—even in a thriving economic environment. In 2023, we may continue to slip deeper into a global economic recession, but for various reasons (geopolitical and digital transformation), I believe cybersecurity budgets will grow. Security will be a top priority for CIOs in 2023 and the spend will remain resilient despite a tougher macro environment.