Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Cybersecurity Snapshot: Six Predictions from Tenable for 2023

Cybersecurity Snapshot: Six 2023 Predictions from Tenable

As 2022 draws to a close, we asked Tenable experts what they expect for the new year. After reading the tea leaves, they’re forecasting developments in extortion attacks, OT security, SaaS threats, metaverse risks and more!

Dive into these six predictions for 2023 from Tenable experts.

1 - Expect a surge in extortion attacks

Security teams should brace themselves for an intensification of extortion attacks. In the past year, these attacks have gained popularity among cybercriminals, because they’re effective and simpler to carry out than the data-encryption attacks that characterize ransomware. 

Expect a surge in extortion attacks in 2023

Witnessing the success groups like the Lapsus$ gang have had with extortion attacks, attackers are eagerly mimicking their tactics. In 2023, CISOs must be ready to weather a stronger storm of extortion attacks.

For more information about extortion attacks:

2 – OT security will dodge budget cuts 

Companies will look closely at their IT cybersecurity spending plans for the new year, as difficult macroeconomic conditions persist. However, they will prioritize securing their critical operational technology (OT) systems and increase spending there accordingly. 

Operational technology security will dodge budget cuts in 2023
CISOs and their fellow C-level executives, as well as boards of directors, have seen the consequences of high profile cyberattacks against critical infrastructure targets. They understand that the risk to OT is higher and that skimping on OT security would be a bad move.

Check out these Tenable blogs to learn more about OT security:

3 – A SaaS vendor will get hacked

As adoption of software-as-a-service (SaaS) applications continues to grow, it offers an increasingly attractive target for attackers, given the shared responsibility model and limited monitoring capabilities. In 2023, this will lead to a significant, headline-grabbing breach of a SaaS provider, and the incident will put SaaS security and software supply chain risk in the spotlight.

A SaaS vendor will suffer a headline-grabbing breach in 2023This prediction serves as a reminder of how important it is for organizations to thoroughly assess the cybersecurity preparedness of prospective SaaS vendors. It’s true that doing this due diligence – a process formally known as vendor risk management – won’t guarantee that all the SaaS vendors you choose will never get breached. 

However, it will reduce your risk, because SaaS vendors that follow solid security and compliance practices are less likely to become victims. Organizations also should take precautions and have a business continuity / disaster recovery plan in case one of their SaaS vendors gets breached.

Check out these articles to learn more about managing the risk from SaaS vendors, as well as about proactively planning in case they get hacked or suffer a major outage, potentially impacting your operations and data:

4 – Nation-state attackers will target cloud MSPs 

Companies are increasingly using cloud managed service providers (MSPs) to more quickly and conveniently expand their cloud use, a trend malicious nation-state actors will try to capitalize on. Working on behalf of governments, these attackers will try to breach these service providers and their key customers to carry out geopolitical sabotage, spread misinformation, steal intellectual property, compromise critical infrastructure and more.


Nation-state attackers will target managed cloud providers in 2023

Here again we have a prediction that speaks to the importance of doing due diligence in assessing the strength of a prospective vendor’s cybersecurity processes and infrastructure – in this case, cloud MSPs specifically, given the increased likelihood that nation-state attackers will go after them more aggressively.

For more information about this topic:

5 – Fools rush in: Many orgs will overlook metaverse security

Businesses are hurrying to set up shop in the metaverse, but as often happens with emerging technology adoption, many organizations will treat cybersecurity as an afterthought, leaving them exposed and vulnerable to a variety of novel and existing cyber risks. 

In fact, we recently got a concrete snapshot of how these two factors – eager metaverse adoption coupled with cybersecurity unpreparedness – are already at play from Tenable’s “Measure Twice, Cut Once: Meta-curious Organizations Relay Cybersecurity Concerns Even as They Plunge Into Virtual Worlds” report. 

Many orgs will overlook metaverse security in 2023

Based on a survey of 1,500 IT, cybersecurity and DevOps pros in Australia, the U.K. and U.S., the study found that 81% of organizations have either already launched offerings in the metaverse or plan to do so within the next year. But less than half feel very confident about curbing threats in these virtual worlds.

A good first step to ensure your organization’s metaverse strategy has a solid cybersecurity foundation is to download the 18-page report, view an infographic and read a blog about it. You can also check out these articles about the topic:

6 – Economic turbulence will fuel cryptocurrency scams

And last but not least, Tenable predicts that, as people’s worries about global economic conditions deepen, scammers will double down on get-rich-quick schemes, aggressively peddling fake cryptocurrency investments on social media platforms and online dating services.

Cryptocurrency scams will thrive in gloomy economic conditions

So as we march into 2023, please don’t become a victim of a crypto scam. Here’s more information about this topic that can help you reduce your risk:

Related Articles

Are You Vulnerable to the Latest Exploits?

Enter your email to receive the latest cyber exposure alerts in your inbox.

tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable.io Vulnerability Management trial also includes Tenable Lumin, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

tenable.io BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable.io Vulnerability Management trial also includes Tenable Lumin, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

Tenable.io BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now

Try Tenable.io Web Application Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web Application Scanning trial also includes Tenable.io Vulnerability Management, Tenable Lumin and Tenable.cs Cloud Security.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable.io Container Security

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Try Tenable Lumin

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable.io Vulnerability Management, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable.cs

Enjoy full access to detect and fix cloud infrastructure misconfigurations and view runtime vulnerabilities. Sign up for your free trial now.

Your Tenable.cs Cloud Security trial also includes Tenable.io Vulnerability Management, Tenable Lumin and Tenable.io Web Application Scanning.

Contact a Sales Rep to Buy Tenable.cs

Contact a Sales Representative to learn more about Tenable.cs Cloud Security and see how easy it is to onboard your cloud accounts and get visibility into both cloud misconfigurations and vulnerabilities within minutes.

Try Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Promotional pricing extended until February 28th.
Buy a multi-year license and save more.

Add Support and Training