What to expect from cybersecurity in Brazil and the world in 2023?

7 cybersecurity predictions for 2023

Prevention and immediate response to cyber attacks should be the watchwords in the sector in 2023. Faced with increasingly globalized and, above all, targeted threats, Brazil must increasingly insert itself on the world stage as a constant target, with companies from different sectors becoming highly targeted by criminals.

  • 10 years later, the concept of zero trust remains more important than ever
  • Security shouldn’t be about fear, it’s about hope, says Microsoft executive

This movement accompanies an absolute proliferation of Internet of Things devices, increasing the surface of threats, and the need for constant availability. Spending hours, days and weeks offline during a recovery shouldn’t be a big deal, with defense and resilience measures being applied so that the response is quick and protection is greater.

“Smart devices tend to have fewer security controls and remain easy targets”, points out Raphael Tedesco, manager of alliances in Latin America at the cybersecurity company NSFOCUS. In his view, the development of applications and the massive use of connected devices continues as a trend and also a potential risk.

Meanwhile, the specialist’s forecast for the current year is an increase in targeted phishing attacks, carried out directly against Brazilian corporations and organizations. Hot topics and clickbaits will continue to be used as bait, in addition to the use of characteristic language, documents and brands of the industries to be affected, requiring even more attention from workers to identify social engineering scams.

Meanwhile, denial-of-service attacks can creep in as a distraction. “One of the most used attacks in the world is also widely used to mask vectors of other types of threat”, points out Tedesco. For him, segments such as health, education, government, service providers, telecommunications and financial institutions should be the most affected, while social networks, where most Brazilians are present, should also be a target.

Threat increases, investment too

To deal with a much more complex and dangerous scenario, the expectation is for an annual growth of 8.9% in the global digital security market. Growth should also be reflected in Brazil, with companies seeing this as a priority and making more investments in cloud protection systems, incident response and recovery.

The NSFOCUS executive also points to an increasing trend in the creation of cybernetic councils in organizations, with qualified professionals focused on leading the allocation of resources. “Information security is a sector in constant evolution, both on the part of criminals, who continue to evolve their tactics, and on the part of companies, increasingly aware of the dangers that surround them”, completes Tedesco.

Human failures and regulations

National threat trends are in direct dialogue with global projections, which place the use of zero trust systems and artificial intelligence as the main allies of digital security. This is because, when we talk about human labor, there is still a high rate of effectiveness in attacks that machines, it is hoped, would be able to avoid.

Figures from the US operator Verizon point to errors by employees and end users as the causes of 82% of security breaches. In a post-vaccine environment, with hybrid working and devices operating outside the security domains of offices, zero trust systems in the cloud become essential as a gateway that keeps intruders out, while allowing access to those who deserve it.

Between personal devices being used in everyday corporate life and different levels of security on platforms that need to be available at all times, a survey by Skyhigh Security points to the need for protection systems that are integrated and built from the ground up with security in mind. It is no longer possible to choose different suppliers and believe in varied proposals, especially in the face of ever-increasing threats.

The need for greater monitoring also accompanies a legal basis, in which global regulatory measures increasingly hold companies accountable for breaches that jeopardize customer privacy. The expectation is that, by the end of next year, 75% of the world’s citizens will be covered by some type of regulation related to the protection of information, which makes defense against cyber attacks even more important.

Segmentation, identification and resilience are the terms cited by Skyhigh in its report, while the search for the balance between finances and the need for investment must remain a challenge for technology leaders around the world. One thing, however, is certain: the traditional does not work anymore and, above more protection measures and systems, a change of thinking is needed.