Cybersecurity Predictions for 2023: Thoughts from Abnormal's CISO

Learn how validating your tools, ensuring ROI, and extracting the optimal benefits from your investment can help protect you from cyberattacks in 2023.
December 19, 2022

The new year is fast-approaching, and a glance at the headlines reveals that economists are predicting a rather lean 2023. Concerns about an impending recession engender feelings of fear, uncertainty, and doubt—all of which cybercriminals can exploit in social engineering attacks. And while never celebrated under any circumstances, in such an environment, security risks are about as welcome as ants at a picnic.

Yet threat actors are already on the march.

For those of us who are hungry for growth, revenue, and security in 2023, these adversaries are well worth identifying. Knowing how to detect and divert them from our organizations is essential for preventing costly consequences.

It’s been said, “A preemptive mindset is always more efficient than a reactive one.” Nevertheless, for every successful attack, there is still plenty of repair and reinforcement available.

In this article, we’ll propose solutions that can help heal and protect you from future attacks by validating your tools, ensuring ROI, and extracting the optimal benefits from your investment.

The Usual Suspects Will Return in 2023, Have No Doubt

Modern email attacks are considerably more sophisticated than the poorly-worded phishing emails and obviously malicious links from years past. And socially-engineered attacks are undeniably ticking upward. Nearly every day, employees fall victim to credential phishing and business email compromise (BEC) attacks that lure them into revealing proprietary and sensitive information, often incurring significant and unrecoverable financial losses.

Microsoft also reports a “disturbing rise” in nation-state attack activity. The tragic war in Ukraine has opened up fresh vulnerabilities to Russian targeting and disruption, as well as aggressive espionage activity toward Ukraine’s allies—including the U.S.

Interestingly, Ukraine’s decision to migrate government and critical services to the cloud has fortified its resilience to resist and recover from these incursions. That speaks to the rapid improvement in cloud security.

Further, thinking preemptively means that you should stay on the lookout for threat campaigns from unexpected origins. Ransomware is particularly ferocious, tenacious, and lucrative; Iranian sources have been executing these attacks blatantly, according to Microsoft.

Workplace Cybercrime for Profit

Prescriptive vigilance recommends digging deeper into areas beyond email.

In my experience, we have to be on constant watch for misconfigured SaaS. Those misconfigurations may be responsible for up to 63% of security incidents, says a recent survey by the Cloud Security Alliance (CSA). Do you have too many departments with access to SaaS security settings? (Yes, 35% is too many, scolds TechBeacon).

Also, lack of visibility into setting changes opens the door to prowlers. A whopping 43% of organizations have dealt with one or more SaaS misconfiguration incidents, so you’re not alone.

With attackers becoming more ingenious and destructive by the hour, you can expect them to pivot to and exploit familiar collaboration tools like Teams, Slack, and GitHub to extract sensitive information. Remote and hybrid workforces rely on these communication vessels to carry out their workflow, meaning a breach can deliver a brow-furrowing headache!

Such vulnerability underscores the need to explore beyond initial authentication vectors to truly identify and detect lurking risks, bad actors, and malicious activity. Only machine learning and behavioral data science as part of an integrated security platform can protect your organization.

Protect Your Organization in 2023—and Beyond

Here at Abnormal, we sharpen and hone your defenses against the entire spectrum of email-borne attacks, helping you build a security posture that deploys the power of AI to mitigate new and emerging threats. You may not be able to change the threat landscape or economic trends, but you can automate the protection of your email and get back to focusing on the work at hand rather than battling uninvited hordes.

See for yourself how Abnormal blocks email attacks before they can reach employee inboxes. Request a demo today.

Cybersecurity Predictions for 2023: Thoughts from Abnormal's CISO

See Abnormal in Action

Schedule a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.


See the Abnormal Solution to the Email Security Problem

Protect your organization from the full spectrum of email attacks with Abnormal.

See a Demo
Integrates Insights Reporting 09 08 22

Related Posts

BC 5 31 23 Vendor Risks
Learn the biggest risks associated with your vendor relationships and how to protect your organization from Vendor Email Compromise (VEC) attacks.
Read More
B 5 30 23 Teams
See how Abnormal's advanced security solutions protect Microsoft Teams workspace from malicious attacks and account takeovers.
Read More
Zoom BC
Discover how Abnormal protects your Zoom messages and prevents attackers from using the application to breach your business.
Read More
B 5 22 23 SOC
Discover how Abnormal simplifies detection, enhances investigation, and automates remediation, increasing threat investigation efficacy at the SOC level.
Read More
B Phishing
Knowing what to do after receiving a phishing attack is essential for preventing costly consequences. Learn how to respond to Phishing attacks.
Read More
B 5 15 23 Israel BEC
Abnormal research into an advanced Israel-based threat group puts a spotlight on the continuing rise of BEC attacks.
Read More